[LINK] Schneier on Breaking up the NSA

[Rick Welykochy]

Gentle Linkers,

I cannot get the NSA out of my head. Neither can Bruce Schneier, author of the
excellent monthly CRYPTO-GRAM newsletter.

He has made some thought provoking points during the hyper surveillance debacle
as revealed by Snowden.

First up, he has called for an independent prosecutor to investigate the illegal (or
should I say allegedly illegal) activities of the NSA and other security agencies and
proceed with prosecutions where necessary.

In the March 2014 edition of CRYPTO-GRAM, he goes further. He has published
an opinion piece over at CNN here: http://tinyurl.com/kyrfpvl entitled "It's time to
break up the NSA." Brilliant idea. Although recall what happened when Bush
intervened to halt the court ordered break-up of the Microsoft behemoth. Was
that move even legal?

Here are his three points of breaking up the NSA, from the article:

    First, TAO and its targeted surveillance mission should be moved under the control
    of U.S. Cyber Command, and Cyber Command should be completely separated from
    the NSA ...  Second, all surveillance of Americans should be moved to the FBI ...
    And third, the remainder of the NSA needs to be rebalanced so COMSEC (communications
    security) has priority over SIGINT (signals intelligence). Instead of working to deliberately
    weaken security for everyone, the NSA should work to improve security for everyone.

The CBC in Canada was reporting this morning, furthering Schneier's observations,
about how the NSA's activities in weakening encryption, arranging backdoors in hardware
and software and an overall thwarting of security features in digi-tech are harming us
all.

Read more regarding the above here: https://www.schneier.com/essay-469.html

Putting it all together is this zinger, from the above essay:

NSA Director General Keith Alexander responded to these stories in June by
claiming<http://usnews.nbcnews.com/_news/2013/06/27/19175466-nsa-chief-says-surveillance-programs-helped-foil-54-plots> that he disrupted 54 terrorist plots. In October, he revised that number
downward to 13, and then to "one or two." At this point, the only "plot" prevented
was that of a San Diego man sending $8,500 to support a Somali militant group.

There is more food for thought in the latest CRYPTO-GRAM. Studies are
now out regarding what kind of personal information can be gathered from
the analysis of metadata, e.g.

This study of cellphone meta-data demonstrates the point nicely.
http://webpolicy.org/2014/03/12/metaphone-the-sensitivity-of-telephone-metadata/
http://arstechnica.com/tech-policy/2014/03/volunteers-in-metadata-study-called-gun-stores-strip-clubs-and-more/

There is an inherent contradiction in the US government's position on metadata
collection. If that data is so innocuous and unable to personally identify individuals,
then there should be no problem legally protecting metadata from snooping in the
same way that data itself is protected. That would go a long way to protecting metadata
from emerging developments in data analysis that could make it as valuable and transparent
to snoops and spooks as data currently is. Or is Obama simply lying when he says
they are "just collecting metadata?"

How do we deal with a surveillance agency that is out of control, that lies to
its keepers, that engages in illegal hacking activity and subverts the security
of the very society it is meant to protect? There are no simple answers. This is
an escalating surveillance arms race with security agencies from countries
around the world in eager participation. Addressing, controlling and reversing the
race  will have to be done extra-nationality with all countries involved participating.

It is time to consider international treaties that control this behaviour.

cheers
rickw



-- 
------------------------------------
Rick Welykochy || Vitendo Consulting

We are what we pretend to be, so we must be careful about what we pretend to be.
      -- Kurt Vonnegut