Hacker News new | past | comments | ask | show | jobs | submit login
EFF to Congress: Stop the Cybersurveillance Bills (eff.org)
279 points by panarky on Apr 22, 2015 | hide | past | web | favorite | 41 comments

Two things.

There are a huge number of information sharing programs in effect in America and these have been cornerstone initiatives for the US government to deal with espionage and sabotage operations as well as foreign propaganda. One of the main features of these information sharing acts is that, if the company onboards to information sharing voluntarily, the government garuntees the companies that the information - which usually amounts to close to all network traffic at the border and sometimes inside the corporate network and for many companies the customer records it keeps (although some are merely programs whereby only malware and hacker IPs or propaganda social media posts, etc are shared) - can not be used against the corporation for any legal purposes. This is something that many organizations, including the EFF, are not talking about.

Second thing. The purposes of these programs are not to combat terrorism - the defense industries of the Western world feel they need surveillance and propaganda capabilities because their superpower status is hollowing out as the world's economic base shifts to the Asia Pacific and as new challenges to Western institutions such as super- and hyper-sonic warhead delivery systems enable ICBMs to land payloads across the globe now in under 40 minutes. It is challenges to the old order that make our democratic institutions feel they need to reach for our rights to defend themselves. The Constitution is a peacetime document - and there is no peace for powers that feel their influence hollowing out.

It is not useful to discuss these programs in terms of terrorism - they are not designed for terrorism.

I dispute that the world's economic base is shifting to the Asia Pacific.

The US still has the same share of global GDP that it had 35 years ago, and faces no credible threat to the dollar's dominance. The US economy is larger than the size of Japan + China combined, and is now 250% larger than Japan, and that gap will increase significantly. Canada has become vastly stronger over that time, it has as large of an economy as India with just 2.7% of the population (with not even a small fraction of the problems that India faces).

Mexico's GDP has doubled in 15 years. Brazil has become one of the major GX economies, with an economy 50% larger than Australia or South Korea.

Spain has as big of an economy - even after all the problems they've had - as South Korea (which is the #4 economy in the Pacific region).

Germany, the #2 economy in the West, is likely to pass Japan's economy in size in the next 10 to 15 years (with 1/3 less people). In the last 20 years that Japan has been treading water and taking on vast debt, Germany's economy has doubled in size post re-unification.

Most of the best countries in the world in terms of high standard of living are in Europe.

Meanwhile the Asia Pacific region has nearly two billion people living in what can only be described as intense poverty by Western standards. China alone has ~600 million unemployed captive 'farmers' earning $3 / day, because there are no other jobs for those people to do.

Japan is in such dire condition 40% of their budget goes to paying interest on their debt, their GDP hasn't grown in 20 years, and they've gotten so desperate they've taken to aggressively debasing the Yen to keep their government solvent (rapidly chopping down the Japanese standard of living in the process). Japan is of course Asia's second largest economy.

China has spent the last six years post great-recession faking their growth by taking on $30+ trillion in new debt, in the process becoming one of the most indebted nations on earth.

Japan and China, Asia's two biggest economies, are facing disastrous demographics issues, while they simultaneously drown in debt (a bad combination when you have to take care of a lot of elderly).

Compare the top 20 economies of the West vs the top 20 economies of the Asia Pacific, in terms of incomes, wealth, standard of living - it's not even remotely a close contest. The 10th largest economy in the West is the Netherlands ($50k GDP per capita); compare them to Malaysia ($10k GDP per capita) or Thailand ($5k GDP per capita).

I fail to see how this sum represents a shift to the Asia Pacific economically.

These charts seem so show US global share of GDP (with PPP factored in) in a slow decline.

2004-2014 http://www.statista.com/statistics/270267/united-states-shar...

1980-2010 http://en.wikipedia.org/wiki/File:US_share_of_world_GDP_sinc...

It should be noted that many people have gone bankrupt over the past three decades predicting the end of China's growth (adjusted for purchasing power, China's GDP has already surpassed the United States GDP). Anyway, a couple things.

