

Why is Larry Lessig plugging Palantir? - detcader
http://labels-kill.blogspot.com/2013/06/why-is-larry-lessig-plugging-palantir.html

======
mpyne
Ah, is this where the hacktivists start eating their own for no better reason
than that they don't sufficiently hate the infidels?

This is a notable example of killing the messenger in fact; Lessig talks about
using tech proactively in order to aid privacy and accountability, references
a company that happens to have the technology to do it already.

Even if you don't like the company (Oh no, their board member knows this other
board member! Oh no, the CIA was indirectly involved years back!), that
doesn't invalidate the message. It's this kind of intellectual dishonesty that
I didn't even dream computer hackers could actually fall victim to, before my
rude awakening. Or I don't know, maybe it's the chemtrails eating my brain and
Dr. Lessig was really a CIA plant all along, who knows?

~~~
jaekwon
Actually, it's not just the company but rather Lessig's message itself that
bothers me. Read my other comment here for details.

Nobody is suggesting any direct link between Lessig and the CIA, but the ties
between Palantir and the surveillance program is becoming obvious.

Use Occam's razor.

    
    
      * Palantir was funded by the CIA
      * Palantir is exactly what the NSA PRISM program needs
      * Palantir also had a PRISM product
      * Palantir had been associated with the surveillance program in recent Anonymous leaks (right? during the HBGary scandal)
      * Facebook (which is known to participate with PRISM) & Palantir share Sean Parker
      * Facebook/Google/etc have already denied association with PRISM by factually true but evasive statements. Same with Palantir's recent statement.
    

More debate here: [http://www.dailykos.com/story/2013/06/23/1218189/-HBGary-
Pal...](http://www.dailykos.com/story/2013/06/23/1218189/-HBGary-Palantir-
Prism-Facebook-The-Industrial-Surveillance-Complex#)

------
jerrya
[http://www.theverge.com/2013/6/29/4478748/california-
license...](http://www.theverge.com/2013/6/29/4478748/california-license-
plate-reader-database-palantir)

Throwing more light on the controversial use of police license plate readers,
a new report from the Center for Investigative Reporting reveals the
development of a new California database under development with the help of
Palantir, a Silicon Valley firm whose data analysis technology is in wide use
by the US intelligence and defense communities. According to the report, the
company is party to a $340,000 contract to build the new infrastructure. The
project is being spearheaded by the Northern California Intelligence Research
Center — an office set up after the 9/11 terror attacks to enable police and
intelligence agencies to share data.

The new database will collate records coming in from 14 counties across the
state, will be able to handle at least 100 million records, and will be
accessible to both local and state law enforcement, according to the report.
It also notes that license plate records will be held by the new database for
two years, regardless of the data retention policies of local law enforcement
agencies. The database's total size is unknown, as is the identity of the
government organization that administers it. However, LA Weekly wrote last
year that a precursor to the new California-wide database in use by Los
Angeles police had logged more than 160 million data points.

Despite their undeniable effectiveness at identifying stolen vehicles ("100
times better than driving around looking for license plates" in the words of
one San Leandro police officer), license plate scanners have come under sharp
criticism from privacy groups like the EFF and ACLU, which sued the LAPD and
County Sheriff’s Department in May for access to a week's worth of records
from its license plate readers. Since the devices permit automated scans of
some 14,000 plates during a single shift, privacy advocates argue that strict
data retention policies need to be put in place to stop a useful law
enforcement tool from turning into a comprehensive database of citizens’
movements. And while the Supreme Court ruled last year that warrantless GPS
tracking violates the Fourth Amendment against unreasonable search, automated
license plate readers don't face the same legal restriction.

------
Permit
This article conveniently left out Palantir's reply to the HBGary email leak.
[http://www.thetechherald.com/articles/Firm-targeting-
WikiLea...](http://www.thetechherald.com/articles/Firm-targeting-WikiLeaks-
cuts-ties-with-HBGary-apologizes-to-reporter/12767/)

They can't even do what Aaron Barr was asking of them.

Please approach this article with some level of skepticism. Especially after
the last round of discussions[1] we had surrounding the bogus connection
Palantir was alleged to have with the NSA. (Due the naming of an internal
project which shared the name "Prism").

[1][https://news.ycombinator.com/item?id=5839305](https://news.ycombinator.com/item?id=5839305)

~~~
SilasX
>They can't even do what Aaron Barr was asking of them.

