Aletho News

ΑΛΗΘΩΣ

How Europe’s Fight with Google Over Privacy Ignores Real Privacy

By Alfredo Lopez | This Can’t Be Happening | April 10, 2013

Last week the governments of France, Germany, Italy, the Netherlands, Spain, and the United Kingdom fired a warning shot at Google and it appears they’re reloading the gun with real ammunition.

This past December, about a year after the Internet behemoth announced a new privacy policy, a working group of representatives from these countries called the policy grossly abusive of people’s privacy and said Google had four months to bring itself into compliance with European law. Google dismissed the ultimatum: “Our privacy policy,” it said, “respects European law and allows us to create simpler, more effective services.” The European countries response was that they will take actions, based on their national laws and in coodination with each other, by the Fall.

These government/corporation tiffs are frequent and their rhetorical fire normally turns into quickly dissipated smoke. This one could be different. It comes at a time when the world’s powerful are trying to decide how much privacy we people will have and what the term privacy actually means, and this squabble’s outcome will affect that and, of course, our freedom. That alone makes it worth watching.

But there’s something deeper here that transcends this conflict. Privacy is, in fact, a core component of democracy and any infringement on complete privacy is an obscene attack on the possibility of having a free and democratic society. As important as the outcome of this show-down might be, the most important and frightening development is that it’s taking place at all.

The political shoot-out began a year ago when Google announced that it was unifying about 60 privacy policy agreements, covering its myriad services, into one big one. The company explained that lumping together these “agreements” (the things you’re asked to read before pressing the “I Accept” button on a website) was a matter of efficiency and transparency. There’s a logic to that: how many privacy policies have you read on the Internet? One would assume that if you don’t read one, you can hardly be expected to read 60.

That, however, is a corporate shell game. Google made this move not to make our reading easier but to make gathering information about us more efficient. Google is a marketing company and nothing makes a marketing company more powerful and valuable to advertisers than having pertinent information on hundreds of millions of people all over the world. Its privacy policy is fitted to that purpose. It says that, once you sign up and begin using these services as an identified user, you give up that right of refusal. So, because people don’t read that privacy policy, they don’t realize that it effectively eliminates their privacy.

For a very long time, Google has known who uses each of its services and how, but now it knows which combination of services you use and how they interact with each other in your daily life. It also knows cities or towns of residence (and, in many cases, addresses) of its registered users, the IP addresses of their computers, their names (and often the names of their family members and friends), what they do on the Internet every day, what they buy and consider buying and, for those using Gmail, who they write to and what they write. It can hone in a your specific physical location with Goodgle Maps and will store that info if you map it. In fact, all this info is stored on Google’s databases with members’ tacit approval and Google’s complete understanding of what all this means.

“If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place,” Google CEO Eric Schmidt said in 2009. “If you really need that kind of privacy, the reality is that search engines — including Google — do retain this information for some time and it’s important, for example, that we are all subject in the United States to the Patriot Act and it is possible that all that information could be made available to the authorities.”

The information Google holds rivals and in some cases surpasses the information most governments have on their own citizens. So when Google released this new policy which permits it to combine that information and use it for evaluation, marketing and advertising, these governments commissioned France’s CNIL to investigate.

That selection, in itself, is striking. The CNIL is an independent, government-supported authority that specializes in data privacy law enforcement. France has among the strongest data collection restrictions in the world and, while CNIL has often been criticized by advocates for being too sheepish in its advocacy, data protection “sheepishness” in France would be considered ferocity in many other countries.

Like a trained bulldog, CNIL investigated all the Google data policies for nine months and then presented its report. It was devastating, accusing Google of policies and mechanisms that effectively violate privacy laws in most European countries. Based on that report, 24 of the EU’s 27 data regulators wrote Google a letter last December proposing about a dozen changes: among them that Google shouldn’t collect information on users without their consent, combine information from different services without additional consent or use the data it collects for advertising.