First: the claim is that the world's economic base is shifting to the Asia Pacific - not that it is already there. One reason for this is that these (huge) economies are emerging into consumer rather than producer economies and another that much of the modern industrial capacity for 21st century goods (e.g. electronics) are centered in this area. The Renminbi is a credible threat to the dollar.

The second thing is that this is the perception of the Western world - it is the reason for the Bush and Obama administrations' joint plan for the Pivot to Asia. Maybe our government is wrong - but this perspective is what informs it and is leading its decisions.

The third thing of course is that your dossier is very coarse. It fails to mention the problems in the Eurozone and the financial crashes centered around the dollar. It casts the Spanish economy in good light and the Chinese one as bad. It mentions Canada's growth, but not that it has been driven by investment in China. Curiously, it uses Japan as a comparison for the US economy - a country I would consider on the Western system - and later uses Japan as an example of why the Asia Pacfic is weak.

Finally, economics have more to do with growth than they do with wealth. It does not matter that Asia is not (so) wealthy right now. What matter is that the growth is and will be centered in the Asia Pacific. The investment, global investment, will be there. Everyone wants a piece of the 7%+ pie. This while the Western world, while rich, is struggling to grow at 2%. It is not enough to look at who has the wealth - you need to look at who will be getting wealth.

What Washington thinktanks are talking about right now is:

- How can we get the Japanese people to agree with expanded US military deployment there?

- Can we get S. Korea to reunify with N. Korea, what would China think, and what are the prospects for Korea to become a world power?

- What broad power plays are going to be made by Xi Jingping? How can we prevent China from gaining control of the major ocean trade routes?

- What investments can the Western World make in Eurasia? Can a strong partnership with India, with its emerging economy and large population, enable us to compete in the region? How can we keep India off of the AIIB (esp. wrt coal)?

(And of course a great number of things not related to the Asia Pacific, like how to keep the Arctic as a no-man's land)

So anyway, I'm not actually making the claim that the Asia Pacific is going to be the center for economic growth of the world for the next 40 years. I am more properly making the claim that Western institutions believe this and are responding to it.

China's growth boom has already ended, I'm not predicting it.

If it weren't for perpetual stimulus, and truly epic debt accumulation, their economy would already be contracting. And that's before the bottom billion people in China have an opportunity to participate in a better life. The painful reality is, there are not enough resources, savings, or consumers to lift China's bottom one billion up to even the levels of a mid tier economy (~$15k incomes) - at least not in this century. They're entering Japan's debt phase of the post growth bust - the point where the country gets desperate to maintain its growth and so turns to accumulating debt - and they're doing so before having even a mediocre social safety net.

When you have to take on $5 in debt to get $1 of GDP growth, your growth is over. Ten years ago their return on invested capital, and return on debt had already begun to plunge. At this point China is far beyond yielding good enough returns on the debt they're accumulating. Now it's merely a question of when China enters a debt panic, as all of their 'growth' gets starved out due to debt obligations.

7% GDP growth equates to $600 to $700 billion in new GDP per year for China. They're taking on $4+ trillion per year in new debt annually. To maintain above 5% growth, they will probably have to take on another $30+ trillion in new debt the next six or seven years alone (based on what it has taken to reach the growth levels of the last five or six years, and assuming a continued decline in return on that debt).

Their liquidity mess has resulted in one of the greatest stock market bubbles in history and will soon implode; 2/3 of the investors participating don't even have a high school equivalent education level. Their real estate bubble has already begun to implode, pushing fleeing money into the new bubble in equities. They're also bleeding foreign capital, whereas previously capital was desperate to enter China.

There are only two possible outcomes for China the next 20 years. A lost 20 years like Japan, for similar reasons, following the implosion of both a real estate and stock market bubble (again mirroring Japan). Or China acts very aggressively, very quickly to curb debt accumulation and to pop existing bubbles - that will result in extremely mediocre growth (1% to 3%) for a decade or two, after a period of painful contraction.

I hear a great number of predictions regarding China - especially on discussion forums. It's also interesting to hear your analysis of debt accumulation. When the US did much the same what I kept hearing from finance folks was that foreign capital works quite differently than personal savings and that the US debt burden was (and is) not really so big a deal. I have heard variations of your argument for some years and so far none of them have been right - I am struggling to figure out how your argument now differs from their arguments then.

