Hacker News new | past | comments | ask | show | jobs | submit login

Meet Jack. Or what the government could do with all these planes

>Article showing how half of San Francisco gets bombed

This argument can only hold on water by having a complete lack of faith in the rule of law.

The biggest issue I have with this is that this describes a massive , coordinated system to use all this location data in ways that are way outside the legal framework in place by the initial court order from the FISA court.

Stuff that has come out of these leaks have ranged from banal (oh, we listen to the German Chancelor's cell phone? What else is new) to absolutely damning (forcing companies to hand over SSL keys). But even in the most damning cases, all of these happened within the legal frameworks given to them (such as the National Security Letters) and maybe some overzealous law enforcement agents. The illegal incidents can be explained more by incidents outside of how things are "supposed" to work (LOVEINT is probably not sanctioned by the NSA), and a lack of strong implementation of the framework given by the courts.

The narrative has always seemed to be "check out how the NSA is going crazy over here!". But the reality is "check out how all these politicians are voting in these new laws allowing this to take place!"

From the leaks you can even see how the courts are constantly reeling things in, the system is actually working. We hear about old NSA programs that got shut down because of the FISA court's rulings. This is how rule of law works! We vote laws, and people follow them.

To actually come to this, given all we've seen from how courts rule on this issue in general, and the FISA court's rulings, this sort of data sharing would absolutely definitely not be allowed to exist. No judge would agree to this being allowed to be set in place, as it so obviously goes against 4th ammendement in such a program's intent.

Just because the data is at the NSA doesn't mean they can use it however they want, just like how Google would run into some problems if it tried to sell the contents of your e-mails to somebody.

This anger at the NSA should also be directed at the congressmen voting for these laws of large scope in the first place. Hopefully we can get rid of NSLs too. But the NSA is just doing the most it can with the tools we give it (which is what we expect). And rule of law is actually working, we just have some shitty laws.




Lots of people have picked up on your thesis statement : This argument can only hold on water by having a complete lack of faith in the rule of law.

We aren't talking about 'law' here, we're talking about 'people.' That gets lost some times.

Someone with access to these tools might decide the shake down Jack with a bit of blackmail. They might decide to sell union organizing 'alerts' to business. These are not legal but there are many people who work in an organization with these tools available who could justify abusing them.

Consider another hotbed subject which gets argued the other way all the time, gun ownership.

Now we can all agree that someone owning a gun who follows all of the safety precautions, and doesn't wave it about irresponsibly Etc is no threat to society. And yet the argument is put forward that the capability is the threat and people other than the owner may exploit that capability (a thief steals the gun, a spouse grabs it in a fit of rage, Etc.) and that it is "better" to not allow the person to own a gun because the risk of that gun falling into the wrong hands and doing something bad are non-zero enough.

This is the same argument we should make on surveillance technology, which is that the potential for its abuse and damaging the lives of innocent civilians, out weighs the 'benefit' the law enforcement agency gets from having it. There are other ways for the agency to do its job, just as there are other ways for our homeowner to protect their property, that don't require this capability.


Exactly. Consider how often cases of police officers (or even spooks; remember that they coined the term "LOVEINT" for cases of people doing exactly this) abusing their authority to spy on, stalk, and harass the objects of their a̶f̶f̶e̶c̶t̶i̶o̶n̶ obsession have come to light.

Now contemplate how many happen, but don't come to light.

As much as I want to decry TFA for fear-mongering, slippery-sloping, and straw-manning, extant — even rampant — abuses of authority give it ever so slightly too much "plausible" to dismiss out of hand.


>Someone with access to these tools might decide the shake down Jack with a bit of blackmail. They might decide to sell union organizing 'alerts' to business. These are not legal but there are many people who work in an organization with these tools available who could justify abusing them.

The situation described in the article would require coordinating a lot of data together. I have a hard time seeing how individuals could do that properly without the institution noticing (especially considering how "Big Data" it is). It's not just cell data that you need, but also license plate scans, court records, etc. These are all fairly independent things, unlikely to be stored in the same place.

Individuals will try to exploit systems, and we should work hard to avoid things like LOVEINT happening (which shouldn't be hard in itself, but given that Snowden walked off with all those documents, the NSA doesn't seem very skilled in secure storage of documents).

If institutions work hard enough to make sure they're following the rules on document access, then it'll be harder for people to abuse, since each individual block of data is useless in itself. It would be the information equivalent of N keys to launch the nukes. Abuse would be much,much harder if somebody sat down and chmod'd some folders properly (nobody should have access to everything in any system). A plus side (for gov'ts at least), would be that Snowden-class events would be a lot harder to pull off.