For that matter, they can't even do what Lessig was gushing about:

>>there's a company called Palantir who's built a technology to make it
absolutely, make you absolutely confident that a particular bit of data has
been used precisely as the government says it's supposed to be used. You can
find out exactly who's looked at it and for what purpose it's been used at. So
the point is there's a way to build the technology to give us this liberty
back, this privacy back. But it's not a priority to think about using code to
protect us.

Wha? There's always been code that can tell you who accessed what and when:
the problem is trusting it to be set up right, not the technology.

Anyone know what the actual Palantir accomplishment is?

~~~
dantheman
Palantir is tool for doing link analysis and importing structured, semi-
structured, and unstructured data. It has a great UI for exploring data and a
great UI for manual tagging of data. It has excellent logging capabilities,
but I'd argue "data has been used precisely as the government says it's
supposed to be used" this is impossible since once a person knows a piece of
information they can use it in anyway that they'd like.

------
jaekwon
Ah I have a thought about this. I have noticed for some time that Lessig walks
a strange line on the issue of IP (intellectual property) and freedom &
privacy.

Lessig believes IP is necessary & requires architectural changes to the
internet to protect it. He is in favor of government monitoring to protect IP
as long as it is done in accordance with the law, and he proposes a flawed
mechanism (P3P) to protect your privacy.

\----

Disclaimer: I haven't had the time to scrutinize this guy. I'm merely writing
down the ideas that have been crystalizing in my head the past year or so
while encountering his books, talks, and such. I'm all ears to criticism.

\----

First, consider his stance on IP. There is no denying, as evidence in reading
over his book "Free Culture" ($16.00), that while he sees existing IP laws as
having gone too far, IP must exist in order to protect the monetary incentive
of the creator. While many people blindly agree with this justification for IP
laws, it's worth mentioning that many disagree, and also that he fails to
weigh the evidence of whether IP laws actually promote progress in art and
science. For Lessig, it is an assumption.

Second, consider his book "Code".

Page 140 under "Choices" he writes, _" I've argued that cyberspace will open
up at least two important choices in the context of intellectual property:
whether to allow intellectual property in effect to become completely
propertized..., and whether to allow this regime to erase the anonymity latent
in less efficient architectures of control. These choices were not made by our
framers. They are for us to make now"_. Here, I am paraphrasing, he is saying
we have to choose between having complete trusted computing in handling our
internet activities in order to prevent piracy, or we have to monitor internet
activity and lessen our anonymity. His solution, on the same page, is to
ensure pseudonymity, which is exactly what the NSA claims. Yet any hacker
worth a dime knows the flaw in claiming that the NSA's methods ensure
pseudonymity.

Next, page 158 he writes, _" It might be said that the principle ... is to ban
all of these inoffensive and invisible searches. Perhaps that should be done.
But ... imagine substitutions that protect the same value without sacrificing
the benefit these technologies might bring."_ Here he is defending blanket
monitoring, as long as it is modified in some way. His idea of this
modification is on page 160: _" What is needed is a way for the machine to
negotiate our privacy concerns for us, a way to delegate the negotiating
process to a smart agent."_ and the mechanism that he proposes is _" P3P, ...
an architecture within which users can express their preferences and negotiate
the use of data about them"._

Sure he admits that P3P has unresolvable problems. But his next sentence
doesn't sit well either. _"... Imagine an architecture, tied to a market, that
protects privacy rights"_ ...

The problem with all of his suggestions is that they simply don't work. Either
Lessig is ignorant about the nature of information, or he is deliberately
suggesting red herrings to problems of the kind of NSA surveillance. You can't
fix that with a P3P or a market. You can't even fix it well with encryption
unless you're using Perfect Forward Secrecy. I'll give him the benefit of the
doubt, but still... if you connect the dots, you may find that at worst Lessig
is an apologist for the surveillance state, and at best offers no real
solutions to the problem of internet privacy.

It's also worth noting that while Lessig associates with Aaron in many ways,
their roots could not be any more different. Aaron started within the law,
helping creating things like RSS and Creative Commons, but over time he became
more of an activist, and condoned more aggressive tactics of information
freedom, as evidenced in his Guerilla Open Access Manifesto (2008)... _" We
need to take information, wherever it is stored, make our copies and share
them with the world. We need to take stuff that's out of copyright and add it
to the archive. We need to buy secret databases and put them on the Web. We
need to download scientific journals and upload them to file sharing networks.
We need to fight for Guerilla Open Access."_ On the other hand, Lessig
staunchly supports the IP system, and fails to propose a system that Aaron
would agree with.

\----

\- EOM