Consistently, on the other hand, what I hear from Washington strategists is that they can not make policy decisions based on the hope that China's economy with deflate or implode (not to mention that this would offer its own kind of disaster to the West - look at what Thailand unpegging the dollar did in '97). Their assessment is quite divergent from yours. Although it shares so many features with the many before you who have wrongly predicted an implosion it would be interesting if you were right. To reiterate my earlier point Washington behaves off its beliefs and it believes that growth in that hemisphere, plus growth in China, will make the Asian theater the dominant one for the next half century.

Luckily for the world all predictions made in this thread are falsifiable - we need only watch to see what happens over the next couple of decades to find out. :)

Can you clarify your first paragraph or provide links -- related to company infrastructure cannot be used against them in court?

Googling for "company information shared network cannot legally" wasn't very productive.

Like Fusion Centers of the Department of Homeland Defense, the United States has centers called ISACs (Information Sharing and Analysis Centers) which collate data from American industries, look for threats, patterns and anomalies, and will link this data to the intelligence community and classified information. A Google search for "ISAC information sharing" will get you information on these.

ISACs are public-private enterprises. Onboarding to information sharing programs are not required by law, but some of them are required if the corporation is going to handle government business. Due to its public-private nature, it is bound in some cases by private restrictions and in others by public restrictions - but in general enjoys the freedom of being able to work without the full limitations of others.

There's a great talk (there is also a video somewhere...) of information sharing initiatives, policy, investments and brainstorming of solutions to problems ranging from the technical to the regulatory.

At approximately 1:14:00 (though you may want to start a couple minutes earlier) you can hear the ISAC director discuss how important it is for corporations to understand that the US government will not use any information used by these programs for legal purposes.


Looking forward to it

> One of the main features of these information sharing acts is that, if the company onboards to information sharing voluntarily, the government garuntees the companies that the information [...] can not be used against the corporation for any legal purposes.

Kind of like a corporate "fifth amendment"? It seems reasonable enough, if it can shift the power struggle over this data into the open.

Kind of like that, yes - though it is not so much a right as it is a practical consideration. The difficulty is that companies aren't going to willingly share information that might then be turned around to indict them. So to quell those fears the messaging is very clear: "we will not use this information to regulate or indict you".

We have two major surveillance efforts from the government moving down the pike and we do not have the attention of the Internet.

1.A set of surveillance bills under the guise of enhanced cyber security. https://stopcyberspying.com/

2. Patriot act renewals that would reauthorize the governments phone and Internet metadata authorities. https://fight215.org/

Anything you can do to increase awareness of these bills would make an enormous difference...

Obligatory: https://eff.org/donate

I highly recommend signing up for a $19.84 recurring monthly donation. Also, is there a SuperPAC or 501(c)4 that can lobby for this cause that we can donate to?

While I do respect the EFF and what they're doing, I'm flat out against joining the whole SuperPAC thing where we're joining a piss-off contest into who can give easily corruptible politicians that have no clue what they're voting on the most money.

I agree 100%

I often argue with a lobbyist friend of mine about their (lobbyists) role in the ecosystem.

Right now the paradigm seems to be hire lawyers to serve in Congress because lawyers know how to write potential laws. Leave it to lobbyists to convince them of the policy they should care about.

I feel that if we had representatives with more diverse backgrounds, and we surrounded them with lawyers and staff to explain how to best translate their ideas into bills, we'd be better served.

There would still be special interest groups trying to convince them of what to do, but I feel it would avoid situations like SuperPAC's buying clueless politicians, and clueless politicians being appointed to committees they know nothing about.

I feel that if we had representatives with more diverse backgrounds, and we surrounded them with lawyers and staff to explain how to best translate their ideas into bills, we'd be better served.

Interesting. Instead of lawyers on the inside, specialists on the outside, we would have specialists on the inside, lawyers on the outside. I've wanted something similar for a while, and I like this way of phrasing it.

