Homeland Security spies on your social network activity, but is that bad?
Summary: What do you have to hide?
What do you have to hide?
Most of you know that I'm an ardent advocate for personal liberties and individual freedom. You also know that one of the hats I wear is as a cyberwarfare and counter-cyberterrorism advisor to law enforcement and government security officials.
These two aspects of my professional activities are not mutually exclusive.
There is a point at which civil liberties can come in conflict with the protection of the nation. It's this nexus that essentially defines the American security challenge.
This is not new. In 1775, Ben Franklin famously said, "They who can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety."
I love Ben (he's a personal hero), but all is not quite as black-and-white as he made it out to be.
For example, let's say you live in a country hit by devastating terrorist attacks and you're about to run an event that'll have nearly two million people crowding onto the Mall in Washington.
Now, let's say you're swearing in the first black President in a country that still has its share of racist wackos.
That Mall, with those millions of people, would be an ideal target of opportunity for either type of bad guy.
Let's further postulate that you're responsible for protecting not only the incoming President, not only the outgoing President, but all their families, all the dignitaries, and all those regular citizens who came for the occasion.
What do you do? What do you do?
What you do is everything you possibly can to protect your citizens, while not sacrificing their rights. You use the full extent of the law to put in whatever safety precautions you possibly can.
You also try to head off threats ahead of time by doing good, solid, preventative intelligence work.
Social Network Monitoring Center
This bring us to the Department of Homeland Security's Social Network Monitoring Center (SNMC), the subject of a recent Freedom of Information Act (FOIA) request by the Electronic Frontier Foundation.
Now, as most you know, I'm usually the first to cheer for the work of the EFF, but this time I disagree (partially) with their outrage.
As a result of a recent FOIA request, the EFF learned that DHS had set up the SNMC to monitor social networks like Twitter, Facebook, Flickr, and MySpace prior to the inauguration. The purpose of this monitoring and aggregation effort was to find, essentially, indicators that baaaaaad things were going to happen.
Although SNMC had explicitly instructions to not gather personally identifying information, EFF believes that some of the information (like user names) could lead to a connection to individuals.
Here, I agree with the EFF. My Twitter user name is DavidGewirtz. It's not hard to figure out that the user of that account is David Gewirtz. But I chose my user name specifically because I'm broadcasting on Twitter and I want people to know who I am.
The other thing is that publishing on Twitter and Facebook, and all those public-facing social networks is just that: publishing. If you post on Twitter for the world to see, the world might just see it. It's not appropriate to get all up in arms that the government might be cataloging your interests in certain things when you share those interests with everyone.
Seriously, I do not want to know that your briefs are too tight or that you ate Cherios for the third day in a row. But if you post something that says you hate someone in power or want someone dead or otherwise say bad things, it's good that our government is watching.
Unfortunately, the EFF FOIA disclosure isn't as black-and-white as you might think, because SNMC didn't just gather social network information prior to what could be a high-risk scenario.
Unfortunately, the SNMC seems to have a second, perhaps darker, purpose.
The SNMC is also, apparently, gathering information to feed to the Immigration and Naturalization Service and the IRS, to help hunt down tax cheats and "observe the daily life of beneficiaries and petitioners who are suspected of fraudulent activities" when applying for U.S. citizenship.
The EFF is concerned about the implications of these data collection practices and, at least on one level, I can't argue about that concern. But on another level, I disagree with their premise and applaud the added security.
Let's break these two issues apart.
First, we have a scanning process that's looking for indicators of highly destructive activity. In a nation of freedoms, and a nation with 300 million self-directed individuals, it's a really big challenge keeping everyone safe.
If the DHS has a tool that helps them predict (not Minority Report predict, but at least keep an eye out) potential trouble spots, I think that can be a valuable tool for security.
Some time ago, I wrote a piece for Counterterrorism Magazine advising security professionals to do just this: use social networks as a way to track and identify dangerous individuals. After all, if they're posting it publicly, maybe their lack of propriety might help Homeland Security professionals save lives.
Since 9/11 there have been many incidents that you haven't read about because our nation's security professionals were able to prevent them. So, using this tool to provide such added security is good. There are a lot of freaky people out there and we need to do all we can to keep the nation safe.
But here's where the SNMC become problematic. When it's also used to monitor citizens for other possible infractions, it begins to smack of Big Brother. It no longer seems like the long arm of the law wrapping itself around us in a protective hug, but more like something intrusive and potentially threatening.
This is the fine line security professionals and our policy makers have to walk. On one hand, we have a taxpayer-funded tool that can be used to keep us safe. On the other hand, since we have a tool, and it's already been paid for, why not use it for other enforcement efforts?
It's a tough question. Sometimes, I wish ol' Ben was in Washington now.
