Title: Privacy, information access, and security
1Privacy, information access, and security the
perils of online searching in a panopticon society
donna Bair-Mundy
2Intercepting topics
Security
Libraries
Surveillance
Privacy
3Topics
What is privacy? Why do we need it?
Why do we need surveillance?
Creating a Surveillance Society Building the
Panopticon
What does this have to do with online searching?
Privacy in Libraries
4Discussion questions
What is privacy? Why do we need it?
5Informational privacy - Westin's definition -
part 1
Privacy is the claim of individuals, groups, or
institutions to determine for themselves when,
how, and to what extent information about them
is communicated to others.
Control
Westin, Alan F. 1970. Privacy and freedom.
London Bodley Head.
6Informational privacy - Westin's definition -
part 2
Viewed in terms of the relation of the individual
to social participation, privacy is the
voluntary and temporary withdrawal of a person
from the general society through physical or
psychological means, either in a state of
solitude or, when among larger groups, in a
condition of anonymity or reserve.
Choice
Temporal
Varied means
7(No Transcript)
8Informational privacy - Westin's definition -
part 3
The individual's desire for privacy is never
absolute, since participation in society is an
equally powerful desire.
Ongoing dialectic
9Informational privacy - Westin's definition -
part 4
Thus each individual is continually engaged in a
personal adjustment process in which he balances
the desire for privacy with the desire for
disclosure and communication of himself to
others, in light of the environmental conditions
and social norms set by the society in which he
lives.
Social norms
10(No Transcript)
11Informational privacy - Westin's definition -
part 5
The individual balances the desire for privacy
with the desire for disclosure and communication
of himself to others in the face of pressures
from the curiosity of others and from the
processes of surveillance that every society
sets in order to enforce its social norms.
Privacy v. Surveillance
12Westin's privacy theory 4 functions of privacy
Release from tensions of life in society requires
release from pressure of playing social roles
Power to define the boundaries of the core self
Personal autonomy
Emotional release
Self-evaluation
Limited protected communication
Need to integrate experiences into meaningful
pattern essential for creativity
Share confidences and intimacies only with those
one trusts
Westin, Alan F. 1970. Privacy and freedom.
London Bodley Head.
13Individual privacy versus individual secrecy
Privacy Allowed and in some cases required for
socially-sanctioned acts. Stress reducing.
Secrecy Involves socially proscribed
acts. Stress inducing.
Margulis, Stephen T. 1977. Conceptions of
privacy current status and next steps. Journal
of social issues 33(3)5-21, p. 10. Margulis,
Stephen T. 2003. Privacy as a social issue and
behavioral concept. Journal of social issues
59(2)243-261.
14Election day
Us
Them
15On the network news
Ayman al-Zawahiri
16So you do a search . . .
17A few days later . . .
How do you feel?
18Discussion question
Why do we need surveillance?
19Need for surveillance (1)
20Need for surveillance (2)
21Need for surveillance (2)
22Need for surveillance (2)
Train Depart Arrive
1 230 p.m. 630 p.m.
2 330 p.m. 800 p.m.
Beniger, James R. 1986. The control revolution
technological and economic origins of the
Information Society. Cambridge, Mass. Harvard
University Press.
23Surveillance in a transforming society
Zuboff, Shoshana. 1988. In the age of the smart
machine the future of work and power. New York
Basic Books.
24Roles of Surveillance (1)
Used to catch the criminals
Used as means to control workers
Necessitated by technology
Facilitated by technology
25Roles of surveillance (2)
Provision of services (Social Security)
Allows participation (Voter registration)
Protection against threat
- Means of social control
- Discover and rout out deviance
- Threat of surveillance used to promote compliance
with the law
26Routing out deviants
Round-up of Pennsylvania Quakers (1777)
Sedition Act of 1798
Espionage Act of 1917 1918 amend.
