Data Security and Everyone Else

This time I want to talk about the people on the other end of data security, that is, those people who want to surreptitiously get a hold of your data.

Sometimes it is the bad guys  who want to get a hold of your data, but also sometimes it is the good guys, the government. However, just because the government is trying to do their job in protecting us doesn’t mean that people necessarily have to give up the right to privacy. NetworkWorld has a very interesting entry on an effort by the Electronic Frontier Foundation.

It’s called Surveillance Self-Defense and it serves as a very interesting primer for understanding how and what the (American) government is allowed to do in terms of obtaining your data in a covert fashion.

Reading through the website offers a couple of very interesting revelations. {Bracketed material added by the write for clarification.}

1. The Fourth Amendment protects you from unreasonable searches whether or not you are a citizen. In particular, the exclusionary rule {which bars evidence obtained in an illegal search from being used in a court of law] applies to all criminal defendants, including non-citizens. However, the exclusionary rule does not apply in immigration hearings, meaning that the government may introduce evidence from an illegal search or seizure in those proceedings.

2. {Once the government has received a “pen/trap order,” which only requires that the material they expect to obtain would be relevant to their investigation” they have the ability to get…}All email header information other than the subject line, including the email addresses of the people to whom you send email, the email addresses of people that send to you, the time each email is sent or received, and the size of each email that is sent or received. Your IP (Internet Protocol) address and the IP address of other computers on the Internet that you exchange information with, with time stamp and size information.

These items alone are very interesting things that I didn’t know. At some points, the EFF’s arguments can border on the paranoid, especially when they start to speculate on what government agencies could be doing with the information that is gathered, but the factual material they discuss is very useful and thought provoking.

Just knowing the IP addresses of computers that your computer is communicating with contains a lot of information that in the wrong hands could be very telling. There are those that argue that if one has not done anything wrong then there is nothing to worry about, but from my perspective given human imperfections, to err on the side of protecting privacy when information can be obtained in  other ways. This is, of course, not to say that government should not use the tools at their disposal, but I think it is wise for there to be appropriate oversight on how those tools are used.

I recommend looking at the EFF’s article and picking up a few things about how surveillance works, both from government, and from a technical perspective on how the actual data collection occurs.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: