Snowden Leaks Spill Over Into The Courts

image: hannaharendtcenter.org

Nearly three years after former NSA contractor Edward Snowden first leaked details about massive domestic spying, his revelations have prompted a broader discourse, especially among legal scholars, over the potentially invasive nature of big data cyber-surveillance tools.

Even as intelligence officials, the FBI and Congress worry about the rise of terrorists using encryption to communicate, legal experts are concerned that the enormous volume of data still being collected and stored by the National Security Agency and other intelligence agencies will pose legal concerns based on the Fourth Amendment of the US Constitution. The Fourth Amendment prohibits unreasonable searches and seizures without a judge's warrant supported by probable cause.

Since Snowden's first leaks in June 2013, hundreds of formerly covert programs have been revealed, all of which have contributed to an enormous storage trove of data. At least one ongoing lawsuit seeks to delete much of that data. Recently Snowden's revelations, was compiled by Margaret Hu, an assistant professor at Washington and Lee University School of Law.

Hu is also author of an academic article, Big Data Blacklisting that describes a process of finding individuals "guilty until proven innocent" based on suspicious digital data and database screening results.

"This is absolutely a critical time to really examine these programs before they are normalized and integrated into the system of governance and the way we live our lives," Hu said last week in a Madison Vision Series lecture at James Madison University in Harrisonburg, Va. Madison is widely hailed as the father of the US Constitution.

Decisions expected by the US Supreme Court in the next two years could expand the rights protected under the Fourth Amendment, she said.

"The Supreme Court could say we're going to reach farther and read more protections in order to safeguard the Fourth Amendment. Or, the second choice is [for the Supreme Court] to say to government to make technology smaller," Hu said. "The democratic experiment will fail unless we find a way to make the Constitution bigger or technology smaller."

Hu has joined a growing number of legal scholars concerned with the rise of what they term the "National Surveillance State." In 2008, well before Snowden's revelations, Yale University law professor Jack Balkin outlined that concern in an academic paper, The Constitution in the National Surveillance State. Back in 2006, University of Texas law professor Sanford Levinson had joined Balkin to write, The Process of Constitutional Change: From Partisan Entrenchment to the National Surveillance State.

Hu titled her JMU lecture The Rise of the Cyber-surveillance State. Using the term "cyber-surveillance," she said, emphasizes the use of big data and its connections to the Internet and data mining in surveillance.

"Under this theory, nothing the government is doing is necessarily oppressive," Hu asserted. But she also described how US passports embedded with RFID chips and driver's licenses with digital photos that can be recognizable in a police department database transform the way that government surveillance functions.

Essentially, she said, the government is now targeting suspicious data and not suspicious people. "As we create a more digital footprint, there's a way to look for the hologram of a person, but not the actual person," she said.

As an example, she said, in the vast majority of drone strikes, the attacks are not on individuals, but on the phones that are used — tracked by surveillance of the phone's metadata after multiple times of use.

A potential problem with a digital footprint can arise when a name appears on the increasingly expanding no-fly list, Hu said. "Many on the no-fly list have very limited due process and some are told they will never be able to be removed," she said. "Even if they might be allowed to fly, they won't be told the evidence that led to the nomination of being on there."

In her recent blacklisting article, Hu noted that before people are allowed to fly, work, drive or vote, they might be subjected to mass data collection and automated database screening by intelligence officials.

"Are we using more identity management to infer risk?" Hu asked the JMU audience. "Are we creating more pre-crime systems to keep us safe? Right now, when cases are litigated in court, those unable to exercise their rights are basically told they are collateral damage to keep us safe in this war on terror. What is the reliability of this and the efficacy of this? Going back to Snowden: Do these systems work and are they constitutional?"
Computerworld: http://bit.ly/1RwcnzP

« The White House Has A $19 Billion Cybersecurity Plan
We Need Social Media With A Heart »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

CyberSource

CyberSource

CyberSource provides online payment and fraud management services for medium and large-sized merchants.

Compass Security

Compass Security

Compass Security is a specialist IT Security consultancy firm based in Switzerland. Services include pentesting, security assessments, digital forensics and security training.

Science Applications International Corporation (SAIC)

Science Applications International Corporation (SAIC)

SAIC is a premier technology integrator in the technical, engineering, intelligence, and enterprise information technology markets. Services and solutions include Cybersecurity.

STM

STM

STM provides system engineering, technical support, project management, technology transfer and logistics support services for the Turkish Armed Forces.

OcuCloud

OcuCloud

OcuCloud protects businesses' valuable information in the cloud, preventing security breaches caused by employees and remote vendors.

Salt Cybersecurity

Salt Cybersecurity

Salt Cybersecurity offer a four-pronged approach to information security that includes Custom Security Policy, Vulnerability Assessment, Threat Detection, and Security Awareness Training.

Transmit Security

Transmit Security

The Transmit Security Platform provides a solution for managing identity across applications while maintaining security and usability.

CybrHawk

CybrHawk

CybrHawk is a leading provider of information security-driven risk intelligence solutions focused solely on protecting clients from cyber-attacks.

Varen Technologies

Varen Technologies

Varen Technologies is an innovative consulting partner with highly respected cyber security, analytics, Agile Software Development and IT/maintenance expertise.

SOOS

SOOS

SOOS is the easy-to-integrate software security solution for your whole team. Build, catch, and fix vulnerabilities with SOOS Software Composition Analysis.

Aceiss

Aceiss

Aceiss empowers access security, providing unprecedented visibility and insights into user access.

Brightside AI

Brightside AI

Brightside AI is a Swiss cybersecurity SaaS that helps teams combat AI-enabled phishing threats. Protect your team today.

CERT.ar

CERT.ar

CERT.ar is the national Computer Emergency Response Team for the technical-administrative management of computer security incidents in the National Public Sector of Argentina.

Razilio

Razilio

Razilio is a boutique cybersecurity consultancy located in Sydney, Australia and serving the world.

RunReveal

RunReveal

RunReveal's mission is to make sure no breach goes undetected. That means having a product that is accessible and effective for companies of all sizes.

Graphiant

Graphiant

Graphiant’s Data Assurance service gives businesses end-to-end control and visibility into how data travels throughout the entire business network.