~~~
aptwebapps
Thanks for an informative post, but this bit is a little irritating:

" ... While many people blindly agree with this justification for IP laws,
it's worth mentioning that many disagree, ..."

Would you also agree that many people agree with the justification and many
people blindly disagree with it? Or is anyone who agrees necessarily blind and
all who disagree farsighted?

~~~
jaekwon
Oops you're right! Of course there are intelligent justifications for IP.
Blindness goes both ways.

~~~
mpyne
One major unintended consequence of strong IP is that it provides the
_backbone_ behind copyleft projects like GNU. With weak IP it would be as if
all software had BSD-alike licenses. To give people the freedom to have the
source to the software that drives their _essential_ computing gear requires
some type of strong IP regime to enforce the requirement to share-alike.

As technology becomes more important, the availability of source code
correspondingly becomes more important. Right now there's a fairly strong
social pressure to open the source, but it won't always have to be that way
either.

------
fishcakes
Palantir stores an audit trail that shows exactly where each piece of data
comes from and who has accessed it. This allows citizens, courts, regulators,
etc. to see precisely how data is being used.

These features are a deep part of the platform (i.e. they can't be turned off)
that powers a lot of the other features (entity resolution / de-resolution,
for example). Say what you want about the people collecting the data and the
data they are collecting, but civil Liberties and privacy protections are an
inseparable part of Palantir.

~~~
jaekwon
>> Palantir stores an audit trail that shows exactly where each piece of data
comes from and who has accessed it. This allows citizens, courts, regulators,
etc. to see precisely how data is being used.

What are you blabbering about? What you suggest is impossible.

Are you talking about this "immutable audit log" technology?
([http://www.palantir.com/wp-content/static/pg-analysis-
blog/2...](http://www.palantir.com/wp-content/static/pg-analysis-
blog/2009/07/Privacy-and-Civil-Liberties-are-in-Palantirs-DNA.pdf)) That's
nothing more than marketing speak powered by research papers that have proven
to be insufficient. See: [http://www.informatik.uni-
freiburg.de/~accorsi/papers/imf09....](http://www.informatik.uni-
freiburg.de/~accorsi/papers/imf09.pdf)

Also, see slide 11 and 12 here: [http://www.slideshare.net/Nbukhari/audit-
trail-protection-av...](http://www.slideshare.net/Nbukhari/audit-trail-
protection-avoiding-a-false-sense-of-security), and then read this:
[http://www.std.com/~cme/non-repudiation.htm](http://www.std.com/~cme/non-
repudiation.htm)

Immutable audit trails and non-repudiation without specialized devices
(blackboxes) are a lie. It is impossible to create a bulletproof auditing
system for access to sensitive data, especially when you're talking about the
kind of surveillance that the NSA is doing with PRISM.

I suspect that when government officials cite the "transparency" and
"auditability" of NSA PRISM, this is what it all boils down to -- marketing
talk from Palantir etc.

