Read Surveillance or Security?: The Risks Posed by New Wiretapping Technologies Online
Authors: Susan Landau
9.6 The Value of Communications Security to Civil Society
In chapter 7 I examined national-security risks to the economy if U.S.
business communications were insecure, but communications security
plays a far broader role for national security than simply protecting business communications. Somewhat paradoxically, the widespread availability of communication security is also important for U.S. national security.
One reason is that the U.S. intelligence community now solves mysteries,
unraveling "issues that cannot be discovered even in principle,"" rather
than finding out secrets. This is a new role for the agencies.
Some examples explain the distinction. During the Cold War the United
States faced an enemy with military capability roughly on par with its own.
Though under Mutually Assured Destruction the situation was quite dangerous, the Cold War nonetheless provided a certain stability. It was clear
who the enemy was, who its proxies were (though the 1956 Suez War put
the United States in the odd position of siding with the Soviet Union over
its natural allies, France and Britain), and what information the United
States needed to know. Intelligence focused almost exclusively, and sometimes perhaps mistakenly, on finding out answers to concrete questions.
How many SS-18 missiles did the Soviets have? What was the size of their
nuclear warheads?61
The 1991 dissolution of the Soviet Union abruptly changed the situation. Instead of a well-known enemy with secrets, the United States now
faced rogue states such as North Korea and Burma, nonstate actors with
international intentions, and the fruits of a long-term transformation of
nation-states to market states. National intelligence, which had had a
primary focus on the Soviet Union and its proxies, went from being "predictable and incremental"62 to handling diffuse and unclear foes in a
rapidly changing world. The shift went from finding out secrets to solving
mysteries.63
Iran is one example. In the late 1970s the country was a mystery to the
United States, although the U.S. government did not realize this at the time.
Because the United States had a strong ally in the shah of Iran, U.S. intelligence agencies paid little attention to Iran's internal politics, and the U.S.
government was in the dark as to the real political situation in Iran. Indeed
President Carter called Iran an "island of stability" just as the Islamic revolution began to take hold. After the shah fell, Iran, which had been a strong ally of the United States when the shah ruled, became unremittingly hostile.
The misread of the Iranian political situation by U.S. intelligence was to
have long-term repercussions.
Solving mysteries requires deep, often unconventional, thinking and a
full picture of the world around the mystery. In late 1977, Iran was a
society where public protest did not occur. The revolution came through
activities in the mosques. There was little understanding in the United
States of the role of religion in Iran. Iran appeared both modernized and
secular, but no one asked what would happen if religion became the
impetus for political activity in the country. If such a transformation were
to occur, how might religious leaders communicate with the people? How
would the people rebel against the government? What would be the organizing force? Knowing what to ask requires information. Often answering
questions is simpler than framing them. The answers can be hiding in plain
sight; it takes understanding the situation in order to be able to ask the
right questions.
The tools to solve mysteries are different from the tools that uncover
secrets. The United States can photograph an Indian nuclear testing site to
determine whether there has been increased activity at the site, but it
cannot discover the intent of the government that way. Determining the
intentions of the Hindu nationalist government means solving a mystery
(the government had campaigned on the issue of nuclear weapons, so its
support of tests was not exactly a secret64). In mysteries often what is
needed is tools on the ground, finding out what the people are thinking.
In 1996 former NSA Director Bobby Inman explained,
I find ... what you need are observers with language ability, with understanding
of the religions, cultures of the countries where they're observing, where one does
not need the cost of the processing tied to the denied collection.
The challenge in this new era, as it was in 1946, is how do you absorb, how do you
collect that vast array of openly available information, .. .
We have to rethink how we go about assembling the vast array of information that
is openly available to observers who have the competence to understand what
they're doing.ti5
In the time since Inman's testimony, many of the world's trouble spots
have become considerably less safe for U.S. government personnel. Embassies are tightly locked and guarded places, Foreign Service members, circumspect in their travels. Where the Foreign Service once worked,
nongovernmental organizations (NGOs) and businesses have now become
the people in place. RAND researcher Gregory Treverton has observed that in a "world that is not fully open everywhere but that is not very
closed anywhere, humanitarian NGOs will know more about many African
countries than does the CIA, and oil companies will be experts on
Indonesia.""
The United States Pacific Command discovered that NGOs provide an
excellent on-the-ground understanding of the local culture and politics, as
well as an understanding of the local infrastructure.67 Indeed, the National
Intelligence Council has included briefings by such NGOs as CARE when
determining strategy in humanitarian crises.68 Had such briefings been part
of the standard in 1993, the debacle in Mogadishu (in which U.S. Rangers
sent to participate in a UN humanitarian mission to aid Somalia became
embroiled in local infighting) might have been avoided.
The U.S. government needs to know what the people in the street are
thinking, what the dissidents are saying. Here is where civilian communications security becomes so very important to U.S. national security. NGOs
often operate in countries where freedom of communication is not a given.
This is especially the case for human rights organizations, which often
operate against the local government's wishes. Human rights groups have
used encryption to protect their communications and anonymizing technologies to protect their identities.69 In 1999, anonymizing services enabled
ethnic Albanians to provide firsthand accounts of Serbian atrocities in
Kosovo without fear of retribution.70 Receiving this information during the
time the atrocities were occurring, rather than months or years later, was
important in enabling international response.
Empowering NGOs to communicate securely and privately is important
to UN efforts; privacy-enhancing technologies such as Tor play crucial
roles. Widely available, easily used, ubiquitous tools providing privacy and
anonymity are critical for operating in dangerous places or in countries
with repressive governments. Note that such security is needed not just
by NGOs.