Institutions can be built to be a lot harder to corrupt.


>The situation described in the article would require coordinating a lot of data together.

Do you think the federal government cares more about protecting your personal data, or their own top secret data?

Edward Snowden was able to single-handedly pull together reams and reams of data on a cornucopia of the most highly classified top secret projects of our government. He wasn't noticed at all, except for the fact that he outed himself.

Had Edward Snowden actually been a spy working for a foreign government, he probably wouldn't have been caught at all, and would still be working for the government.

>It's not just cell data that you need, but also license plate scans, court records, etc. These are all fairly independent things, unlikely to be stored in the same place.

http://en.wikipedia.org/wiki/Data_fusion is the process of unifying disparate data sources in order to glean information not readily apparent by looking at the sources individually. Guess who is leading the charge in this budding field?

>Institutions can be built to be a lot harder to corrupt.

Once all this information is stored, its value is essentially incalculable. Almost no expense at all will be too high for a foreign government or a multinational corporation to pay for access to it - it is too profound a leg up on Bob the competitor, Joe the union organizer, and Sally the investigative reporter. The act of collecting and storing the information is, itself, opening Pandora's box.


This argument can only hold on water by having a complete lack of faith in the rule of law.

A lack of faith pretty well justified at this point.

I appreciate the annoyance at "oh noes teh NSA!", but this article exactly points out the problem: local, not state or federal, authorities are where this will be an issue.

Everyone is busy hopping on the "fuck the NSA" bus, and that conveniently draws fire from the numerous local police departments that are expanding their own reach.

Don't get distracted--the same data is just as dangerous (if not more dangerous) in the hands of local officials than some folks at an alphabet-soup agency.


do local police have access to this data though? Maybe I've missed something, but the cell phone data has been through PRISM, and that local police doesn't have access to this sort of information.


Yes?

https://www.aclu.org/national-security/police-requests-cellp...

The type of surveillance NSA can do is quickly trickling down to FBI, DHS, DEA and even the police. Even this wasn't too long ago:

http://news.cnet.com/8301-1023_3-57471570-93/facebook-scans-...

Some police departments are also working on face detection systems, or even "pre-crime" in New York:

http://www.activistpost.com/2012/08/microsoft-and-bloomberg-...

http://www.thenewamerican.com/usnews/item/16942-dhs-creates-...

http://www.democracynow.org/blog/2013/5/22/dissent_or_terror...

http://www.csmonitor.com/USA/Latest-News-Wires/2013/0718/Lic...

And these are just examples that I remembered off the top of my head, and did some quick searches on them now.


The issue is that the local Police are aggregating the same types of data E.G. Auto scanning tags of cars within sight of a police car and it's only a matter of time before the links are made to pool the data. All that needs to happen for this to become a reality is one piece of legislation be snuck into a spending bill or farm bill etc.. and bam - all police forces are required to send their data to the national data pool that all other police forces can access for the "greater good".

Not being involved in this myself I don't know the extent or the checks in place but police do have access to cell phone location data since about ten years ago? (if you call 911 on a cell phone they use it to find you)


You can do a lot of tracking without cell phone data.

Local police have access to license plate scanners (both at fixed locations and mounted on police vehicles). The data is not as fine-grained as GPS data from a person's phone, but it can also yield information about the patterns of a person's movements over time (e.g., they pass these ten intersections every weekend night between 2:30 and 3:00am). Of course, this can only track people with cars (but in some cities, that's pretty much everyone).

Facial recognition software can track people who walk, but I don't know how widely deployed it is at this time. As soon as it gets attached to all of the millions of surveillance cameras that are out there (some of which are operated by police departments, like in NYC), tracking pedestrians will become easier.

And, of course, the local police can get a warrant to attach a GPS device to somebody's car or to pull cell tower data if they have probable cause.


>do local police have access to this data though? Maybe I've missed something, but the cell phone data has been through PRISM, and that local police doesn't have access to this sort of information.

That's hardly an argument. For one, they collaborate frequently with the FBI. As for local police, well, give it time.



...local police doesn't have access to this sort of information.

Yet?


> "This argument can only hold on water by having a complete lack of faith in the rule of law. The biggest issue I have with this is that this describes a massive , coordinated system to use all this location data in ways that are way outside the legal framework in place by the initial court order from the FISA court."

The article title includes "What the Government Could Do With All That Location Data". The emphasis is on what is technically possible, not on what is legal. Given the vast expansion of legal authority to collect and use data on American citizens over the past decade, the article rightly looks at what is possible tomorrow based on the data of today, because what is legal tomorrow cannot be predicted accurately.