Instead, take 5 minutes and write a letter to your congresspeople telling them to vote against all surveillance legislation (including reauthorizations) that don't comply with a constitutional constraint. Demand warrants from real (not FISA) courts for surveillance and capture of data, not just review. Tell them you will work to get them unelected if they vote for more surveillance. Use a site like this [1] to send the letter if you don't want to print and stamp - https://www.google.com/search?q=send+letter+on+internet&oq=s...

There is Lawrence Lessig's Mayday PAC. He is addressing the root cause of our government ills in general--campaign finance--rather than privacy or rights in particular.


The ultimate defense of liberty is in the hands of local privacy groups.

Become a member of a Restore the Fourth and we will help you find local like-minded folks.

We also have a voice in these national policy debates that you can definitely use.


How is the top voted comment here about Asia's economic rise? Whether these programs are "meant" for terrorism is irrelevant -- they are being pushed in the name of terrorism. If they are about economic power in Asia, and our politicians are using terrorism as a front to pass it, THAT is the problem. We don't need to be discussing Asia.

We don't need more government control or surveillance, period. It's obviously a bad idea, and the only way to stop it is to BE VOCAL. Call your representatives and talk to your friends and family about this important issue.

The top voted comment about Asia's economic rise agrees with your assessment, only goes further to explain potentially ulterior motives of the government to better inform those who are on the fence, as well as arming those opposed with better arguments as to why such surveillance is unnecessary.

The top voted comment is not about economics in China specifically - it is the only substantive reply that the parent got so that's what the conversation devolved into. The top comment is more broadly about the US being challenged - it's hollowing out of power. In the iron age if you can't wield iron you will be cast down. In the information if you can't wield information...

As much as I love the EFF, I think we have to be honest with ourselves and admit its a fundamental generational problem.

The people who think this is a good idea don't fully understand the implications. Hell, people get dox'd because they don't understand how the whole system works with publicly available information when they are discussing something they really shouldn't under their real names.

Hell, even without the NSA its pretty easy to imagine a scenario where:

[Person discusses having an affair on Platform X] -> [Some bored IT guy notices, thinks the woman is attractive and has no morals] -> [Uses exchanged information to exploit her for sexual favors because its better than her husband divorcing her and leaving her with nothing]

It doesn't even occur to these people that they are creating weapons that literally could be used to exploit anyone who has a secret they want hidden, domestically. The firewall that exists between "domestic" and "international" that is supposed to prevent this is exactly what these politicians are burning down.

At least, I keep hoping its ignorance.

People have a blind faith in the watch guards and a natural tendency to hand them the rope necessary to be hung with.

I have a friend in the middle of a divorce. Her husband works for their cell provider. He has harassed her with allusions to "keeping tabs" on her because of his position of power.

When you point the panopticon inwards you realize just how scary unfiltered communication and location data taken out of context can be and how dangerous someone with malicious intent and access to that data can be.

No one should have that power over someone. It certainly shouldn't be consolidated into the hands' of any group of people, either.

> People have a blind faith in the watch guards

People have an explicitly cultivated faith in the watch guards. Cop shows on TV promote an image of competency and good will. That's not what it's like in the real world, but even in this forum, you find people being way too deferential.

I'm in the UK and by and large we have reasonable policing (by the standards of many countries we have excellent policing).

That said, I have absolutely no deference to the police here either, it's a public sector job the same as any other staffed by people largely no better or worse than any other industry with the crucial difference they are sworn to uphold the law and have powers granted to them to that end.

They deserve the exact same respect as any other member of our society, we largely don't go in for all the "men in blue" stuff either - they weren't conscripted they chose to join as rational thinking adults.

> I have a friend in the middle of a divorce. Her husband works for their cell provider. He has harassed her with allusions to "keeping tabs" on her because of his position of power.

It never occurred to her to get a different phone? Yes, that's a burden, but people do much more difficult things for much worse reasons. The husband isn't really in a position of power there.

Lights need to stay on and mouths need to be fed every night. There isn't room in the budget to break contract, switch providers and buy a new phone.