Internment of persons of Japanese ancestryWW II
Used against Hungarians, Czechs, Slovaks, Croats,
Poles, Jews, Russians, Lithuanians, Finns, Irish,
Catholics, Amish, Mennonites, Jehovahs Witnesses
(then called Russelites), Roma (then called
gypsies), African Americans.
27Dealing with dissidents
President Franklin Roosevelt had FBI spy on New
Deal opponents
President Johnson had FBI spy on opponents of his
Vietnam War policy
President Nixon had FBI, CIA, NSA, IRS, and Army
Intelligence spy on and harass his perceived
enemies
United States. Congress. Senate. The Select
Committee to Study Governmental Operations with
Respect to Intelligence Activities. 1976. Final
report.
28COINTELPRO New Left
FBI program to expose, disrupt, and otherwise
neutralize activities groups and individuals
affiliated with the New Left
Extensive and mostly illegal surveillance
United States. Congress. Senate. The Select
Committee to Study Governmental Operations with
Respect to Intelligence Activities. 1976. Final
report.
29COINTELPRO New Left
Had members arrested on marijuana charges
Sent anonymous letters about a students
activities to parents, neighbors, and the
parents employers
Sent anonymous letters about New Left faculty
members (signed A Concerned Alumni or A
Concerned Taxpayer) to university officials,
legislators, Board of Regents, and the press
United States. Congress. Senate. The Select
Committee to Study Governmental Operations with
Respect to Intelligence Activities. 1976. Final
report.
30Creating a Surveillance Society Building the
Panopticon
31Surveillance - Plague model
Highly visible
Isolation and observation
Social control
Foucault, Michel. 1995. Discipline and punish
the birth of the prison. New York Vintage Books.
32SurveillancePanopticon model
Jeremy Bentham
- Legal theorist
- Rationalism
- Utilitarianism
- Eccentric
33Jeremy Benthams Panopticon
cells
entry
inspectors lodge
walkway
34Panopticon society
35Stealth surveillance communication
interception
1870s Telephone invented
1830s Telegraph invented
1960s Packet switching
1880s First reports of wiretaps in press
Packet sniffers
1860s Wiretapping during Civil War
36What does this have to do with online searching?
37Online searching Google
jacso as we may search
One of Googles servers
38Sending your search request (1)
search
search
search
2
1
3
39Sending your search request (2)
search
1
To 123.157.78.99
40Packet-switched network
switch
switch
switch
switch
switch
switch
41Online searching
Server where the database resides
42Packet-switched network
switch
switch
switch
switch
UH router
switch
ATT
switch
43Mark Kleinformer ATT technician
Secret room
611 Folsom Street, San Francisco, California
44Mark Kleinformer ATT technician
Narus STA 6400
STA Semantic Traffic Analyzer
45William Binneyformer intelligence official with
the NSA
Saw that the NSA was spying on domestic
communications Quit the NSA in 2001 Became a
whistle-blower
Estimated that he NSA had intercepted trillions
of communications "transactions" of Americans
such as phone calls, emails, and other forms of
data (but not including financial data)
46Edward Snowden,former NSA contractor
Provided, and continues to provide, documents
that corroborate what many people had suspected
https//www.eff.org/document/2013-06-06-wapo-prism
47Edward Snowden
MUSCULAR NSA and GCHQ secretly raided data from
Google and Yahoo
48Edward Snowden
MUSCULAR
49Edward Snowden
MUSCULAR NSA used a variety of methods to grab
data flowing between Googles data centers.
http//washingtonpost.com http//www.washingtonpo
st.com/world/national-security/nsa-infiltrates-lin
ks-to-yahoo-google-data-centers-worldwide-snowden-
documents-say/2013/10/30/e51d661e-4166-11e3-8b74-d
89d714ca4dd_story.html
50Spy programs that we know of
PRISM accessing Internet data of 9 major Internet
companies in the U.S.
MUSCULAR Secretly broke into main communication
links that connect Yahoo and Google data centers
around the world
UPSTREAM cable-tapping of fiber cables and
infrastructure, giving direct access to
fiber-optic cables that carry Internet and
telephone traffic via ATT, Verizon, Sprint
51Spy programs that we know of
SHELLTRUMPET metadata program targeting
international communications
BULLRUN program to defeat encryption used in
specific network communication technologies
52Google fighting back
https//www.google.com/
53Privacy in Libraries
54ALA on Confidentiality
- The First Amendments guarantee of freedom of
speech and of the press requires that the
corresponding rights to hear what is spoken and
read what is written be preserved, free from fear
of government intrusion, intimidation, or
reprisal. - In seeking access or in the pursuit of
information, confidentiality is the primary means
of providing the privacy that will free the
individual from fear or intimidation or
retaliation.
55Browser history
56Internet station sign-up sheet
When records are no longer needed, destroy them!
57Minimizing browser history (1)
58Minimizing browser history (2)
59Web Server Log
60Web Server Statistics
Who Countries ... Full list ... Regions
... Cities Hosts ... Full list ... Last
visit Authenticated users ... Full list ...
Last visit
Navigation Visits duration Viewed Operating
Systems Browsers Referrers Origin ...
Referring search engines ... Referring
sites Search ... Search Keyphrases ... Search
Keywords
61OPAC reportsearches
OPAC Logging Report
DATE TYPE SEARCH STRING LIMIT LIMIT_STRING INDEX H
ITS 9/28/01 Keyword harry potter N K 4068 9/28/01
Author tolkein N LOCAMain Library
B 1 9/28/01 Keyword birds N K 2863 9/28/01 Keywo
rd alligators N LOCAMain Library K 30 9/28/01 Com
plex (NKEY alligators) AND N K 0 (TKEY
"crocodiles") 9/28/01 Complex (TKEY rats)
AND N K 103 (TKEY "mice") 9/28/01 Keyword osama
bin laden N K 37
62UH Library
63Log in screen
64What can we do? (ALA tips)
- Conduct privacy audits
- Identify the type and nature of all records and
files that contain library patron and user
personally identifiable information - Establish a schedule for the retention of records
and files containing library patron and user
personally identifiable information - Detail the specific steps staff should follow in
responding to investigatory requests for patron
and user personally identifiable information from
governmental agencies
65What can we do? (2)
- Be aware of privacy policies
- FBI http//www.fbi.gov/privacy.htm
- Google http//www.google.com/intl/en/privacypolic
y.html - Anti-spyware software
- Scrub your data
66Questions ?
67Mahalo
68USA PATRIOT Act Libraries (1)
- June 8, 2004 FBI demands list from Deming
branch of Whatcom Country Library System of
everyone who had borrowed a biography of Osama
bin Laden since November 2001. - Library refused.
- 15 days later, FBI withdrew its request.
69USA PATRIOT Act Libraries (1)
- 2005 FBI presents National Security letter and
demands any and all subscriber information,
billing information, and access logs of any
person or entity associated with a specified IP
address during a specified period - Librarians fought gag order in court
- Librarians speak out
70Library Awareness Program
- Begun during Cold War
- Desire to restrict access to unclassified
scientific information by foreign nationals - Desire to recruit librarians to report on
foreigners - Agent told librarians to report name and reading
habits of anyone with a foreign sounding name or
foreign sounding accent - Librarians who criticized program were
investigated
Curt Gentry gives onset year as 1962 Gentry,
Curt. 1991. J. Edgar Hoover the man and the
secrets. New York Norton., pp. 759-760.
71Online searching in the library
72Do we have legal protections?
Privacy and the Law
73Do we have legal protections?
Privacy and the Law
74Types of privacy in law
Informational privacy
Decisional privacy
Control of access to information about a person
or group of persons
Freedom to make personal decisions without
interference from government
Privacy Act of 1974
Roe v. Wade 1973
Gormley, Ken. 1992. One hundred years of
privacy. Wisconsin law review Sept/Oct
19921335-1441.
75American Constitution
- Heavily influenced by natural rights philosophy
(John Locke) - After extensive argument decided to include a
Bill of Rights
76Bill of Rights debate Mason, Jefferson, et al.
When assigning powers to the government must also
limit those powers
General warrants and writs of assistance
77Objections to Bill of Rights
Bill of Rights is stipulation a king gives to his
subjects, granting a few exceptions to rights of
the monarch
Bill of Rights dangerousimplies government has
powers not
Could later be misconstrued as all-inclusive not
granted
(Alexander Hamilton, Federalist paper no. 84,
etc.)
78The compromise
Amendment IX The enumeration in the Constitution
of certain rights shall not be construed to deny
or disparage others retained by the people.
79Fourth Amendment
The right of the people to be secure in their
persons, houses, papers, and effects, against
unreasonable searches and seizures, shall not be
violated, and no Warrants shall issue, but upon
probable cause, supported by Oath or affirmation,
and particularly describing the place to be
searched, and the persons or things to be seized.
80Privacy an old concern
Halakhah (Jewish law) Proscriptions on
Physical intrusion Visual surveillance Aura
l surveillance Talmud Walls between houses to
be a certain height Creditor may not enter
persons house Ancient Roman law (Justinians
Pandects) Prohibition against going into a home
and dragging out the person Hippocratic oath No
disclosure of what in practice seen or heard that
ought never be published abroad
81General warrants (1)
- No specific individual
- No specific crime
- No specific place to be searched
- No specific items to be sought
- Illegal according to Sir Edward Cokes Institutes
of the Lawes of England (first published 1642 and
1644) - Illegality confirmed by Sir Matthew Hale
- Illegality confirmed by Sir William Blackstone
82General warrants (2)
- Suspicion of crime related to government revenue
- Used against anyone who dared to challenge or
limit the authority of Parliament or the crown
- John Wilkes (member of Parliament)
- Anonymously wrote critical essay published in
North Briton - General warrant leads to massive arrests, Wilkes
? Tower of London
83Writs of assistance
- Any customs official could enter any House,
shop, Cellar, Warehouse or Room or other
Place... - Seize unaccustomed goods
- Lasted for the life of the sovereign under which
it was issued plus six months
- According to John Adams, major factor in seeking
American Independence
84Fifth Amendment
No person shall be held to answer for a capital,
or otherwise infamous crime, unless on a
presentment or indictment of a Grand Jury... nor
shall any person be subject for the same offence
to be twice put in jeopardy of life or limb nor
shall be compelled in any criminal case to be a
witness against himself, nor be deprived of life,
liberty, or property, without due process of
law...
85First Amendment
Congress shall make no law respecting an
establishment of religion, or prohibiting the
free exercise thereof or abridging the freedom
of speech, or of the press or the right of the
people peaceably to assemble, and to petition the
Government for a redress of grievances.
Freedom of 1st Amendment gives right to associate
without surveillance (Lieber 1859)
86Ex parte Jackson
The constitutional guaranty of the right of the
people to be secure in their papers against
unreasonable searches and seizures extends to
their papers, thus closed against inspection,
wherever they may be. Whilst in the mail, they
can only be opened and examined under like
warrant, issued upon similar oath or affirmation,
particularly describing the thing to be
seized... Justice Field 96 U.S. 727, 732
87Penumbras of the Amendments
1965 Griswold v. Connecticut 381 U.S. 479
"Zone of privacy" created by 1st, 3rd, 4th, 5th,
and 9th amendments
88Re-thinking constitutional privacy
1964- U.S. Senate Long Subcommittee
Hearings on surveillance activities by federal
agencies first looked at IRS
89No warrantless wiretapping in criminal cases
1967 Katz v. United States 389 U.S. 347
90Congress Acts
1968 The Omnibus Crime Control and Safe Streets
Act of 1968 (Federal Wiretapping Act), 18 USC
Section 2510 et seq.
Wiretapping illegal but when crime has been or is
being committed law enforcement can, with a
warrant, engage in wiretapping for limited
periods. Provides judicial oversight for law
enforcement wiretapping.
91National security wiretapping
1972 U.S. v. U.S. District Court for the Eastern
District of Michigan Keith
the customary Fourth Amendment requirement of
judicial approval before initiation of a search
applies in domestic security cases
92FISA
1978 Foreign Intelligence Surveillance Act
U.S. Code 50 USC Sections 1801-1863
93Electronic mail
1993 ECPA Electronic Communications Privacy Act
Addressed the need to protect e-mail.
94Post-9/11
Viet Dinh Asst. Attorney General
H.R. 2975 10/12/2001
S. 1510 10/11/2001
H.R. 3004 Financial Anti-Terrorism Act
USA PATRIOT Act H.R. 3162 Public Law No.
107-56 Signed Oct. 26, 2001 by Pres. George W.
Bush
95The USA PATRIOT Act
H.R. 3162
The Acronym
Uniting and Strengthening America by Providing
Appropriate Tools Required to Intercept and
Obstruct Terrorism
96The USA PATRIOT Act
H.R. 3162
The Purpose
To deter and punish terrorist acts in the United
States and around the world, to enhance law
enforcement investigatory tools, and for other
purposes.
97The USA PATRIOT Act
The Language
SEC. 218. FOREIGN INTELLIGENCE INFORMATION. Sectio
ns 104(a)(7)(B) and section 303(a)(7)(B) (50
U.S.C. 1804(a)(7)(B) and 1823(a)(7)(B)) of the
Foreign Intelligence Surveillance Act of 1978 are
each amended by striking the purpose' and
inserting a significant purpose'.
98The U.S. Code
Sections 104(a)(7)(B) and section 303(a)(7)(B)
(50 U.S.C. 1804(a)(7)(B) and 1823(a)(7)(B)) of
the Foreign Intelligence Surveillance Act of 1978
are each amended by striking the purpose' and
inserting a significant purpose'.
TITLE 50 gt CHAPTER 36 gt SUBCHAPTER I gt 1804.
Applications for court orders
(7) a certification (B) that the purpose of
the surveillance is to obtain foreign
intelligence information
(7) a certification (B) that a significant
purpose of the surveillance is to obtain foreign
intelligence information
99Federal Wiretapping Act
1968 The Omnibus Crime Control and Safe Streets
Act of 1968 (Federal Wiretapping Act)
U.S. Code 18 USC Section 2510 et seq.
Federal Rules of Criminal Procedure Rule 41
Search and Seizure
100FISA
1978 Foreign Intelligence Surveillance Act
U.S. Code 50 USC Sections 1801-1863
101Investigative powers in US Code
1968 Federal Wiretapping Act
1978 Foreign Intelligence Surveillance Act
102The USA PATRIOT Act
The Complaints Records vulnerable
Section 215Amending FISA 501(a) The Director of
the FBI or a designee of the Director ... may
make an application for an order requiring the
production of any tangible things (including
books, records, papers, documents, and other
items) for an investigation to protect against
international terrorism or clandestine
intelligence activities, provided that such
investigation of a United States person is not
conducted solely upon the basis of activities
protected by the first amendment to the
Constitution.
103The USA PATRIOT Act
The ComplaintsFreedom of Speech
Section 215Amending FISA 501(d) No person shall
disclose to any other person (other than those
persons necessary to produce the tangible things
under this section) that the Federal Bureau of
Investigation has sought or obtained tangible
things under this section.
104Banks and Bowman theoretical model
Associate General Counsel for FBI
Crisis
National security
Privacy
Rights of the individual
Survival of the group
Banks, William C., and M.E. Bowman. 2000.
Executive authority for national security
surveillance. American University law review
50(1).
105Identifying the Problem the Communication
interception timeline
Conviction upheld
1942 Goldstein
1942 Goldman
1928 Olmstead
1952 On Lee
W
D
W
R
1937/1938 Nardone
W
1967 Katz
1961 Silverman
S
E
Wiretapping evidence disallowed
106Communication interception timeline
Conviction upheld
1942 Goldstein
1942 Goldman
1928 Olmstead
1952 On Lee
D
R
W
W
1937/1938 Nardone
W
1967 Katz
1961 Silverman
S
E
Wiretapping evidence disallowed
1934 Radio Comm. Act
107Federal Communications Act
1934
Section 605
No person not being authorized by the sender
shall intercept any radio communication and
divulge or publish the existence, contents,
substance, purport, effect, or meaning of such
intercepted communication to any person.
108Nardone
the plain words of 605 forbid anyone, unless
authorized by the sender, to intercept a
telephone message, and direct in equally clear
language that no person shall divulge or
publish the message or its substance to any
person. To recite the contents of the message
in testimony before a court is to divulge the
message. The conclusion that the act forbids
such testimony seems to us unshaken by the
governments arguments. Justice Roberts
109Communication interception timeline
Conviction upheld
1942 Goldstein
1942 Goldman
1928 Olmstead
1952 On Lee
D
R
W
W
1937/1938 Nardone
W
1967 Katz
1961 Silverman
S
E
Wiretapping evidence disallowed
1934 Radio Comm. Act
110Olmstead v. United States (1928)
The evidence in the records discloses a
conspiracy of amazing magnitude . It involved
the employment of not less than fifty persons, of
two seagoing vessels for the transportation of
liquor to British Columbia, of smaller vessels
for coastwise transportation to the State of
Washington. In a bad month sales amounted to
176,000 the aggregate for a year must have
exceeded two millions of dollars. Mr. Chief
Justice Taft
111Magna Carta 1215 cap. 39
- Nullus liber homo capiatur vel imprisonetur, aut
disseisiatur, aut utlagetur, aut exuletur, aut
aliquo modo destruatur, nec super eum ibimus, nec
super eum mittemus, nisi per legale judicium
parium suorum vel per legem terrae.
Magna Carta
112Magna Carta 1215 cap. 39
- No free man shall be seized or imprisoned, or
stripped of his rights or possessions, or
outlawed or exiled, or deprived of his standing
in any other way, nor will we proceed with force
against him, or send others to do so, except by
the lawful judgment of his equals or by the law
of the land.
Magna Carta
113Reinterpreting the Magna Carta
Magna Carta 1215
25 Edward III, c. 4 1351/1352
None . . .
28 Edward III 1354
No man of what estate or condicion that he be
114Reinterpreting the Magna Carta
Sir Edward Coke 1642
- for Justices of Peace to make warrants upon
surmises, for breaking the houses of any subjects
to search for felons, or stoln sic goods, is
against Magna Carta.
Coke, Edward. 1642. The fourth part of the
institutes of the laws of England. London M.
Flesher.
115Reinterpreting the Magna Carta
William Pitt 1763
The poorest man may, in his cottage, bid
defiance to all the forces of the Crown. It may
be frail its roof may shake the wind may blow
through it the storm may enter the rain may
enter but the King of England may not enter all
his force dares not cross the threshold of the
ruined tenement.
116ECPA
2511. Interception and disclosure of wire,
oral, or electronic communications prohibited
2701. Unlawful access to stored communications
117ECPA
2701. Unlawful access to stored
communications (a) Offense. Except as provided
in subsection (c) of this section whoever (1)
intentionally accesses without authorization a
facility through which an electronic
communication service is provided or (2)
intentionally exceeds an authorization to access
that facility and thereby obtains, alters, or
prevents authorized access to a wire or
electronic communication while it is in
electronic storage in such system shall be
punished as provided in subsection (b) of this
section.
118ECPA
(c) Exceptions. Subsection (a) of this section
does not apply with respect to conduct
authorized (1) by the person or entity providing
a wire or electronic communications service (2)
by a user of that service with respect to a
communication of or intended for that user or
(3) in section 2703, 2704 or 2518 of this title.