The four months passed. “Google did not provide any precise and effective answers,” CNIL said last week. “In this context, the EU data protection authorities are committed to act and continue their investigations. Therefore, they propose to set up a working group, led by the CNIL, in order to coordinate their reaction, which should take place before summer.”

In the diplomatic jargon of international regulation, those are fighting words. “Coordinate their reaction” is something the European Union’s countries seldom do (witness their financial crisis) and they almost never make threats around technology. Action against Google in Europe could affect the company’s relationship with one of its largest markets and a critical marketing link in the world-wide chain that is the Internet. Google could be crippled. That’s what that statement threatens.

But let’s not kid ourselves. A capitalist government, like those in Europe, has a system to protect and, to do the protecting, its police agencies routinely use data collected on the Internet about its citizens. As Google’s Schmidt put it in 2010: “In a world of asynchronous threats it is too dangerous for there not to be some way to identify you. We need a [verified] name service for people. Governments will demand it.”

So the issue here isn’t really how to protect people’s privacy; it’s how to balance the various approaches to impinging on it. Google says it needs information about you to match its marketing to what you buy; governments say they need information about you to monitor and control what you do the rest of the time. They’re trying to work out how these two approaches to information gathering can co-exist and not conflict with each other.

If, for example, a particular policy draws too much public attention to this issue or provokes a large lawsuit or gets people asking why their government isn’t — or is — doing something, that’s a problem. The government will then find its own privacy policies in the spotlight. That’s only one way this balance can become unbalanced, but in any case balance is the issue being disputed. There is really no debate about whether or not you have a right to privacy on the Internet. As far as both sides are concerned, you don’t, and both sides are most pleased if you’re not paying much attention to that fact.

It’s persistently perplexing how little most people care about this issue. Even many of the most politically conscious will often just shrug and say “there’s nothing that can be done about it”. After decades of increasing surveillance (oiled by a government-encouraged paranoia about terrorism) we expect the powerful of our society to know everything about us and, apparently, most of us can live with that. Some of us appear to think we can’t live without it.

But that battering of our democratic consciousness has not only lowered our guard against violations of our privacy; it has actually fostered a distorted understanding of what privacy actually is. Or better put: it’s convinced many of us that a small part of the privacy debate is the entire debate.

For purposes of the Internet, privacy is your ability to communicate with other people excluding anyone you want from that conversation and your ability to say what you want to those people (and listen to what they have to say) excluding people you don’t want listening.

Sure, what you say to your family or which websites you visit or what you consider buying on the Internet should, in a sane society, be your business and taking a snapshot of all this is a horrible personal violation. But the more dangerous violation is that, in establishing the means to eavesdrop on your life and honing the ability to store and analyze that information, powerful forces are systematically limiting what the Internet can be about.

What humanity created as a tool of freedom and, in many cases, struggle has been taken over by corporations and governments wielding lawsuits, imprisonment and largely unnoticed anti-freedom laws to pervert its original intent.

“When the Internet began… it was seen largely as a non-commercial oasis,” free-speech advocate and writer Robert McChesney told Democracy Now in a recent interview. “It was a place where people could go and be equal and be empowered as citizens to take on concentrated economic and political power, to battle propaganda… And there was no surveillance. People could do what they wanted and not be tracked.

“What’s been taking place… is that on a number of different fronts, extraordinarily large, monopolistic corporations have emerged: AT&T, Verizon, Comcast, at the access level; Google, Facebook, Apple, Amazon, at the application and use level. And these firms have changed the nature of the Internet dramatically… (and) they work closely with the government and the national security state and the military. They really walk hand in hand collecting this information, monitoring people, in ways that by all democratic theory are inimical to a free society.”

“Privacy” isn’t primarily individual and privacy laws aren’t in place only to address individual activities. In fact, you can’t be individually private on the Internet because then you wouldn’t be using the Internet. The privacy laws are there to make sure people can function in our exercise of free speech, exchange of information and association. They are, and always have been, a way to protect us from government inquiry and inquisition. Those laws that say a cop can’t just walk into your house and search it without a warrant or question you and those with you or keep close tabs on everything you do and who you do it with — those are privacy laws. They protect our collaborative activity from
government repression.

That collaborative activity is what the Internet has deepened and broadened. It lets us communicate with people all over the world involved in activities emanating from issues and concerns similar to ours. It lets people who are fighting for their rights in a country where such activity can get you jailed or killed talk to people world-wide who can support them. It permits coordination of struggles going on in vastly different environments in far-away countries. It cuts through our media’s lies about other countries with solid truth we learn from people in those countries. It helps unify us and helps us support each other in a rapid, almost immediate, way.

It’s what humanity needs and it’s the reason why the Internet now reaches two billion people.

But if the privacy is taken away, if a government or a corporation can read your email or follow you around as you visit and use websites, your use of the Internet for its most important political purpose becomes stored information that can be used to oppose and repress you.

Privacy, viewed that way, is the litmus test of a free environment. In that context, Google is a monster and the governments that are challenging it on such restricted grounds aren’t much better.

Yes, the progressive response to the European initiative on Google privacy should be to encourage it but with an understanding of its pitfalls and a loud outcry about them. Even if Europe has its way, the outcome will still be an erosion of our privacy and a further empowerment of those who would, in some situations, repress our movements for change.

So right now, those of us who are truly concerned about the future of this society and the world, need to place Internet privacy among our most prominent issues.

April 11, 2013 Posted by | Civil Liberties, Full Spectrum Dominance | , , , , , , | Comments Off on How Europe’s Fight with Google Over Privacy Ignores Real Privacy

The Ugly Truth Behind Obama’s Cyber-War

By ALFREDO LOPEZ | CounterPunch | March 22, 2013

Last week, a top U.S. government intelligence official named James Clapper warned Congress that the threat of somebody using the Internet to attack the United States is “even more pressing than an attack by global terrorist networks”. At about the same time, Keith Alexander, the head of the National Security Agency, announced that the government is forming 13 teams to conduct an international “cyber offensive” to pre-empt or answer “Internet attacks” on this country.

This, as they say, means war.

Clapper issued his melodramatic assessment during an appearance before the Senate Intelligence Committee. As Director of National Intelligence, he testified jointly with the heads of the CIA and FBI as part of their annual “Threat To the Nation” assessment report.

While undoubtedly important, these “threat assessment” appearances are usually a substitute for sleeping pills. The panel of Intelligence honchos parades out a list of “threats” ranked by a combination of potential harm and probability of attack. Since they began giving this report (shortly after 9/11), “Islamic fundamentalist terrorist networks” have consistently ranked number one. Hence the sleep-provoking predictability of it all.

But Clapper’s ranking of “cyber terrorism” as the number one threat would wake up Rip Van Winkle.

“Attacks, which might involve cyber and financial weapons, can be deniable and unattributable,” he intoned. “Destruction can be invisible, latent and progressive.” After probably provoking a skipped heartbeat in a Senator or two, he added that he didn’t think any major attack of this type was imminent or even feasible at this point.

So why use such “end of the world” rhetoric to make an unfeasible threat number one?

The answer perhaps was to be found in the House of Representatives where, on that same day, Gen. Alexander was testifying before the Armed Services Committee about, you got it, “cyber-war”.

Besides being head of the NSA, Alexander directs the United States Cyber Command. I’m not joking. Since 2010, the United States military has had a “Cyber Command”, comprised of a large network of “teams” some of whose purpose is to plan and implement what he called “an offensive strategy”.

Up to now, the Obama Administration’s stated policy has been to prioritize protection and defense of its own Internet and data systems and, unsurprisingly, those of U.S. corporations. Now we realize that the President has been cooking another dish on the back burner. When these military leaders talk about “offensive strategy”, they mean war and in warfare, the rules change and warriors see democracy as a stumbling block at least and a potential threat at worst.