Regardless, if you don't see the power play in the threat of being able to take one's communication and whereabouts out of context at any point, you need to look harder.

That is horrible and I'm sorry for your friend.

> I think we have to be honest with ourselves and admit its a fundamental generational problem

I disagree, and I'm not sure which generation you see at fault. I see careless disregard for privacy among all generations. Likewise, I see privacy advocates of all ages.

I think the majority of people 55+ don't really understand what these bills actually do.


> The average age of Members of the House at the beginning of the 113th Congress was 57.0 years; of Senators, 62.0 years.

Literally, every person I know that is a "oh, this is okay with [insert cybersecurity bill]" freaks out when I point out how I could find out X about them without knowing them and show them how.

Do we have a svn blame for parts of bills? Who keeps putting these in? Are they aware that they are, or are they just copying from what others with other interest give them?

The mental image of members of Congress themselves committing to an official US federal law Github repo is kind of amusing. It would make being on a "committee" take on a whole new meaning...

I know some people don't want to even think about it, but just as a thought exercise; where does the limit lie?

How much and how long does society go on nicely asking the government to stop thrusting itself down the slope? Do we just keep asking and asking while things get worse and worse and the next generation that is born into blanket state surveillance sees nothing wrong with the situation?

I get that there are civil remedies like the subject one, along with judicial methods, and even electoral ones. But it also seems that there is a distinct process in place that effectively shields and converts, or generally simply disconnects legislative representation from the will of the people. How much does it matter that those who oppose blanket surveillance make up an inconsequential minority among the established legislators that have political or financial reasons to oppose what society wants, or simply have been scared by boogiemen that various agencies heavily lean on in order to justify their existence and funding.

Also, what happens when the will of the people, for whatever reason lacks the foresight to prevent unintended consequences of irreversible actions or decisions by, e.g., constantly electing people that will only perpetuate the surveillance state we currently live in?

I'm simply asking the question of anyone, where they think the line currently is or will be drawn? It seems that examples in human history abound of philosophical boundaries constantly being pushed back, all the while the position becomes ever increasingly overbearing and draconian and authoritarian.

Have there been any efforts to establish what it is that the founders of this country would have established as the final line in the sand? I don't know, and maybe it's just a misinterpretation, but it seems that the very most fundamental and core concepts of our country and society were violated a long enough time ago to have reasonably expected remediation by now.

If you want to understand why the Congress does what it does, you have to first accept that they are addressing the desires of large portions of the population.

When it seems like they are not, it's because many of the desires of the population are directly conflicting.

For example, people want very low-cost energy, but people also want a clean environment and to fight global warming. Or, people want the freedom to own their own guns, but they are horrified by mass shootings like Sandy Hook Elementary. Or, people want planes to never ever crash for any reason, but people also hate any security inconvenience at airports.

In the case of privacy, people want their data to be secure, and they want to keep the bad guys out of our companies. Even here on HN, look at the reactions to news of major hacks. The reaction is 100% negative. No one says "eh, that company was probably doing everything right, and just got unlucky." No, the prevailing opinion is "those idiots need to get better at security."

The thing is, there is no possible way for a company to get better at security without transacting information in some way. Cutting-edge exploits must be shared to be understood and mitigated. You can't do that without sharing information.

The EFF does not even discuss this, which is fine, because that's not really their job. Their job is to fight against a bad bill. But we should not make the mistake of thinking that no one wants the government to help with cybersecurity. Actually most companies DO want that, and indirectly, their customers and employees do too.

> How much and how long does society go on nicely asking the government to stop thrusting itself down the slope?

First ask how much of society has an issue with the direction. Then you can ask how far they'll go.

Some historical context for considering why bills proposing to compel greater collaboration or coordination or cooperation from companies storing private communications might be problematic: https://en.wikipedia.org/wiki/Gleichschaltung

xnull2guest and others make good points. Most of the information our government can't get from us; they get from other governments on us. This needs to stop. Support the EFF and more importantly, help our elected representatives understand that they need to stop this and comply with the constitution. Vote them out if they don't.

Congress to EFF: screw you, pay me.

They already get money, just "screw you".

I <3 EFF.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact