Monitoring of Civilian Internet Use By Federal Authorities

Tutorial One, Group Five
Members: Christopher Procyk, Kaelan Goode, Ashley Mastrobuono

Initial Statement
The increasingly popular method of monitoring for governments has begun quite the controversial dilemma. For several years now governments have been monitoring the internet usage of their civilians, mostly for national security reasons. They see it as getting a broader vision of what’s happening in the world and most of all, in cyberspace. This would in turn prevent chances of terrorism and crime all together. But more than just security is happening here, with the security there is a price for civilians. The price is their privacy. The government teams with big companies to get the information that they need to make profiles on everybody. The government monitors the emails, phone calls, internet browsing and text messages. The billions of dollars that these governments are pouring into this monitoring are necessary for them to keep up with all the recent technology. But how much are they willing to pay for this kind of security? Some internet providers are refusing to give up the privacy rights of their customers which are making it harder for the feds to investigate all citizens’ usage of the internet. It’s only a matter of time before the government will be able to see every website that each person visits, listen to every phone conversation, and read every text message. In order to crack down on crime, they have to realize that any criminal can just use encryption to make it harder for them to monitor.

International Ideals: Monitoring of Internet History and Usage Habits of Citizens by Government organizations: United Kingdom, United States
The United States

The US government does not actively monitor the internet usage of its citizens and appears to have no real intention to do so. US citizens who use the internet on a daily basis are free to surf anywhere on the internet, whenever they wish. Anyone and everyone can simply go to Google and find instructions on how to build a bomb or pick an apple (a commonly used example of teaching elementary students on which links to click on when they are introduced to the internet) and at the moment, no one will really care about what you look up. It has been documented though, that the NSA and the FBI have used internet monitoring in several investigations of alleged Terrorist Cells and even in more common types of criminal investigation. The US Government does however; monitor its own internal networks in the hopes of keeping them free from hackers and criminals. A seemingly all too common problem inside the US Governments’ networks is actual employees using those networks to spread illegal material like child pornography. In 2006, the security division of NASA developed a program that was designed specifically to detect flesh tones in image files as a means to track illicit behaviour and file sharing. This technology was found to be immediately effective when three federal employees were caught and convicted of trafficking child pornography. Another threat that the US government is attempting to contain by monitoring its internal networks is the attacks on some federal agencies’ computers. Earlier this year, President Bush authorized giving the NSA more authority in monitoring networks with the hopes of better protecting key databases and possibly counterattacking the criminals in charge of hacking government servers. Programs like “Einstein” are being implemented in various government agencies to monitor the flow of traffic in and out of establishments in the hopes of tracking down cyber crime within the government sector. “Einstein” is a program that was developed as part of a “Cyber – Security” initiative in the early 2000s that was designed to monitor government networks in almost real-time to find anomalous intrusions that could signal attacks. “Einstein” is also capable of monitoring packet transfers via TCP flags. Another idea that has come up in recent times is employing the “Einstein” program on a wide scale application of civilian internet. This however has been met with a great deal of opposition from various proponents of different privacy initiatives.

The United Kingdom The United Kingdom is perhaps the most surveyed country in the western hemisphere. Without even leaving the city of London, there are at a cost of £200 million, 10000 closed circuit TV cameras surveying street corners, subway stations and anywhere the public can gather. With such a huge investment, a report published in 2007 claimed that despite all these cameras and the massive amount of taxpayers’ money allocated to installing these cameras, 80% of crime is still unsolved. Could this carry over to internet monitoring initiatives? The current plan is to spend a grand total of £12 billion to create a sort of program - database network that will log every single e-mail, phone call, text message and other forms of electronic communications just like an airplane’s black box. In 2007, there were 3 billion e-mails sent everyday, which works out to 35000 every second, which in turn equals an impossible amount of information for analysts and programs to comb through in the hopes of circumventing crime and terrorism One criticism of this plan is the possibility of having the central database hacked by criminals and terrorists and having the financial records of millions of people accessed by thieves and the like, of course England’s current track record of not being able to keep secret/private information private, this “black box” initiative will be a hard sell to the public. Another concern is general corruption within the department and people misusing their power to break into peoples’ accounts. Of course the government has argued that these sorts of monitoring are necessary in order to uphold National Security and continue to enjoy the freedoms of the West. Other proponents argue that since technology is advancing in ways that make planning and executing terrorist activity fairly simple, law enforcement agencies must change with the times in order to combat this new convenience.

A Brief History
Typically internet monitoring by the government has been used in order to prevent two major problems in the recent past, the two problems being crime and terrorism. It is important to address another problem such as child pornography, in which there have been several busts through internet monitoring. The British government is willing to spend billions of pounds on a database for this monitoring procedure. The United States since the terrorist attack has been increasing its expenditures in this field as well. In particular, the government monitors internet browsing, emails, phone calls and text messages. Recently in the United States there has been a security legislation reducing warrant requirements for internet monitoring in the community. This monitoring has brought about some problems though. In the United States there was a mishap where the government collected non-targeted emails when monitoring for a terrorist attack. In turn the system discarded the email as evidence which ruined the investigation. What has been realised is that by increasing the monitoring, the criminals will just encrypt their computers so that the monitoring process will be of little good to the government. The American government has even gone as far as partnering up with some businesses such and American Express and Axium to get profiles on people to battle terrorism. This benefits the government because they get information on civilians and it also benefits the companies because they make a profit. The United States government is trying to purpose a centralized system with all the Internet providers to help with the surveillance of the users. This is quite difficult because there are so many independent Internet providers out there. Also there are many people questioning their privacy in these situations which makes it difficult for the government to get support. The government attempts to name their projects with nicer names such as “early warning centre,” the privacy of many is still questioned. In both the United States and The United Kingdom the Internet monitoring is becoming a big problem for both the governments and the civilians. The challenge of national security versus privacy factors are an ongoing battle.

Why This Is Happening
This all begs the question of just why such expensive and extensive monitoring and infrastructure might be justified. Federal Authorities on both sides of the Atlantic Ocean have explained before numerous house committees just why they are being brought to this course of action. The prevailing message is that as technology has advanced, so has crime; these groups feel stymied by the wide untamed internet that almost has a “Wild West” sort of a mentality to it. There are few limits, few realistic boundaries. In the light of this great “untamed frontier” that is the internet; Law Enforcement has proposed the widespread monitoring of their citizens’ internet history and browsing habits, in order to get a leg up in taming this “frontier”. One of the reasons such legislation has gained steam, for better or worse, has been, in fact caused by a prevailing attitude amongst federal Law Enforcement and Homeland Security Agencies that these agencies cannot keep up with the issues that they are concerned with as the information age progresses.

This belief is sometimes exaggerated and sometimes bang-on. A good example for their motivation can come from the United Kingdom. In the UK 35000 E-Mails and 1800 Text Messages are sent every second and Millions of Phone Calls happen every day. With this staggering statistic it’s not hard to imagine the scope of the problem. Even the most Libertarian Privacy Advocate would have to admit that current levels and extents of internet history monitoring make finding criminal activity being planned (or in progress) like finding a needle in a haystack. This really summarizes what the main argument for why widespread monitoring of Civilian Internet Traffic. Another justification for such monitoring is that currently the opportunity for Law Enforcement Agencies to retrieve such information is limited to going to the Internet Service Providers which only keep such information for such a small window of time. The British Home Office also asserts that this is the best option for law enforcement in the information age, putting the emphasis on the counter-terrorism opportunities that this creates. Don’t be fooled into thinking that this is only going on in the United Kingdom, however. Law Enforcement agencies worldwide such as the United States’ FBI have been pushing for similar methods for nearly a decade, and technology has finally caught up with the popular idea. Many Network Security Experts also favour this approach. A recent survey in CSO (Chief Security Officer) Magazine found that 75% of their subscribers were in favour of this method.

American FBI Director Robert Mueller also supports an approach to monitor civilian Internet. Mueller has been lobbying the Federal Government in the United States for an Omnibus Bill that would extend the FBI’s reach in Network Monitoring beyond their current jurisdiction of Non-Civilian Networks to allow them to apply their techniques to a wider array of networks. In a hearing with Republican Representative Darryl Issa of California, Mueller stated that he seeks a system that: “balances on one hand, the privacy rights of the individual who are receiving the information, but on the other hand, given the technology, the necessity of having some omnibus search capability utilizing filters that would identify the illegal activity as it comes through and give us the ability to preempt that illegal activity where it comes through a choke point.".  Mueller forwards this argument that crime has fundamentally changed, and become intertwined with the internet and other relatively new technologies, and he’s not alone.   American Under-Secretary of Homeland Security Robert Jamison believes that the underground element of the internet is adept at hiding their activities within normal traffic; he feels full scale monitoring and an expansion of the Einstein System (explained below) will help remedy this situation.