Is there a “cyber threat”? Sure, just like there’s a “personal security threat” at your front door. You live among other humans and a few of them sometimes rob people. The Internet is a neighborhood of two billion people in constant communication. To do what it was developed to do, it has to be an open, world-wide communications system and people can exploit that by harming your website or stealing your data if you don’t protect these things adequately. Developing protections is part of what technologists in every setting, including government services, do every day and they do it well, minimizing the incidence of an on-line hack.

That’s contemporary society. You lock the door to your house, turn on your car alarm on and protect your computer’s data. Most of the time it’s unnecessary but you do it for those rare occasions that it might be called for.

You do not, however, break into a thief’s home, kill him or her and wipe out everyone in the house. That’s what President Obama is proposing. No longer is this Administration interested in just “protection of data”; it now plans to pre-emptively attack data operations and Internet systems in other countries. The non-euphemistic term for this kind of “offensive strategy” is hacking and hacking takes two forms: data theft and disruption of service. In other words, the government plans to do what it throws people in jail for doing.

Clearly, this isn’t only about data theft or service disruption. It’s entwined with the political conflicts Washington has with other countries like China and Iran. The Internet is now another battlefield and this offensive strategy gives our government another weapon in its ceaseless war on the world.

While this weapon might sound benign, almost game-like, compared to other military adventures, it is actually a vicious and punishing strategy promising a festival of unavoidable collateral damage.

A “cyber offensive” can target just about anything in a country (like the computers running an Iranian power plant) and, depending on how the Internet systems are inter-connected, almost automatically cut service to people, schools, hospitals, security services and governments themselves. This is the digital version of nuclear warfare, horrific for its impact and its fundamental immorality.

When the announcements were made, the mainstream media flew into a frenzy of evaluation and analysis. Is this cyber threat real, commentators asked? Most of them found that, at this point, it isn’t. But that’s not the point and it isn’t the real threat.

The carefully planned and coordinated Clapper/Alexander testimony provides a pretext for the array of repressive Internet-governing laws, strategies and programs the Administration already has in place. Their purpose is a ratcheting control of the Internet by the government, a redefinition of our constitutional rights and the eviscerating of our, and the world’s, freedoms. Now, with this “cyber war” scenario, these measures can be more easily defended and made permanent.

We can group those laws and programs into three categories.

 ”Extreme Data Collection”

The Obama Administration is building a huge data center in Bluffdale, Utah whose role is to capture and store all data everyone in this country (and most of the world) transmits. You read that right.

“Flowing through its servers and routers and stored in near-bottomless databases will be all forms of communication,” wrote James Bamford in Wired Magazine, “including the complete contents of private emails, cell phone calls, and Google searches, as well as all sorts of personal data trails — parking receipts, travel itineraries, bookstore purchases, and other digital ‘pocket litter.’”

While having your entire on-line life tracked and stored in Utah is pretty creepy, the more pressing issue is how government officials plan to use this data and how they are collecting it. To mine its value, they need to order it to make searches, filtering and lists possible. You need a strategy and while Obama officials have been pretty open about what they’re building, they are closed-mouth about what they intend to do with it.

We know they are working hard on developing code-breaking technology which would allow them to read data which is super-encrypted, the last wall of privacy and protection we have. We also know that, to get this data, they have a remarkable system of surveillance that includes direct capture (capturing data from your on-line sessions), satellite surveillance and the tapping (through easily available data captures) of major information gatherers like Google and Yahoo. The fact that they plan to open this center in September, 2013 means that the intense surveillance and data gathering is in place. You are now never alone.

This is the kind of information on “the enemy” they need in a cyber-war but this information is about us and so the question pertains: who is the enemy here?

