8.3 More privacy issues


    “I’m worried about safeguarding privacy in The Netherlands,” says Samir Elloui, Chairman of the Dutch Pirate Party on the VPRO blog. “We have implemented a dangerous infrastructure in recent years. Developments are ongoing. In a couple of years, people can be followed from the moment they wake up, on the street via CCTV, and in the subway with the Public Transportation Pass. Or, just by following their cellphone. People are hardly aware of this, as are politicians. It is not just about protecting people who download, but also about protecting, for example, whistle-blowers. We have confidentiality of our mail in The Netherlands. Why is this not the case on the Internet? It is no coincidence that many people who are involved with pirate parties work in the information technology sector. I have a background in information security.”

    Since the publication of 250,000 confidential documents from the U.S. government on the website Wikileaks, a discussion has at least been started on how far our tolerance with regard to transparency reaches. In the meantime, all documents are being translated, by bloggers, and through official channels, into Arabic and Chinese. It is strange that the U.S. government is trying to prosecute the people behind Wikileaks, while the free press was seen as the guard of (American) democracy during the Watergate affair. The U.S. government allowed the vice-president of Afghanistan to travel scot-free to the Middle East with $50 million in his suitcase, according to Wikileaks.

    We, the public, give the majority of our data away on the fly. But, a larger and larger portion of the collected data is not shared freely. In the US, the National Security Agency is building a new data collection center. It will contain over 10,000 server racks with a storage capacity of 12 exabytes. I will not even explain to you how massive that is, but it needs a power supply the equivalent of that used to power 75,000 U.S. households per year. The NSA is even checking, under the so-called Patriot Act, all the Internet traffic around the world, with the assistance of Microsoft, Yahoo, Google, Facebook, Paltalk, YouTube, Skype, AOL, Apple, and most of the other “democratic” governments of this world.

    The NSA is capable of collecting 5 billion records a day on the whereabouts of cellphones around the world. Prism, the name of these global spy-programs, and Edward Snowden, the whistle blower, have made the history books. And, after further revelations by Snowden and press investigations, it is almost like James Bond during the Cold War: everybody in the Western World seems to spy on everybody.

    Other countries are no exception. China supposedly has over 2,000,000 Web-watching “monitors,” with special software from Western companies (some from those named above), which are scanning Web traffic for words such as “Taiwan” or “Tibet,” and pornography is not tolerated. Furthermore, the monitors are used “strictly to gather and analyze public opinions on microblog sites and compile reports for decision-makers.” So, be careful about what you say about the government.

    Porn filters were (as of summer 2013) an issue in the UK, but Dutch conservatives would like to install them. Rumor has it that our Dutch (or US?) intelligence community is already illegally tapping all Internet traffic going through the Amsterdam Internet Exchange. Anyhow, since the NSA already tapped the exchange in Brazil (2013), one of the largest in the world, why wouldn’t they do it in Amsterdam?

    The number of telephone taps per capita of the population in The Netherlands is the highest in the world, and our government has a higher-than-usual interest in drones. Trust your civilians?

    I appreciate that countries are trying to protect their citizens. But, where does protection stop and anti-democratic controlling begin?

    “I often hear people say, ‘I have nothing to hide, so why should this Big Brother stuff bother me?’ We underestimate the impact of the data revolution. The risk that the wrong algorithms are used on the wrong questions, will increase strongly the coming years. Our fear should not be Big Brother but The Trial by Kafka: that we are being accused of something without knowing why and on the basis of which information.”
    – From the Dutch Trendspeech.

    The biggest advantages of the Internet – its openness, its global connectivity, and the free flow of information – are at stake. The response of the Brazilian government to the NSA breach of privacy is to force cloud-based companies like Google to set up server farms within Brazilian borders, and to investigate the idea that e-mail shouldn’t be provided by the national telephone companies. The Web could loose its transparent strength if countries are going to ‘border’ it. Iran is working on an “Islamic Internet”; in China, the Web is not open and strongly controlled. Even in The Netherlands, where, in 2002 a law giving our intelligence community more power to access Web traffic was adjusted by parliament due to “privacy issues,” our civil servants presented stubbornly in 2013 the evaluation of this law, pleading for more freedom for the Dutch intelligence community.

    The next step for regimes could be to “prepare” mobile phones before they are sold…and, you and I thought Big Brother was long gone…

    In China, Google was initially willing to cooperate with a certain level of censorship in search results from Chinese computers. Google worked implicitly with the Chinese government. At a later stage, Google went back on the agreement, because the Chinese government allegedly “broke into” Google as a way of thanks:

    “In mid-December (2009), we detected a highly sophisticated and targeted attack on our corporate infrastructure originating from China that resulted in the theft of intellectual property from Google. However, it soon became clear that what at first appeared to be solely a security incident–albeit a significant one–was something quite different. First, this attack was not just on Google. As part of our investigation we have discovered that at least twenty other large companies from a wide range of businesses–including the Internet, finance, technology, media and chemical sectors–have been similarly targeted. We are currently in the process of notifying those companies, and we are also working with the relevant US authorities. Second, we have evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists.”
    – David Drummond, SVP, Google

    There are several active Internet spy networks. Ghostnet is one of them. The Information Warfare Monitor (apparently we need one those!) wrote about Ghostnet in March 2009:
    “GhostNet represents a network of compromised computers ( >1000) resident in high value political, economic, and media locations spread across countries worldwide. Our investigation reveals that GhostNet is capable of taking full control of infected computers, including searching and downloading specific files and covertly operating attached devices including microphones and web cameras. The most obvious explanation, and certainly the one in which the circumstantial evidence would be, that this set of high profile targets has been exploited by the Chinese State…. and many of the high value targets are clearly linked to Chinese foreign and defense policy.”

    Finally there is the Deep Web, the underground world every society appears to have. The best known website here is Silk Road, where users could browse goods anonymously and securely without potential traffic monitoring. It was a marketplace for drugs, rent-a-killer, and more criminal stuff. Payments in this world? The virtual currency Bitcoin was widely used for that purpose.

    Some organizations are still not thinking long-term. The Amsterdam Internet Exchange decided to open up a U.S.-based location. In spite of all the promises, it makes us vulnerable to all kind of U.S. laws, giving institutions like the NSA an open window to European data. Short-term shareholders’ monetary value trumps the interest of other stakeholders. Where have we seen that before?