Electronic privacy

  • December 14, 2012

    by Joseph Jerome

    Whenever an American citizen interacts with her government, the government’s first concern is increasingly ascertaining whether that individual is a terrorist. The Wall Street Journal’s Julia Angwin reports that top intelligence and law enforcement officials met in March to establish new rules permitting the National Counterterrorism Center (NCTC) “to create a government dragnet, sweeping up millions of records about U.S. citizens -- even people suspected of no crime.”  Flight records, the names of Americans hosting foreign-exchange students, and even casino-employee lists can be stored for up to five years, analyzed for suspicious behavior, and shared with foreign governments all in the name of fighting terrorism.

    According to Angwin, the impetus of the program came in the wake of Umar Farouk Abdulmutallab’s failed Christmas Day 2009 bombing. After President Obama directed government agencies to send NCTC any and all leads on terrorist threats, the Department of Homeland Security provided NCTC with a vast database of information on the condition that any data of innocent U.S. persons be purged within 30 days. The tiny, unknown NCTC was unable to process the number of leads it received, so its solution was to seek unlimited access to any government information with no time limits imposed on the data’s analysis and study. 

    “All of this happened in secret,” the ACLU’s Chris Calabrese bemoans. “No public debate or comment and suddenly, every citizen can be put under the terrorism microscope.”

  • November 27, 2012
    Guest Post

    By Sharon Bradford Franklin, Senior Counsel, The Constitution Project

    As the Department of Homeland Security has evolved over the past ten years, one of its central functions has become to “safeguard and secure cyberspace.”  DHS is the lead agency overseeing cybersecurity for the federal government’s civilian operations.  This role fits well with DHS’s overall homeland security responsibilities, and from a civil liberties perspective, DHS is the federal agency best suited to this job.

    Unless they incorporate adequate civil liberties safeguards, cybersecurity programs that permit the government to collect private communications from computer networks create risks that Americans will be subject to the equivalent of a perpetual warrantless wiretap of their private communications and web browsing.  DHS has demonstrated that it takes these risks seriously, and has involved its Privacy Office in developing and operating cybersecurity programs.

  • September 10, 2012

    by Joseph Jerome

    Recently in The New York Times, Adam Liptak cautioned that the legislative paralysis brought on by congressional polarization has made the Supreme Court increasingly more powerful, but a dysfunctional legislature can also increase the power of the presidency. Issue after issue, important separation of powers principles are being distorted as the other branches assert their power. In the courts, this produces policy without accountability. When the president acts without Congress, it creates a democracy governed by executive decree.

    In our system of checks and balances, power grabs, particularly by the executive, are not surprising. “[A]ll the time, presidents are pushing out on the boundaries of their power and claiming new authority,” Professor William Howell explains, but the president’s ability to secure that authority is dependent upon how the other branches respond. If Congress’ failure to address calls for cybersecurity legislation is any indication, Congress’ response these days is simply to pass the buck over and over again.

    Before leaving for its recent recess, congressional dysfunction was on a full display when the Senate failed to overcome a filibuster of the Cybersecurity Act of 2012. The Senate’s treatment of the issue devolved into a circus, with longtime allies Sens. Joe Lieberman (I-Conn.) and John McCain (R-Ariz.) arguing over each other’s national security bona fides. The legislative breakdown followed a familiar pattern:  after Senate Majority Leader Harry Reid refused to permit additional amendments to the bill, the threat of a Republican filibuster ended any further discussion, and the Senate closed for business.

    Sen. Mitch McConnell (R-Ky.) insisted that Republicans did not really wish to filibuster the bill, arguing instead that Republicans only sought to improve the proposed law through their set of amendments.  Yet he failed to mention that one of his own suggestions to “improve” cybersecurity legislation was to completely repeal the Affordable Care Act, leaving Reid to wonder what gutting health care reform had to do with cybersecurity.

  • February 22, 2012

    by Jeremy Leaming

    The White House appears to being moving closer to revealing a strategy for addressing rising concerns over privacy breaches in cyberspace.

    Politico reports that a White House event tomorrow is “likely to set the stage for the public unveiling of the administration’s highly anticipated white paper on online privacy, which has been more than a year in the making. The white paper is expected to call for a consumer privacy bill of rights from Congress, while charging the industry to police itself under the watch of federal regulators.”

    Some commentators suggest that the administration’s policy is likely influenced, in part, by the work of the Commerce Department’s Internet Policy Task Force, which issued a green paper after a year-long review “that included extensive consultations with commercial, civil society, governmental and academic stakeholders ….”

    The paper’s forward asserts that protections of consumers’ privacy “are crucial to maintaining the consumer trust that nurtures the Internet’s growth.”

    The potential release of the administration’s plans to address privacy concerns comes admist reporting by The Wall Street Journal that the Internet advertising giant, Google, had bypassed “the privacy settings of millions of people using” Apple’s Web browser, Safari, apparently allowing Google to track “the Web-browsing habits of people who intended for that kind of monitoring to be blocked.”

  • November 23, 2011

    by Jonathan Arogeti

    Envision OpenPlanet, a hypothetical program that could patch together every surveillance camera in the world and pair it with Facebook’s facial recognition software to create a perpetual video timeline database for each Facebook user. Would this violate the Fourth Amendment as an unreasonable search and seizure?

    This question, posed by George Washington University law professor Jeffrey Rosen, represents the crux of the issue explored at a recent forum at American University Washington College of Law titled, “Social Technology and the Threat to Privacy: How Facebook, GPS & Google Are Changing Our Lives.” Click here for video.

    Rosen links this question to the 2006 firing of Stacy Snyder, a Pennsylvania woman who was allegedly fired from her teacher training program after a MySpace picture showed her wearing a pirate hat and drinking from a plastic cup with the caption “Drunken Pirate.” Snyder sued in federal court that the picture was protected speech, but the judge disagreed because it “didn’t relate to matters of public concern.”

    Rosen points to law and technology as mechanisms for dealing with this “Stacy Snyder problem.” Europeans are experimenting with le droit a l’oubli, or the right to oblivion, as a mechanism to force online companies to protect the privacy of its customers. Technology, too, can secure customer privacy, and he points to a company that erases text messages after a specific period of time designated by the user.