“Internet Usage Restriction”

If you’re conducting a war, you can’t have people running around the battlefield trading information and distributing it because, after all, you need secrecy. But collecting and distributing information is entirely what the Internet is about.

No reasonable person expects the entire shut-down of the Internet but the curtailment of on-line expression is now happening and getting worse, re-defining the meaning of free speech and making it an embattled concept.

Under the law, for instance, any corporation or individual can claim you are violating their copyright and demand you remove offending material from a website. You can challenge and litigate that but it doesn’t really matter because, under the Digital Millenium Copyright Act your web hosting service faces huge penalties if they keep the site on-line and the copyright violation is proven. So, to avoid the legal fees and the risk, they’ll just wipe your website. This happens all the time.

If the hosting service stands strong — as some progressive providers do — the people claiming the violation will just go “upstream” to the company that provides your web hosting service’s connection to the Internet and, to avoid legal problems, that “upstream provider” will just unplug the server. Servers host many websites, sometimes in the hundreds, and other services and so not only do you lose your site but everyone else on the server has theirs taken off-line. And this happens without even going in front of a judge.

Sure, there is still robustly exercised “freedom of speech” on the Internet. But the laws are in place to curtail it and, if the government wants, it can (and will) curtail. It’s a modern-day version of benevolent dictatorship which can, as history demonstrates, become pretty darn malevolent pretty fast.

“Selective Repression”

There are hundreds of criminal cases against Internet activists world-wide right now and scores in the United States. The ones most of us are most familiar with, those involving Aaron Swartz and Bradley Manning, are only the tip of the frightening iceberg.

A day after the testimony before Congress, for example, federal authorities announced the case of a techie named Matthew Keys . Keys, who worked for a TV station in Los Angeles owned by the Tribune Company, is accused of leaking a username and password to an activist from the well-known hacker organization Anonymous. Authorities say the Anonymous activist used that user/password combo to satirically alter a headline on the website of the Tribune-owned Los Angeles Times.

Keys is now charged with conspiracy to transmit information to damage a protected computer; transmitting information to damage a protected computer and attempted transmission of information to damage a protected computer. Each count carries a 10 year jail sentence, three years of supervised release and a fine of $250,000. For giving someone who changed a headline a username and password!

Last year, we at May First/People Link were raided by the FBI which literally stole a server from one of our server installations in New York City. They were investigating terroristic emails from some lunatic to people at the University of Pittsburgh and the dozens of servers this bozo used included one of ours. We have some anonymous servers which means there are no records of who used them, no traces… no information about the person sending the email; it’s to protect whistle-blowers and others needing total anonymity.

The FBI knew this but they stole the server anyway and then, about a week later, put it back. They never informed us of any of this. We found out because one of our techies went into the server installation and found one of the servers gone and installed a hidden camera which caught the agents when they returned the machine.

If all these developments seem disturbing to you, that’s justified. These repressive and intrusive measures target the very essence and purpose of the Internet. Created as a way for people to communicate with each other world-wide, this marvel of human interaction is now being turned into a field across which countries shoot programming bombs at each other while repressing and even punishing ordinary people’s communication: dividing us, perpetuating the feeling of loneliness that’s a constant in today’s societies and crippling the struggles for change that combat the division and loneliness and depend on the Internet to do it.

The Internet’s true purpose is to bring the world’s people closer to each other. The Obama Administration is doing just the opposite. It would advisable for those of us who have consistently opposed and fought against wars of all kinds to view this “cyber war” as an equally dangerous and destructive threat.

ALFREDO LOPEZ is the newest member of the TCBH! collective. A long-time political activist and radical journalist, and founding member of the progressive web-hosting media service MayFirst/PeopleLink, he lives in Brooklyn, NY

Related articles

March 22, 2013 Posted by | Civil Liberties, Deception, Full Spectrum Dominance, Mainstream Media, Warmongering, Militarism, Progressive Hypocrite | , , , , , , | 1 Comment