Homeland Security spies on your social network activity, but is that entirely bad? What do you have to hide? TalkBack below.
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
You see the effect of the slippery slope
RE: Homeland Security spies on your social network activity, but is that bad?
Live with it...
watching you...
RE: Homeland Security spies on your social network activity, but is that bad?
Where are the checks and balances?
Why not create an Auditor General? This would be an office of (in the US) Congress itself (so - not the White House, or the Government) and totally non-partisan. Their job would be to 'audit' compliance with government policies and rules by the agencies. They would have complete access to all records, and would write an annual [b]public[/b] report. They would understand the importance of keeping specific details secret and would generally report on the 'big brush strokes', however they could release details of an infraction if they assessed that the agency was hiding behind the "Classified" tag to avoid embarrassing themselves.
If the agency was flagrantly flouting the rules, then the AG would finger them. If the agency was dealing with badly written government rules, then the AG would point that out. If an agency needed to act quickly to prevent loss of life, and court warrants would have taken too long - the AG could assess that and give their blessings after the act. Or rake them over the coals for sloppy work - whatever is appropriate to the case.
As a non-partisan officer of the people they would not have an agenda to embarrass the government or the agencies for political gain. Their oath is to the people.
Canada has an AG whose work is focussed primarily on the financial aspects of all branches of the federal government, but who also examines department's adherence to policies and rules, and contracts, etc etc
They are not seen as "government friendly", and the opposition loves the annual reports. However, as soon as the opposition turns into the government it is their turn to dread the annual reports. The system works really well, and is one of the factors that makes the Canadian civil service one of the most admired in the world.
It's a system that might translate well to the American system, and specifically to the the security agencies.
RE: Homeland Security spies on your social network activity, but is that bad?
There are several watchdog agencies within the US Government, In Congress, in the Executive Branch, the FBI even has its own internal "Office of Professional Responsibility". Want to know how responsible they are?
"WASHINGTON (AP) ? The former chief internal watchdog at the FBI has pleaded guilty to sexually assaulting a 6-year-old girl and has admitted he had a history of molesting other children before he joined the bureau for a two-decade career."
John H. Conditt Jr., 53, who retired in 2001, was sentenced last Friday to 12 years in prison in Tarrant County court in Fort Worth, after he admitted he molested the daughter of two FBI agents after he retired. He acknowledged molesting at least two other girls before his law enforcement career, his lawyer said. "
Any "watchdog" agency set up within government can become just as corrupt
Why not set up those wathdogs in the private sector, and with partisan parties from all sides? That way, everyone in government jobs would be very leery about everything they do.
Then, we'd need to set up a watchdog agency to watch over the watchdog agency, and so on and so forth. ;)
Let's apply some common sense ....
Now, if my information was password-protected, that would be different. I'd be up in arms if the government was cracking passwords. But, if the information is there for the Russians to read, how can I complain about the US government reading it, too?
Let's take that a bit further...
Each of those acts, by itself, is completely legal and innocent. Put it all together, and it becomes unacceptable - at least in a western democracy. But, that is what the government is proposing. To put a little follower on everything you do. Except in the case of going on-line, you can't just turn around and see your follower..... but it's there, taking notes, reporting back to HQ.
RE: Homeland Security spies on your social network activity, but is that bad?
How about if they simply ASK the service provider for administrative level access to the system and are granted access without a court order as ATT, Version and the like grant them regularly. You "OK" with that?
RE: Homeland Security spies on your social network activity, but is that bad?
RE: Homeland Security spies on your social network activity, but is that bad?
Apparently many here haven't or they have forgotten the core tenets of this nation. ]:)
Incorrect.
You are incorrect! If I post on facebook, I expect ONLY those to whom I have granted visibility to be able to see my postings. Period. Because of the ability to restrict, that is NOT publicly posted information, and there IS expectation of privacy, in a legal sense!!
RE: Homeland Security spies on your social network activity, but is that bad?
I fear the type of people you are.
RE: Homeland Security spies on your social network activity, but is that bad?
RE: Homeland Security spies on your social network activity, but is that bad?
Yes, it is BAD!
Right now the excuse they have is they want to "protect" us from the "BAD GUYS." Sounds real good and is sure to please the sheep. What isn't thought about or mentioned is the fact that the definition of "BAD GUYS" changes and when it does it could become you or me because of our political affiliation, or which church we go to, or what clubs we belong to, or even what kind of sex we have with other consenting adults. Perhaps it might be what movies we choose to watch or what kind of art we create.
It's all so Orwellian bordering on Machiavellian and the only losers are going to be the public.
RE: Homeland Security spies on your social network activity, but is that bad?
RE:Yes, it is BAD!