Every Friday, I present a topic or question for our merry band of thinkers, leaders, and pirates to discuss in an open thread. Here is this week’s conversation starter:
National Security Agency Director Gen. Paul Nakasone told lawmakers this week that foreign hackers are exploiting his agency’s “blind spot” – domestic Internet activity.
“Our adversaries understand that they can come into the United States and rapidly utilize an Internet service provider, come up and do their activities, and then take that down before a warrant can be issued, before we can actually have surveillance by a civilian authority here in the United States.”
Question: Should the NSA be allowed to operate on US civilian networks?
Yes, with reasonable cause for a specific purpose within a limited time (preferably with a warrant issued by a non-FISA court judge). For general surveillance, monitoring, and data collection, no.
Resoundingly yes. The real question is what are or should be the rule differences and structures between domestic and international surveillance? To the extent they are addressing cyber warfare/attacks the internet is fairly boundless. Making distinctions between these jurisdictions virtually impossible. I presume that Nakasone is referencing when intrusions are traced to a domestic origination vs transiting domestic servers or equipment. Clearly they have the ability to discover and impede electronically any attack regardless of the location of the originating source. So presumably he is seeking the ability to physically interdict espionage agents acting on US soil using cyber tools. Not sure how this is a blind spot. I think it would be appropriate to have a set up comparable to the Fisa-court where cyber documentation can be presented and addressed on an expedited basis.
Yes. While I dislike giving government more potential reach into my life, the speed, growth, and access of our civilian networks has overrun our legal system to control users and secure data Network providers, like the media, have proven incapable or unwilling to self-discipline.
No. Five years ago I would have leaned to yes, but until I see some FBI agents going to jail and doing serious time for abusing the FISA court process in 2016 and 2017, I can't buy it. The FISA court showed itself to be corrupt and manipulatable. To change this to yes, the punishment for abuse of citizen rights must be extremely severe to dissuade those who are willing to take a chance on criminal behavior in exchange for at worst a slap on the wrist and a big payday.
Who's to say that the NSA is not already doing that and doesn't want it known. With everyone listening to everything, my only questions is who is watching the watchers?
So, you are saying that anyone, friend or foe, can put up and take down an active internet communication before any entity (except the ISP) is aware of it.
On the face of it, this seems to be a function of a free an open society.
Of course, no Citizen wants their freedom to communicate abridged; yet there is ample evidence everywhere of just such abridgment: banks, credit cards, nearly all communications require passwords, medical records, governmental access, and on and on...mostly for the user’s protection.
So, how would we protect the USA from invasion without abridging our freedoms in an onerous way?
Not sure. I agree that the devil is in the fine print. The problem is still there, but the founding fathers thought that education was the answer to human nature problems; still, the flip side is information overload. An ongoing awareness of the problem is one aspect of getting to a solution, but this will take real commitment from companies|individuals doing business on the internet, like time, money, etc, & not just a view for short-term profits|benefits. One way the government could help may be to provide opt-in resources (again a double-edged sword, like built-in back doors, etc), but this is too easily politicized & then weaponized.
Most (3rd parties) internet protection companies will monitor internet traffic, but again, it is the age old problem of needing watchers to watch the watchers, etc, so diversity seems to also be a part of the answer ... may be even a mix of old & new technologies. This tendency to hand off the problem to someone else to deal with may be at the core of the issue — IF something is to remain FREE, then there has to be a "team effort" on all parts|shares to get to a solution, which is an ever growing challenge to individuals|small-businesses. The rise of guilds, unions, private clubs, etc, has demonstrated the need to restrict access to resources, and government also cannot solve all of our problems without becoming a police state, which takes out the FREEDOM in the equation.
The problem may always be with us. "People often start things without thinking through beforehand how or where they can stop them; once we commit ourselves to a questionable course, the problem of where to stop is constantly with us."
The NSA already monitors our internet traffic and phone calls illegally. Social media does as well but legally, when we agree to their rules of use that users never read.
It’s unfortunate that our intelligence agencies have been caught so many times violating rights and laws. I understand your comment, but why would we trust them? And now the military is calling out citizens by name. They need to be focusing on Russia and China.