I entirely agree that the anger over the Snowden revelations should be first directed at the US congressmen responsible for authorizing these programs in the first place. However, much of what they authorized wasn't even public information until Snowden came along, so your argument that we should not worry much about the infrastructure of the surveillance state because the laws of that state prohibit such surveillance is undermined by the enormous secrecy with which it operates. We don't even know how some intelligence agencies interpret the laws that have been written. In an environment filled with so much legal uncertainty, knowing what is technologically possible, and knowing what the incentives surrounding that technology are, is extremely valuable.


> Just because the data is at the NSA doesn't mean they can use it however they want, just like how Google would run into some problems if it tried to sell the contents of your e-mails to somebody.

I am not sure you are listening, what is happening around you.

> This anger at the NSA should also be directed at the congressmen voting for these laws of large scope in the first place. Hopefully we can get rid of NSLs too. But the NSA is just doing the most it can with the tools we give it (which is what we expect). And rule of law is actually working, we just have some shitty laws.

It's working for whom? Presumably these laws require a little bit less privacy for a more secure country. I didn't see Boston bombings avoided. If the answer to this is please give us more privacy, to avoid this in the future, I'd say no.


>It's working for whom? Presumably these laws require a little bit less privacy for a more secure country.

The fisa court is an example of laws working in our favor. Before the fisa court, the executive could basically do what it wanted wrt "terrorist/spy" suspects. It's only after Congress intervened that we got something that tries to strike a balance between the need to investigate sensitive subjects and the need to have somebody check executive privelege.

>I didn't see Boston bombings avoided. A patient at a hospital goes in for surgery and dies on the operating table. Is medicine useless?

You have absolutely no way of measuring how much security a set of laws has given us, short of going back in time and replaying the same universe without the laws. And even then, these events are so dependent on singular events that it's hard to say what would work.

A related argument is how only X people died in Boston, while 100X people died in car crashes in the past week. Except that the Boston bombings are a singular event, and it only takes one/two arrests to stop X people from dying. 100X car deaths is probably 50X different accidents, each due to varying causes. Of course we'll want to go after the "small big wins". It seems easier to tackle.

If you think that, as a society, we can stop a somewhat constant N bad things from happening, then it's only normal for us to run after the biggest bad things and try to stop that, even if there's X tiny problems, with X much larger than N, that are easier to deal with.


> You have absolutely no way of measuring how much security a set of laws has given us.

Sure we do. Do you really think they wouldn't plaster the news of a thwarted terrorist attack everywhere? Whenever verifiable potential incidents are stopped, there is always breaking news about them, in great detail.


>This argument can only hold on water by having a complete lack of faith in the rule of law.

What "rule of law"?

The one who predominantly targets blacks and latinos?

The one that sends people to life terms in prison for non violenet BS crimes, if they do three of them?

The one who, in 2014, jails people for smoking a joint?

The one who, in 2014, in a western democracy nonetheless, still uses capital punishment?

The one who big corporations make a laughing stock of?

The one who has the highest incarceration rate in the world, by a large margin?


With every new revelation, I'm less and less confident in the rule of law. I'm starting to believe that the NSA thinks that the law doesn't apply to them. So when you speak about faith in the rule of law - until this year, I might have been on your side. But lately, I'm not sure I have any faith in the rule of law anymore when it comes to government agencies.


> The narrative has always seemed to be "check out how the NSA is going crazy over here!". But the reality is "check out how all these politicians are voting in these new laws allowing this to take place!"

I'd like to beg your pardon, because I'm not from the US. I'm British, so I'm sure there are large contextual elements of this situation I'm not understanding. But can anyone explain to me how this can happen?

I mean, I've grown up being told that there are two types of legal framework for a country: ones with a constitution and ones without. In countries without a constitution, like Britain, the politicians can do whatever they like. In fact, it's always a big principle in the UK that parliament cannot bind its successors:

https://en.wikipedia.org/wiki/Parliamentary_sovereignty

But in a country with a constitution, I always thought that wasn't correct. If a politician wants to change the law they can, except where that conflicts with the constitution.

Now, my understanding of America is that it has strong constitutional safeguards in place for such things as free speech and unreasonable searches.

Isn't there some constitutional court that people can take this kind of thing, to find out if it all really is legal? Because if politicians really can make any law they want, surely you don't actually have a constitution in the US at all?


If it's the laws that are bad, why are so many congressmen surprised at the scope of the NSA's actions?


They know how to act surprised when the voters can see them.


We hear about old NSA programs that got shut down because of the FISA court's rulings.

Such as?





Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: