Wednesday, September 10, 2008

 

Where the Internet meets the Constitution

[This column was never published -- until now. It was to be my regular VON Magazine back-pager. I submitted it on March 20, 2008, but VON Magazine and the Pulvermedia empire crumbled before it was published. I stumbled upon it just now while I was searching for something else . . . and it is as relevant today as it was six months ago, maybe even moreso, given articles like this one. -- David I]

Where the Internet meets the Constitution
by David S. Isenberg, March 20, 2008

The Internet is emerging as a platform for new kinds of democracy. And, simultaneously, the Internet is emerging as a platform for new kinds of spying and, potentially, repression.

We're all getting used to saying what's on our minds on line. We visit Web sites that inform and reinforce our interests. We blog our opinions daily. We post pictures on Flickr and videos on YouTube. We twitter. We AIM. We SMS. We talk.

Meanwhile, an optical splitter is sending a copy of everything we click on, blog, twit, post and say into Room 641A in AT&T's Folsom Street facility in San Francisco. Meanwhile, across the country, at a Verizon Wireless facility in northern Virginia, The Quantico Circuit sends Electronic Serial Numbers, dialed numbers, text messages, web pages and location information to a mysterious third party with "network VCR" that requires that the access controls appropriate for Verizon branch offices are disabled; by coincidence, Quantico is the locus of the U.S. headquarters of the FBI's electronic surveillance efforts.

These two facilities are the ones we know about, thanks to retired AT&T engineer Mark Klein and "certified ethical hacker" and security expert Babak Pasdar. Certainly there are other secret spying operations waiting for their whistle blowers.

Probing Middle Management

When I worked at AT&T, and before that when I was a consultant at telephone company GTE, every few months somebody from the CIA (or another government agency) would visit my Director. The visit would be preceded by whispering among my colleagues, would commence with the closing of my Director's door, and would end with my Director smiling and assuring us that these were Good Guys Who Were Doing Their Job (And I Can't Say Anything More).

In retrospect, I think the government was looking for friendlies inside the phone company, people who had the disposition, position and capability to do a job, "for the country," without involving the hierarchy. I'd bet that they found quite a few such "friendlies."

I had one experience that indicates the potential success of such a modus operandi. I once got a call from a staff member of a U.S. Senator who somehow knew that I -- a lowly Member of Technical Staff -- was working on a project that included a facility in his state. The Senator needed a favor from AT&T. He asked me if I would help. I told my boss; a call from a Senator is a big thing. I don't know who my boss talked to, but the Senator got his favor.

In this case, there wasn't anything that smacked of corruption or illegality; all I'm saying is that things happened a lot faster than they would have if they'd gone through normal channels. I was a bit too skeptical to be classified as a "friendly." Then again, this was an isolated incident, not a systematic program.

The Scary Scenario

It's not too hard to imagine that a government agency with responsibility for electronic surveillance, even when the forms of surveillance are carefully circumscribed, would keep psychological profiles of Director level telco employees that identified their technical capabilities and psychological proclivities so they'd know who to tap when there's an important job to do.

The proclivity to question authority is likely apportioned on a distribution with tails, so it's a reasonable guess that some people will be inclined to do what a Three Letter Agency asks, no matter how bizarre. And we know from the Stanford Prison Experiment, that those who wear a mantle of authority can suspend the norms of conscientious behavior completely.

So far, none of the telco spying -- known or unknown -- has had a noticeable on the freedom of ordinary U.S. citizens. But that's like the guy who jumped off the Empire State Building, who, as he fell past the 68th floor, yelled to the guy in the window, "So far, so good." By this logic, it's just a matter of time before somebody runs the script that identifies the names and addresses of the complainers and objectors.

Technorati Tags: , ,


Comments:
David,
Greetings! I trust you are enjoying your Dutch visit.

As a fellow former middle management employee of AT&T (formerly SBC, Pacific Bell and PT&T, recently "early retired" after 28 years of employment), I am delighted to have happened upon your blog.

In light of your article, I thought it might interest you, that I believe the real purpose of the changes announced in the notice recently distributed to AT&T's customers (replacing the existing tariffs with a customer contract that includes very minimal customer privacy protections), is to eliminate the requirement of a judicial warrant prior to releasing data from storage facilities like Room 641A, and handing them over to any government official or authority who requests it.

I'm certain you are aware of what can (and will) happen after October 1, 2008, when the AT&T Customer Contract becomes effective, and the only privacy protection an AT&T customer will have after that date will be those that are within any self-encrypted communications.

I'm a little surprised there hasn't been much media rankle about this, nor has there been much activity by companies providing private encryption for customers.

FYI: I understand that the building located on Folsom in San Francisco has been vacated by AT&T, and it is currently being prepared for reuse (perhaps residential or live/work lofts).

Regards,
BeforeM
 
Post a Comment

This page is powered by Blogger. Isn't yours?