~~~
mlinksva
It is really too bad people are criticizing Lessig, or he thinks he is being
critisized, because "Palantir is a bad company, or that it has done bad
things, or that it has been funded by bad people".

That's not the first thing that comes to mind when I read "technologies that
could give us, and more importantly, reviewing courts, a very high level of
confidence that data collected or surveilled was not collected or used in an
improper way."

That's incredible!

~~~
jaekwon
More people need to know about this. I think people get lost in his prose and
lose the gist of what he's really trying to do.

~~~
mlinksva
What do you mean by "what he's really trying to do"?

Anyway, I'm pointing out that he's making/repeating a technically incredible
claim. I'm ever so slightly surprised and saddened that scrutiny of that claim
isn't the focus here.

~~~
jaekwon
He's using the issue of copyright to condone the current direction of the
surveillance state, and he is offering red herrings as "balancing"
compromises.

Yes, I agree with you. I think it is because we are among the first to find
it, sparked by that blog post. This seems to be the technical crux of the
debate.

~~~
mlinksva
I doubt his aim is to condone the current direction of the surveillance state,
but perhaps pursuit of "balance" plus technical credulity helps achieve the
same.

------
tzs
What is the significance of Barrett Brown being a young white male? I didn't
see any obvious reason for the author to mention either his sex or race.

~~~
CamperBob2
Subtext: "Yes, a young white male, just like Constant Reader probably is. Yes,
that's right. _You._ What happened to him could have happened to _you_. This
wasn't racism, or sexism, or any other form of institutional oppression. Be
afraid."

It worked on me, I have to say.

~~~
tptacek
"That's right. You." ?!

This is such a saddening comment.

~~~
CamperBob2
How so? Someone asked about the dog whistle, and I translated it. Opinions
expressed do not necessarily reflect those of the poster, etc. etc.

~~~
tptacek
I see. The dog whistle hadn't registered with me until I read your comment, so
I probably attributed some of my distaste of it to you. Sorry.

------
moham
To suggest that Palantir systems are not used in all kinds of defense, law
enforcement, and counter-terrorism operations is to deny reality. Lessig,
being of such stature in his field, surely knows who they are and what they
do. Why he mentions them by name not only in the Moyers interview but also in
an article one can only speculate. Via twitter he says he plugs "ideas, not
companies" but didn't address if he knew what other business Palantir gets up
to.

Can anybody show evidence of the "audit trail" Palantir uses to ensure
citizens know what's being done with their data by NCTC, FBI and others?

~~~
jaekwon
The the government's claims of transparency and audibility of the NSA's PRISM
program is analogous (if not directly related) to the claims of Palantir's.
Search for "immutable auditing" below:

[http://www.palantir.com/wp-content/static/pg-analysis-
blog/2...](http://www.palantir.com/wp-content/static/pg-analysis-
blog/2009/07/Privacy-and-Civil-Liberties-are-in-Palantirs-DNA.pdf)

But even with such an audit trail to the core, it is known that it isn't
sufficient:

[http://www.informatik.uni-
freiburg.de/~accorsi/papers/imf09....](http://www.informatik.uni-
freiburg.de/~accorsi/papers/imf09.pdf)

I wager that for any given system that touts immutable audibility, there is a
way to hack around it. Privacy through automated means is impossible. At best
it is a kind of DRM that the NSA can easily work around secretly if it wanted
it. What we should be advocating instead is Perfect Forward Secrecy in our
internet architecture, and the dismantling of PRISM and related data centers.

------
stfu
Let me try to phrase that in a way a politican would say that:

"Those on the extreme ends, commonly referred to as conspiracy nuts, would
say: That's exactly what we expect Lessig to do after attending Bilderberg
Conferences. But to those I say: Lessig is a honorable citizen, with strong
believes in freedom and democracy. Somebody who would never shill as a pseudo
credible mouthpiece for defending questionable public-private partnership."