One such tool is Martus, secure, information management software that
lets users create a searchable, encrypted database on their computer and
then back these data up remotely to their choice of publicly available
servers (Martus is the Greek word for "witness"). Martus is used by human
rights organizations, journalists, government officials, and others who
need to secure sensitive human rights information from eavesdropping,
theft, or equipment failure. Designed for users in very insecure environments, Martus features a "panic button" that erases data from their computer (but not the remote server) in the event of a security emergency.
Martus is an open-source application available in English, French, Spanish, Russian, Arabic, Nepali, Farsi/Dari, Burmese, and Thai. It has been used in
many countries around the world, including Colombia, Egypt, Guatemala,
Hungary, India, Iraq, Kenya, Lebanon, Mexico, Nepal, Peru, the Philippines, Russia, Sierra Leone, Somalia, Sri Lanka, Thailand (both in-country
and for Burma), the United States, and Zimbabwe.
New communications technologies have breached the walls of some
repressive regimes. Shirin Ebadi, Iranian human rights lawyer and Nobel
Peace Prize Laureate, observed, "The difference between today and the Iran
of 1979 is that information technology and the Internet have made blackout censorship impossible."" And indeed, the video of a young woman
dying, shot by a sniper as she exited a car near an antigovernment demonstration in Tehran, was a video that circled Iran and the world. As of 2010,
2.7 percent of Google's users are from Iran.72 In Iran, the cost of hiding
information from the people is untethering the nation from the world's
communication infrastructure, impossible except for brief periods of time.
The U.S. Department of State strongly supports an uncensored Internet.
In 2006 DoS established the Global Internet Freedom Task Force (GIFT) to
monitor Internet freedom around the world, reporting on the free flow of
information on the Internet, protesting abuses to freedom of expression,
working to enable the international free flow of information, and empowering users.73 In other words, the Internet should extend the First Amendment wherever it was technologically feasible. In 2010, Secretary of State
Hillary Clinton reiterated that commitment: "We stand for a single internet where all of humanity has equal access to knowledge and ideas."
Clinton said that Internet users should have five freedoms: freedom of
expression, freedom of worship, freedom from want, freedom from fear,
and freedom to connect.
In recognizing the contradictory aspects of secrecy afforded to Internet
communications, Clinton said, "Those who use the internet to recruit terrorists or distribute stolen intellectual property cannot divorce their online
actions from their real world identities. But these challenges must not
become an excuse for governments to systematically violate the rights and
privacy of those who use the internet for peaceful political purposes."
Clinton committed the U.S. government to "the development of new tools
that enable citizens to exercise their right of free expression by circumventing politically motivated censorship.... We are working globally to make
sure that those tools get to the people who need them, in local languages,
and with the training they need to access the internet safely."
The U.S. government may find privacy-enhancing communication tools
problematic when doing law enforcement and national-security work, but just as a 1996 National Research Council report on cryptography concluded that on balance the United States was better off with more
widespread use of cryptography,74 I would argue that for the United States
the more widespread use of privacy-enhancing technologies outweighs the
disadvantages. The government agencies that have funded the development of Tor would appear to agree.
9.7 DPI: Creating a Security Threat
Recall deep packet inspection (DPI), in which intermediate nodes in the
network examine not just IP headers, but actual packet content. The rationale behind the DPI is that its use can improve service and protect endpoints. In recent years, ISPs have begun offering to do packet inspection
for larger customers. By checking packet content, an ISP can prevent
known malware from reaching the endpoint hosts and infecting them.
DPI underlies the Einstein 3 program, designed to protect the computer
systems of federal civilian agencies against attacks. Traffic bound for the
federal civilian agencies is to be pulled off and run through a DPI monitoring system, Tutelage. According to a Washington Post article, Tutelage will
either "block [attacks] or watch them closely to better assess the threat."
As of 2009, the system was being used for protecting military networks,75
but in 2010 news came of an effort to expand the program to certain
industries in the private sector, including critical infrastructure.76 AT&T is
to be the first carrier to participate in a test of Einstein 3.
The impetus for ISPs to use DPI came from CALEA (there was also pressure from movie studios, which wanted the ISPs to prevent users from
sharing copyrighted materials illegally)." A 2006 FCC ruling extending
CALEA to certain cases of VoIP meant that when facilities-based broadband
access providers were served with a pen-register order, they were responsible for providing the FBI with the equivalent of post-cut-through dialed
digits, those numbers punched in after the initial call has been connected
by a carrier to a switch. In the IP-based world, in order for providers to
supply the equivalent of the post-cut-through dialed-digit information, the
access providers would need to inspect the packets. DPI was the solution.
The ISPs' next issue was to find a way to make money with the DPI equipment they had bought for implementing CALEA.
University of Colorado law professor Paul Ohm has written that ISPs
had a serious case of "Google envy." They sought to mimic the company's
success in monetizing the information it gains from a person's searches,
and DPI gives them a tool to do so.78 In capitalizing on this tool to conduct real-time surveillance of their subscribers, the ISPs would be in a position
to offer a host of new services, from ads targeted to the user to more
efficient versions of the services the user was seeking. The providers could
do so based on what the subscriber was viewing right then as well as
over the last day, last week, last month, last decade. For the service providers, who are under a great deal of financial pressure in a commoditized
market, the use of DPI for their business purposes could provide a potential
goldmine.
It might seem that network use of DPI would simply be an extension
of the telephone companies' traditional use of the CDRs to guide the
development of future business services, but this view would be incorrect.
DPI has often been analogized as the mailman not only reading the address
on the envelope before he delivers your mail, but also opening the envelope and reading the letter. That analogy rather misses the point. DPI is a
letter carrier who reads all your mail, listens to all your calls, follows you
as you browse downtown and in the mall, notes your purchases, listens in
as you ask questions of the research librarian, and watches over your
shoulder as you read the daily paper-and then correlates all that information in real time.