DOCUMENT - 2013 Summer - (Page 14)

COlUMN THE NSA AND THE ITcH THAT WoN’T Go AWAy by Arthur Gingrande he Snowden brouhaha about the National Security Agency’s (NSA) PRISM project brought me back to 1991, when faxes, because they could not be directly understood by humans, were the primary mode of communication for enemies of the state. My company, Nestor, was responding to an NSA proposal that involved intercepting and sniffing out the content of faxes using recognition technology. Our software analyzed legions of intercepted fax images daily and converted them into computer-usable data, which were mined for suspicious content. Developers were unconcerned about preserving the privacy of subjects because they assumed the NSA knew how to choose targets that only involved bad guys—and besides, the eavesdroppers were machines, not people. In October 1997, the Federal Bureau of Investigation (FBI) launched Operation Carnivore, using software that could read all emails created daily. They claimed that although Carnivore, unlike commercial “sniffers” and other network diagnostic tools used by Internet service providers (ISP) every day, gave the FBI a unique ability to discern communications eligible for lawful interception from those which were not. In 2005, however, after a judicial challenge by the Electronic Frontier Foundation, Carnivore was replaced by NarusInsight, a program developed by Boeing-owned Narus, Inc. Former Deputy NSA Director, William Crowell, sits on the Narus board. According to Wikipedia, NarusInsight is the industry’s only network traffic intelligence system that supports real-time precision targeting, capturing and reconstruction of webmail traffic. However, since most webmail traffic can be HTTPS encrypted, the content of messages can only be monitored with the consent of ISPs. Later, Nestor developed a neural network program that could monitor and data mine millions of credit card transactions daily to accurately detect fraud from identity theft. The analysis was conducted anonymously, by machine, so no one’s privacy was invaded, and anyway, consumers welcomed the results. Similar neural network-driven, intelligent 14 summer.2013 character recognition (ICR) technology is currently used to scan and route the US Mail. Consider the NSA can access any database it wants to: web-based and credit card purchases; GPS and “black-box” locations; satellite images; police videos, public surveillance and ATM data; medical/patient info; IRS, FINRA and banking transactions; liquor and cigarette sales; postal, DMV, court and state agency records, etc. Bear in mind that to accurately train neural networks, terabytes of data sets, comprising millions of data points derived from computer analyses of real content, must be collected and recorded. Potentially, this could translate into an equal volume of warrantless searches of all of the above sources. You may be able to prevent police from warrantlessly searching your cellphone by password-protecting it, but that password won’t help you one iota when the phone company and the NSA gang up to raid your phone data in cyberspace. Despite all the talk about the Foreign Intelligence Surveillance Act and other legal safeguards, do we really believe that the NSA, given its mission to safeguard America and armed with unlimited access to virtually any database it wants and God-knows-what-else, can rein itself in and accept congressional limitations that originate from public discourse? A secret agency instinctively reacts to legal limits not by obeying them but by getting more and more secretive about its transgressions. Asking or requiring an intelligence agency to stop an established data mining practice is like asking a flea-ridden dog to stop scratching where it itches the most. The animal may never get rid of the fleas, but it will never stop scratching, either. Likewise, passing a law against fleas cannot help. So, what of privacy? “You already have zero privacy,” said Scott McNealy, CEO of Sun Microsystems, in 1999. “Get over it!” O ARTHUR GINGRANDE is a partner of IMERGE Consulting. He is also a practicing attorney who specializes in electronic discovery, regulatory compliance and intellectual property law. Mr Gingrade can be reached at Full column:

Table of Contents for the Digital Edition of DOCUMENT - 2013 Summer

DOCUMENT - 2013 Summer
Table of Contents
What’s New
Social Conversation
Editor’s View
Why Is Information Capture So Hard? Could Be Your Consistency.
Two Years Later, QR Codes Are Still Going Strong
The NSA and the Itch That Won’t Go Away
Five Trends Reshaping Records Management As You Know It
More Is Better
Crawford Technologies
Paloma Print Products
ISIS Papyrus Software
Diversified Information Technologies
Snowbound Software

DOCUMENT - 2013 Summer