[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FYI] (Fwd) FC: White House plans to propose Total Internet Monitoring plan

------- Forwarded message follows -------
Date sent:      	Fri, 20 Dec 2002 06:36:00 -0500
To:             	politech@politechbot.com
From:           	Declan McCullagh <declan@well.com>
Subject:        	FC: White House plans to propose Total Internet Monitoring plan
Send reply to:  	declan@well.com


From: "Danny Yavuzkurt" <ayavuzk@fas.harvard.edu>
To: <declan@well.com>
Subject: The other shoe drops: White House now proposing centralized
Internet monitoring Date: Fri, 20 Dec 2002 05:03:53 -0500

White House to Propose System for Wide Monitoring of Internet

Aha.. so, we wondered what good TIA will be without good databases,
and with the commercial databases so lacking in accuracy and realtime
data?.. well, according to a report recently finalized by the Critical
Infrastructure Protection Board, called, naturally, "The National
Strategy to Secure Cyberspace," the solution isn't to use just
'existing databases' as IAO was claiming, but creating new, larger
databases out of all the network traffic in the country (along with
the building of a huge national 'network operations center,'
presumably to store the petabytes of data such a system might
conceivably accumulate.. that is, if they're actually going to be
archiving net traffic and datamining it, which I would assume is their

The article doesn't specifically mention IAO or TIA, but it's
transparently obvious to me that the Bush administration knows exactly
what's going on with DARPA and IAO, are probably actively sponsoring
them, and intends to make it easier than ever for them to monitor and
store surveillance data on everyone who uses the internet, in addition
to all the other databases they'd have centralized archives of.. I'm
betting that unless there's a large-scale public outcry against this
kind of large-scale government intrusion, we'll see *all* ISPs (except
possibly for BBSes, etc, which would of course still be monitored
through the phone companies..) forced to register, keep records, and
install government surveillance equipment - so, in effect, there could
soon be no privacy from the government's prying eyes for any
unencrypted data on the net, warrant or not..

In fact, I see in all of these 'security' proposals not a genuine
interest in protecting the citizenry from harm, but instead a massive
power grab by the executive branch, pushing the courts (which will no
longer be consulted for warrants, apparently, except possibly as a
symbolic gesture), and of course the legislature (which is *supposed*
to handle any new laws and regulations, *especially* those which
clearly violate guidelines set by past laws), to the sidelines.  It
seems the "Patriot" act has in effect authorized the president and his
henchmen to do whatever they want, whenever they want, and wave the
flag of 'national security' and 'the war on terror' whenever anyone
questions them, dooming anyone who dares make a peep to political
suicide - whenever we turn on the TV, what's the first opinion the
media seeks on *any* new political or legal issue?.. Bush's.  They've
set the guy on a pedestal where he apparently decides the fate of
every government employee, from the peons to the Senators (like Lott,
who seems to be breathing easier now that the White House has said it
won't press for his resignation.. as if the White House had any
authority to fire members of the Senate!.. not that he's a good
senator, but the implied authority of the Presidency is starting to
smack of monarchy..)

Anyway, until we mortals are permitted to see the full report
ourselves (long after the government makes its decision on it, of
course, that's always the way it is.. you only know after it already
applies to you..), we can only go on what these unnamed sources say of
what they've seen of the report.. and it already doesn't look good..
sure, they say in the article that the proposal is only meant to gauge
the 'overall' state of the network.. there's nothing to stop them from
using these potential uber-Carnivore boxes to scan whatever they want,
down to the packet level.. encryption may become a necessity, soon..
until it's outlawed, of course, or keys are legally required to be
'registered' with the government.. little by little, they slip the
thin end of the crowbar in the door of freedom, always claiming
they'll stop after just a little more.. but once they've wedged it in
there far enough, there'll be nothing to stop them from breaking it


Article text follows:

December 20, 2002
White House to Propose System for Wide Monitoring of Internet

The Bush administration is planning to propose requiring Internet
service providers to help build a centralized system to enable broad
monitoring of the Internet and, potentially, surveillance of its

The proposal is part of a final version of a report, "The National
Strategy to Secure Cyberspace," set for release early next year,
according to several people who have been briefed on the report. It is
a component of the effort to increase national security after the
Sept. 11 attacks.