Possible Applications
There are many possible applications for this type of surveillance. Under the current British Plan all Internet Histories, Text Messages, and Emails would be centrally stored by law enforcement officials before cleared, reviewed and at such a time as can be safely done so: deleted. One of the main arguments that Law Enforcement Officials, especially ones in the Homeland Security field highlight is the opportunity that this would grant in terms of fighting terrorism- the main selling point being that wide scale monitoring could be used to access password protected areas such as “Chatrooms” and other private parts of fringe and extremist websites to find credible threats and shut them down before they can incite instability, or worse. Another feather in the cap in this system is just how much easier it would be to catch and break up Child Pornography rings and crack down on the exploitation of children in dark corners of the Internet. In Finland plans are currently in place to implement widespread, wide scale monitoring of internet forums after an unfortunate incident earlier in the decade saw a person go on to a web forum and get instructions on how to make a bomb- which he then detonated.

How then, you may ask, is this possible to achieve? The systems that have been proposed are rather complicated. Details released at this time of the British Internet Surveillance Plan would see 12 Billion Pounds be spent in order to have thousands of computer and network ‘probes’ installed that would route data to a central database where that data would be stored on several government servers, accessible at the convenience of most law enforcement agencies- including the British Home Office and Police Forces. A good example of a functioning system that monitors internet access is the United States’ “Einstein System” which monitors Government and Military Networks (Not Civilian although a Civilian Expansion has been Proposed). This system in fact does not collect personally identifiable information, nor does it actually actively intervene to stop crime it detects, instead it monitors incoming and outgoing IPs and port numbers as well as examining the packet data that is being transferred. This system measures activity generates trends and uses this information as a tool for federal authorities to predict internet crime patterns in order to intervene and prevent crime in those areas in the future. A Civilian Expansion of this system would afford civilian agencies access to its intuitive system of tracking and creating crime patterns.

Our Argument
The opinion of the group on the matter of Internet Activity Monitoring of Civilians by Federal Authorities is that this is not the right road to go down in the interests of preventing cyber-crime and other illegal dealings. We believe that this idea takes law enforcement and surveillance off of the streets and off public property and directly into the homes and private lives of Civilians most of which have done no wrong. We believe that going this route constitutes a bad precedent for future law enforcement techniques. By allowing large scale data mining and real-time surveillance by government authorities we are opening the door to even deeper and more involved techniques that have the potential to dig further into the lives of citizens. Even in the United Kingdom where there are more surveillance cameras on streets, sidewalks, in parks, subways, and public/private property than anywhere else in the Western Hemisphere, Britons can still go home and go on the internet and not have to worry about that kind of surveillance. Such legislation would be damaging to the civil rights of Canadians because once you give somebody access to all that information, there is no way to tell them how to use it or to what extent activity on the Internet will be enforced. Would the enforcement phase only be applied to serious crimes such as Terrorist Activity and Child Pornography or would the Federal, State, and Local Authorities take advantage of the power they’ve been given and start smacking everybody who downloads an MP3 or a YouTube Video on the wrist. These questions have gone unanswered by proponents of this kind of legislation in our country and others. We believe that the privacy of the law abiding citizen (who will be affected by this legislation) is being threatened greatly by this prospect and that granting Omnibus legislation to already powerful federal authorities is not a wise thing to do.

Conclusion
The issue of monitoring the internet habits of otherwise self-minding citizens is a very controversial issue worldwide in all of the countries in which such legislation has been proposed or enacted. On the one hand you have the Law Enforcement authorities who say that crime has changed with technological development, and make the case that Law Enforcement needs to change as well. They argue that such techniques are necessary to fight terrorist plots, child pornography and other serious and grave crimes that threaten the very fabric of our society. However, they leave questions unanswered. They have not come up with any tried and true framework for how strictly they will enforce or monitor the internet activity. Proponents of this solution have been questioned about the potential for a “Slippery Slope” where the access to this information leads law enforcement officials beyond serious crimes to begin enforcing really trivial matters. They haven’t come up with an answer for this question. They also haven’t managed to prove the justification of spending the money called for to create this framework. The creation of this framework will end up costing the British People over 12 Billion Pounds. For this substantial investment will the amount of crimes prevented and people punished meet the investment? Since this is a new form of crime fighting and a new idea that hasn’t extensively been used before it’s really a big pilot project and can we really justify spending that kind of money without any assurance that it will have a sizable impact on these crimes? Can we really risk that much money from the taxpayers blindly? Proponents of keeping this legislation from being enacted believe that it will become a burden on the law-abiding citizen. They believe that a large scale database of the internet usage and browsing habits of civilians is counter to civil rights. The main question that needs to be asked is if the citizen is not involved in shady activity and illegal dealings, then what is there for said citizen to be afraid of exactly? Given the potential gains, shouldn’t citizens feel happy to give up their information because the program could lead to catching child predators and would-be terrorists? Obviously this issue is very controversial and there are many points of view in play. Given the information presented, it would be wise to consider our position, and the facts that have been presented on both sides of the issue and draw your own conclusion about what you think is best done.