Sunday, 21 July 2013

"Black Code"--We are all in their sights

The revelations by Edward Snowden should not have been such a surprise to so many.  Much of the story has been out there for anyone who was looking for it--in books, novels and, of course, online.

The fact that there has been no outcry long ago is an indication of a willful ignoring of the dangers of digital technology and "big data" in particular.
As an example, Ronald Deibert's  Black Code:  Inside the battle for cyberspace, points to the dual developments of the new century that changed what is possible and how it is exploited--massive increases in data collected, transmitted and stored and 9/11 as an excuse for mining that data to protect us.

Deibert is a professor at the University of Toronto and heads the Canada Centre for Global Security Studies.  Its mandate is to do research on the "intersection of the Internet, global security and human rights"  and he is an investigator  with the Information Warfare Monitor group.
The National Security Agency (NSA), he reports, has data-mining equipment at key IXPs, Internet Exchange Points that are the key points where Internet data passes between networks.  Being at the exchange points is efficient because so much of the data is streamed through these crucial links.

To better understand what is happening to Canadian date, the IXmaps project at the U of T traced a specific message through its route.  They sent an email from the University of Toronto to the Hockey Hall of Fame, a few block away:  "The email crossed into the United States, was peered at an IXP in Chicago, and was probably exposed to one of the NSA's warrantless surveillance systems rumoured to be located at the facility."

Much of the stream of data in Canada is open to US monitoring.  The data goes through the US because it has 95 of these IXPs and Canada only five. 
Canada, of course, has its own surveillance agency, the Communications Security Establishment Canada (CSEC).  Then Defense Minister Peter McKay in Parliament gave Tom Mulcair assurances that "this program is specifically prohibited from looking at the information of Canadians."

Oh, sure!  The US and Canada--and other countries, as well--claim to be looking only at the information from people who are not their citizens.  In the case of Canada and the US, security agencies share information which inevitably means the assurance is meaningless.

But McKay's assurance isn't genuine in any sense.  Note the weasel words--"looking at the information of Canadians."  One outgrowth of Snowden's leaks is that it makes clear that the metadata--the unseen data that identifies time and places-- is of particular use.  You can find out a great deal without ever looking at the content of the communications.
Surveillance, though, is only one of the battles for cyberspace outlined by Deibert.  "Big data," the collection and storage of massive data and then its analysis is not only used for surveillance, finding supposed terrorist threats.  Corporations use it to target products, as does Google through an algorithm that determines what ads are going to be sent with your Gmail or YouTube videos.

Government's are also anxious to use big data to find out about citizens and shape government programs.  In British Columbia we have the "Government 2.0" plan currently being implemented.  Central to it is seeing citizens as made up of data points that can be stored and mined--still another form of surveillance brought to us by the new technologies. 
The BC Ministry of Education plan for the replacement of BCeSIS is part of a cross-ministry strategy to be able to link education data with other data government collects on individuals.  BCeSIS is the student information system build in the pre-Big Data days.  The common link will be the identity card being rolled out that serves as a driver's license and medical card.

More on that another day.

Deibert, Ronald.  (2013)  Black Code:  Inside the Battle for Cyberspace.  McClelland and Stewart:  Toronto.





1 comment:

  1. Very interesting points on current surveillance technologies. This is a very current issue, and surprisingly not a lot of people seem to care about the possible consequences of this constant monitoring. There is a great dutch documentary (Panopticon 2012) that addresses this problem and also provides some hints why people are apparently on board with surveillance.
    It is very interesting how surveillance technologies are making a big appearance in educational settings: video cameras everywhere, SynchronEyes software, Moodle, and so on, all in the name of security. What do you think about this current situation in schools?