The President's Critical Infrastructure Protection Board is preparing
the report, and it is intended to create public and private
cooperation to regulate and defend the national computer networks, not
only from everyday hazards like viruses but also from terrorist
attack. Ultimately the report is intended to provide an Internet
strategy for the new Department of Homeland Security. Such a proposal,
which would be subject to Congressional and regulatory approval, would
be a technical challenge because the Internet has thousands of
independent service providers, from garage operations to giant
corporations like American Online, AT&T, Microsoftand Worldcom.

The report does not detail specific operational requirements,
locations for the centralized system or costs, people who were briefed
on the document said. While the proposal is meant to gauge the overall
state of the worldwide network, some officials of Internet companies
who have been briefed on the proposal say they worry that such a
system could be used to cross the indistinct border between broad
monitoring and wiretap.

Stewart Baker, a Washington lawyer who represents some of the nation's
largest Internet providers, said, "Internet service providers are
concerned about the privacy implications of this as well as
liability," since providing access to live feeds of network activity
could be interpreted as a wiretap or as the "pen register" and "trap
and trace" systems used on phones without a judicial order. Mr. Baker
said the issue would need to be resolved before the proposal could
move forward.

Tiffany Olson, the deputy chief of staff for the President's Critical
Infrastructure Protection Board, said yesterday that the proposal,
which includes a national network operations center, was still in
flux. She said the proposed methods did not necessarily require
gathering data that would allow monitoring at an individual user

But the need for a large-scale operations center is real, Ms. Olson
said, because Internet service providers and security companies and
other online companies only have a view of the part of the Internet
that is under their control.

"We don't have anybody that is able to look at the entire picture,"
she said. "When something is happening, we don't know it's happening
until it's too late." The government report was first released in
draft form in September, and described the monitoring center, but it
suggested it would likely be controlled by industry. The current draft
sets the stage for the government to have a leadership role.

The new proposal is labeled in the report as an "early-warning center"
that the board says is required to offer early detection of
Internet-based attacks as well as defense against viruses and worms.
But Internet service providers argue that its data-monitoring
functions could be used to track the activities of individuals using
the network. An official with a major data services company who has
been briefed on several aspects of the government's plans said it was
hard to see how such capabilities could be provided to government
without the potential for real-time monitoring, even of individuals.

"Part of monitoring the Internet and doing real-time analysis is to be
able to track incidents while they are occurring," the official said.
The official compared the system to Carnivore, the Internet wiretap
system used by the F.B.I., saying: "Am I analogizing this to
Carnivore? Absolutely. But in fact, it's 10 times worse. Carnivore was
working on much smaller feeds and could not scale. This is looking at
the whole Internet." One former federal Internet security official
cautioned against drawing conclusions from the information that is
available so far about the Securing Cyberspace report's conclusions.

Michael Vatis, the founding director of the National Critical
Infrastructure Protection Center and now the director of the Institute
for Security Technology Studies at Dartmouth, said it was common for
proposals to be cast in the worst possible light before anything is
actually known about the technology that will be used or the legal
framework within which it will function. "You get a firestorm created
before anybody knows what, concretely, is being proposed," Mr. Vatis

A technology that is deployed without the proper legal controls "could
be used to violate privacy," he said, and should be considered
carefully. But at the other end of the spectrum of reaction, Mr. Vatis
warned, "You end up without technology that could be very useful to
combat terrorism, information warfare or some other harmful act." 

--- POLITECH -- Declan McCullagh's politics and technology mailing
list You may redistribute this message freely if you include this
notice. To subscribe to Politech:
http://www.politechbot.com/info/subscribe.html This message is
archived at http://www.politechbot.com/ Declan McCullagh's photographs
are at http://www.mccullagh.org/
--- Like Politech? Make a donation here:
http://www.politechbot.com/donate/ Recent CNET News.com articles:

------- End of forwarded message -------

To unsubscribe, e-mail: debate-unsubscribe@lists.fitug.de
For additional commands, e-mail: debate-help@lists.fitug.de