Snowden Leaks Spill Over Into The Courts

Uploaded on 2016-02-12 in NEWS-Cybersecurity News, INTELLIGENCE--International, FREE TO VIEW, BUSINESS-Services-Law

image: hannaharendtcenter.org

Nearly three years after former NSA contractor Edward Snowden first leaked details about massive domestic spying, his revelations have prompted a broader discourse, especially among legal scholars, over the potentially invasive nature of big data cyber-surveillance tools.

Even as intelligence officials, the FBI and Congress worry about the rise of terrorists using encryption to communicate, legal experts are concerned that the enormous volume of data still being collected and stored by the National Security Agency and other intelligence agencies will pose legal concerns based on the Fourth Amendment of the US Constitution. The Fourth Amendment prohibits unreasonable searches and seizures without a judge's warrant supported by probable cause.

Since Snowden's first leaks in June 2013, hundreds of formerly covert programs have been revealed, all of which have contributed to an enormous storage trove of data. At least one ongoing lawsuit seeks to delete much of that data. Recently Snowden's revelations, was compiled by Margaret Hu, an assistant professor at Washington and Lee University School of Law.

Hu is also author of an academic article, Big Data Blacklisting that describes a process of finding individuals "guilty until proven innocent" based on suspicious digital data and database screening results.

"This is absolutely a critical time to really examine these programs before they are normalized and integrated into the system of governance and the way we live our lives," Hu said last week in a Madison Vision Series lecture at James Madison University in Harrisonburg, Va. Madison is widely hailed as the father of the US Constitution.

Decisions expected by the US Supreme Court in the next two years could expand the rights protected under the Fourth Amendment, she said.

"The Supreme Court could say we're going to reach farther and read more protections in order to safeguard the Fourth Amendment. Or, the second choice is [for the Supreme Court] to say to government to make technology smaller," Hu said. "The democratic experiment will fail unless we find a way to make the Constitution bigger or technology smaller."

Hu has joined a growing number of legal scholars concerned with the rise of what they term the "National Surveillance State." In 2008, well before Snowden's revelations, Yale University law professor Jack Balkin outlined that concern in an academic paper, The Constitution in the National Surveillance State. Back in 2006, University of Texas law professor Sanford Levinson had joined Balkin to write, The Process of Constitutional Change: From Partisan Entrenchment to the National Surveillance State.

Hu titled her JMU lecture The Rise of the Cyber-surveillance State. Using the term "cyber-surveillance," she said, emphasizes the use of big data and its connections to the Internet and data mining in surveillance.

"Under this theory, nothing the government is doing is necessarily oppressive," Hu asserted. But she also described how US passports embedded with RFID chips and driver's licenses with digital photos that can be recognizable in a police department database transform the way that government surveillance functions.

Essentially, she said, the government is now targeting suspicious data and not suspicious people. "As we create a more digital footprint, there's a way to look for the hologram of a person, but not the actual person," she said.

As an example, she said, in the vast majority of drone strikes, the attacks are not on individuals, but on the phones that are used — tracked by surveillance of the phone's metadata after multiple times of use.

A potential problem with a digital footprint can arise when a name appears on the increasingly expanding no-fly list, Hu said. "Many on the no-fly list have very limited due process and some are told they will never be able to be removed," she said. "Even if they might be allowed to fly, they won't be told the evidence that led to the nomination of being on there."

In her recent blacklisting article, Hu noted that before people are allowed to fly, work, drive or vote, they might be subjected to mass data collection and automated database screening by intelligence officials.

"Are we using more identity management to infer risk?" Hu asked the JMU audience. "Are we creating more pre-crime systems to keep us safe? Right now, when cases are litigated in court, those unable to exercise their rights are basically told they are collateral damage to keep us safe in this war on terror. What is the reliability of this and the efficacy of this? Going back to Snowden: Do these systems work and are they constitutional?"
Computerworld: http://bit.ly/1RwcnzP

« The White House Has A $19 Billion Cybersecurity Plan
We Need Social Media With A Heart »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Cyberis

Cyberis

Cyberis are pioneers in customer-focussed information security. Since 2011, we’ve been helping businesses protect their brands, customers and reputation.

Secure Identity Alliance (SIA)

Secure Identity Alliance (SIA)

The Secure Identity Alliance is dedicated to supporting sustainable worldwide economic growth and prosperity through the development of trusted digital identities and the adoption of secure eServices.

CNCERT/CC

CNCERT/CC

CNCERT is the national Computer Network Emergency Response Technical Team / Coordination Center of China.

Truth Technologies Inc (TTI)

Truth Technologies Inc (TTI)

TTI is a premier provider of worldwide anti-money laundering, anti-fraud, customer identification, and compliance products and services.

Heimdal Security

Heimdal Security

Heimdal Security provides proactive protection against cyber threats including ransomware, exploit kits and financial malware.

Cryptovision

Cryptovision

cv cryptovision GmbH is one of the leading specialists for modern, user-friendly cryptography and solutions for secure electronic identities.

Fraud.com

Fraud.com

Fraud.com ensures trust at every step of the customer's digital journey; this complete end-to-end protection delivers unified identity, authentication and fraud detection and prevention.

Slovak National Accreditation Service (SNAS)

Slovak National Accreditation Service (SNAS)

SNAS is the national accreditation body for Slovakia. The directory of members provides details of organisations offering certification services for ISO 27001.

eLearnSecurity

eLearnSecurity

eLearnSecurity is an innovator in the IT Security training market providing quality online courses paired with highly practical virtual labs.

Kiuwan

Kiuwan

Kiuwan provide software security solutions with SAST and SCA source-code analysis that fit into your DevOps process.

ADGS

ADGS

ADGS is a deeptech company focused in the fields of Agent-Based simulations (Emergent Behavior), Cybersecurity and Biometrics, Social Dynamics, Natural Language Processing and Artificial Intelligence.

Gorilla Technology Group

Gorilla Technology Group

Gorilla specializes in video analytics, OT network security and big data to support a wide range of solutions for commercial, industrial, cities and government purposes.

Eviden

Eviden

Eviden is an Atos business that brings together its digital, big data and security business lines. It will be a global leader in data-driven, trusted and sustainable digital transformation.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Sprocket Security

Sprocket Security

Sprocket Security protects your business by monitoring the cybersecurity landscape and performing continuous penetration testing services.

Longbow Security

Longbow Security

Longbow automates root cause for your application and cloud risks, enabling teams with intelligent remediation actions that reduce the most risk with the least effort.