The fight for internet freedom, privacy and net neutrality has been a rough one. Over the past couple of years we have watched as a parade of laws have trotted past us. SOPA, PIPA, CISPA, and more have all shown us one certain thing; the powers that be have little to no regard for individual freedoms, free speech or the impact of restrictive laws on innovation, technology and the economy as a whole. However there was an underlying trend to these laws that disturbed us and many other privacy and right groups out there. The trend was a general trammeling of the right to free speech when it comes to any online sources; some would even say any source that had an opposing view point. Even the right to have protected sources was slowly being removed if you were an independent blogger (citizen journalist) and this effort is now being expanded.
Over the last couple of weeks the new has been flooded with articles about the US Government’s surveillance program called PRISM. It is possibly one of the largest invasions of privacy that has been leaked to the general public. What makes this program all the more concerning is that the NSA appears to have cooperation from each of the companies involved. This apparent breach of consumer trust has caused quite a stir and almost all of the companies that were shown in the leaked power point about PRISM have released statements claiming they only cooperate within the limits of the law. This raises an interesting question though; if a broad request is approved by the Foreign Intelligence Surveillance Court wouldn’t a company be within the law to grant access?
The FBI and a few other groups would like to put a law in place which would allow them to fine companies that refuse to hand over information regardless of the reasons for not choosing to do so. This plan is part of an increasing effort to force companies to share user information with the government. On the surface the idea looks pretty straight forward. Law Enforcement and other Government Agencies want to be able to track down people that might be using the internet and internet communication services to commit crimes. Sounds legit right?
Microsoft has embarked on a campaign claiming that they are concerned about your privacy on the internet. The campaign is a direct attack at Google who does not have the best track record when it comes to protecting people’s privacy. In fact Google is currently under investigation for establishing policies that violate EU privacy laws. Microsoft is taking advantage of commotion around Google’s privacy problems to try and bring people over to their side. This move, when looked at is as interesting as it is funny.
As we wrote earlier today the Cyber Intelligence Sharing and Protection Act has passed through the US House of Representatives. This is not an act that anyone, other than the corporations that lobbied for it, wants. CISPA brings nothing to the table that agencies already do not have, or cannot get with the right requests to the courts. Instead it removes many (almost all) individual rights and turns your private data into a commodity that can be passed around without any legal recourse.
Over the last few years we have been covering the way that many governments (and corporations) are scrambling to put limitations, controls and other items on the internet. Some of these laws are obvious in their scope like PIPA, SOPA and even CISPA. There is no doubt what these laws are truly intended to accomplish despite the many attempts to paint them as being to protect jobs and national security. However there are other laws that are not as clear and have been passed under the pretense of protecting intellectual property only to be used for other purposes. One of these is the laudable sounding Computer Fraud and Abuse Act.
Remember the news we brought you about the FBI and other law enforcement agencies wanting more power to dig into your electronic communication? Well we have been forwarded an interesting follow on article today that looks like an opening shot in the campaign to get laws passed to extend these powers. The article was published on cnet and raises concerns about what our government is willing to do to get their way and require ISPs to put in real-time monitoring hardware and systems. These systems could potentially allow for broad harvesting of electronic communication without the need for a warrant (if CISPA and other bills are passed as well).
When I was a little kid I used to watch the cop and spy shows on TV. They were always full of exciting exploits where the good guys always triumphed over the bad buys without ever impugning on their morals. As I grew older the shows started turning more and more dark. The good guy still won, but they were more in the mold of anti-heroes than the white hats I watched a few years ago. The idea of doing morally questionable things in the name of good became more and more popular. Even in books this theme was growing, two one of my favorite fictional characters were very much unethical (yet in some ways moral), one was a criminal, The Stainless Steel Rat, and the other was Elric of Melnibone’ who helped sack his own kingdom to get his Fiancé (there is more to the stories if you want to read them). Now TV and movies are full of this type of “hero” we see them in real life, people who break the law in the name of good. One of the biggest examples of this is the collective known as Anonymous.
An important step for privacy on the internet and actually people’s general right to privacy happened yesterday. Most of us have heard the rumblings of the CISPA (Cyber Intelligence Sharing and Protection Act) and also the Executive Order signed by the US president that allows law enforcement to simply ask for user information. These laws also remove the right to privacy and in some cases the right to anonymity from the public on the internet. What many might not know is that a limited form of these acts has been in effect for some time inside the infamous Patriot Act.
Over the past year or two we have watched as companies like Microsoft, Crytek, Ubisoft and others push their business model into the cloud. At the same time we have watched as the number of cyber-attacks and data breaches increase. These attacks have also increased in sophistication and in some cases have not been detected until after the breach has been made and data lost. Still companies try to make the claim that their services, out of all of the others, are secure. Simply put (as we have always said) there is no such thing as a secure service, operating system, network or anything else. If it is connected or even powered on it is in danger.