I like you say No, until we read the fine print and the character of the US surveillers ie how to maintain the fine print and the cast of characters. Hard Place meet Rock.
A fair and real concern. One point to consider: China IS monitoring our internet traffic and stealing our data -- that's the problem we're trying to correct.
Yes, with reasonable cause for a specific purpose within a limited time (preferably with a warrant issued by a non-FISA court judge). For general surveillance, monitoring, and data collection, no.
Resoundingly yes. The real question is what are or should be the rule differences and structures between domestic and international surveillance? To the extent they are addressing cyber warfare/attacks the internet is fairly boundless. Making distinctions between these jurisdictions virtually impossible. I presume that Nakasone is referencing when intrusions are traced to a domestic origination vs transiting domestic servers or equipment. Clearly they have the ability to discover and impede electronically any attack regardless of the location of the originating source. So presumably he is seeking the ability to physically interdict espionage agents acting on US soil using cyber tools. Not sure how this is a blind spot. I think it would be appropriate to have a set up comparable to the Fisa-court where cyber documentation can be presented and addressed on an expedited basis.
Yes. While I dislike giving government more potential reach into my life, the speed, growth, and access of our civilian networks has overrun our legal system to control users and secure data Network providers, like the media, have proven incapable or unwilling to self-discipline.
No. Five years ago I would have leaned to yes, but until I see some FBI agents going to jail and doing serious time for abusing the FISA court process in 2016 and 2017, I can't buy it. The FISA court showed itself to be corrupt and manipulatable. To change this to yes, the punishment for abuse of citizen rights must be extremely severe to dissuade those who are willing to take a chance on criminal behavior in exchange for at worst a slap on the wrist and a big payday.
Who's to say that the NSA is not already doing that and doesn't want it known. With everyone listening to everything, my only questions is who is watching the watchers?
I don’t trust any of our “security” agencies to not violate an American’s rights.
So, you are saying that anyone, friend or foe, can put up and take down an active internet communication before any entity (except the ISP) is aware of it.
On the face of it, this seems to be a function of a free an open society.
Of course, no Citizen wants their freedom to communicate abridged; yet there is ample evidence everywhere of just such abridgment: banks, credit cards, nearly all communications require passwords, medical records, governmental access, and on and on...mostly for the user’s protection.
So, how would we protect the USA from invasion without abridging our freedoms in an onerous way?
Could ISP requests be supervised?
Not sure. I agree that the devil is in the fine print. The problem is still there, but the founding fathers thought that education was the answer to human nature problems; still, the flip side is information overload. An ongoing awareness of the problem is one aspect of getting to a solution, but this will take real commitment from companies|individuals doing business on the internet, like time, money, etc, & not just a view for short-term profits|benefits. One way the government could help may be to provide opt-in resources (again a double-edged sword, like built-in back doors, etc), but this is too easily politicized & then weaponized.
Most (3rd parties) internet protection companies will monitor internet traffic, but again, it is the age old problem of needing watchers to watch the watchers, etc, so diversity seems to also be a part of the answer ... may be even a mix of old & new technologies. This tendency to hand off the problem to someone else to deal with may be at the core of the issue — IF something is to remain FREE, then there has to be a "team effort" on all parts|shares to get to a solution, which is an ever growing challenge to individuals|small-businesses. The rise of guilds, unions, private clubs, etc, has demonstrated the need to restrict access to resources, and government also cannot solve all of our problems without becoming a police state, which takes out the FREEDOM in the equation.
The problem may always be with us. "People often start things without thinking through beforehand how or where they can stop them; once we commit ourselves to a questionable course, the problem of where to stop is constantly with us."
The NSA already monitors our internet traffic and phone calls illegally. Social media does as well but legally, when we agree to their rules of use that users never read.
No. No it does not.
Of course. But what footprint are you willing to give China, Russia, etc?
It’s unfortunate that our intelligence agencies have been caught so many times violating rights and laws. I understand your comment, but why would we trust them? And now the military is calling out citizens by name. They need to be focusing on Russia and China.
I like you say No, until we read the fine print and the character of the US surveillers ie how to maintain the fine print and the cast of characters. Hard Place meet Rock.
A fair and real concern. One point to consider: China IS monitoring our internet traffic and stealing our data -- that's the problem we're trying to correct.