In light of new revelations about government warrantless wiretapping and electronic surveillance what role do librarians have in educating our patrons about digital privacy and security issues? Given that digital privacy is further complicated by for-profit Internet companies services, such as those provided by Facebook and Google, are our users savvy enough to understand threats to their information in this increasingly complex digital landscape? This presentation will explore issues related to current events and information security with an eye towards the implications for information literacy standards; brief examination of tools used to enhance information privacy; and discuss how librarians might play a role in helping users become more information aware.
2. Outline
Framing questions
Implications for information literacy
Overview of recent revelations about NSA and
other data collection
Tools & Advocacy (what can we do about it)
Questions
This presentation is for educational purposes only – this is NOT legal advice
3. Framing questions
When it comes to modern
technology, does the public have the
necessary skills and literacies to
effectively manage their information?
4. Framing questions
If digital privacy, security, and risks are
information literacy issues, who should
be teaching these skills and how?
5. Framing questions
What is the role of the librarian?
Should we take more steps to support our
patrons in developing a better understanding
of how to manage their information?
6. Info lit standards
ACRL standards currently distinguishes
between information literacy and information
technology fluency, while acknowledging an
overlap between the two:
‚Information literacy initiates, sustains, and extends
lifelong learning through abilities which may use
technologies but are ultimately independent of them.‛
7. Info lit standards
Standard 5: ‚The information literate student
understands many of the economic, legal, and social
issues surrounding the use of information and accesses
and uses information ethically and legally.‛
The first learning outcome for the standard: ‚Identifies
and discusses issues related to privacy and security in
both the print and electronic environments‛
10. "It's now a matter of public record that the NSA collects and
stores the calling records of domestic phone calls, tracks the
location of millions of mobile devices worldwide, infiltrates
the data links between the data centers of tech companies
used by millions of Americans, piggybacks onto commercial
tracking mechanisms, collected potentially sensitive online
metadata for years and actively worked to undermine the
privacy and security measures that underpin the Internet.
And considering the purported size of the Snowden cache,
that could be the tip of the metaphorical iceberg."
11. ‚On its website, the NSA presents its vision of how it
wants to manage information: the Global Information
Grid. More of a concept than an actual technical plan,
the GIG is a "net-centric system operating in a global
context to provide processing, storage, management,
and transport of information.‛‛
12. "Getting the data has always been easier than making sense of it. So the NSA
developed its own tools to tap the vast pools of information.
In 2008, agency engineers created Accumulo, a data storage and retrieval system
based on Google's Big Table system. Sqrrl Data, a start-up company in
Cambridge, Mass., this month began a commercial version of Accumulo for realtime data mining. Most of the founders of Sqrrl Data are former NSA employees.
Accumulo allowed the NSA to examine disparate data sets and find connections,
said a former NSA operator who worked with it.‛
13. Ingest
"With assistance from private communications firms, the
NSA had learned to capture enormous flows of data at the
speed of light from fiber-optic cables that carried Internet
and telephone traffic over continents and under seas.
According to one document in Snowden’s cache,
the agency’s Special Source Operations group,
which as early as 2006 was said to be ingesting
‚one Library of Congress every 14.4 seconds‛
14. Ingest
"The alleged surveillance may be conducted through third party advertising
networks used by millions of commercial web sites and mobile applications
across all industries. If advertising networks are indeed targeted, it would
appear that no internet-enabled device that visits ad-enabled websites or uses
ad-enabled applications is immune to such surveillance."
15. Secure/Index?
‚once they obtain the information, they process it ... it goes through these various
processes and then ends up in the database, where it can be retrieved later.‛
16. Query
‚According to the NSA’s director of compliance, the
agency queries its databases about 20 million times
each month‚ (at 6)
‚In the process, information has been folded into a
‚Threat Matrix,‛ an itemized catalogue of all the ‚threats‛—
or more accurately ‚leads‛— needing to be followed up.
As Garrett Graff explains, the government pursues
‚upwards of 5,000 threats per day.‛‛ (at 10)
17. ‚Explains Walter Pincus, if operatives at NSA, sorting through their 215
metadata collection or other sources, uncover ‚a questionable pattern‛
such as ‚calls to other suspect phones,‛ they send a report to the FBI for
investigation.
In NSA this process has sometimes been called ‚We Track ‘Em, You Whack
‘Em.‛ The FBI, then, is routinely supplied with what Graff calls ‚endless
lists of ‘suspect’ telephone numbers.‛
When followed up, these ‚leads‛ virtually never go anywhere: of 5000
numbers passed along, only 10—two-tenths of one percent—‚panned out
enough for the bureau to bother‛ to get court permission to follow them up.
At the FBI, the NSA tips are often called “Pizza Hut” leads because,
following them up, FBI agents ‚inevitably end up investigating the local
pizza delivery guy.‛
There is, in other words, nothing to ‚whack.‛ At one point, the generally
diplomatic Robert Mueller bluntly told NSA director Alexander, ‚You act
like this is some treasure trove; it’s a useless time suck.‛‛ (at 13)
18. Why Ingest, Secure, Index & Query?
"Multiple databases consolidated and
cross–referenced, with incidental details
linking previously disconnected bodies of
information, produce a far more significant
whole than any one part would suggest:
identities, tendencies, groups and patterns
with both historically revelatory and
predictive power"
19. Historical Trends
‚In Uncharted, Erez Aiden and Jean-Baptiste
Michel tell the story of how they tapped
into this sea of information to create a new
kind of telescope: a tool that, instead of
uncovering the motions of distant
stars, charts
trends in human
history across the centuries. By teaming
up with Google, they were able to analyze
the text of millions of books. The result was
a new field of research and a scientific
tool, the Google Ngram Viewer‛
20. Predictive Power
"The company is continuing to try to
learn more about individual users so
that it can provide personalized
services such as Google Now, which
tries to provide information to
people before they even search
for it, such as alerting them to traffic
updates before their scheduled
meetings."
"As a general theme we’re
trying to move beyond just
searching to actually knowing
about things.
We think this is essential
because we want to understand
what you’re trying to do and
give you some help.
Google Now is an example of a
product that is trying to figure
out the state that you’re in and
make a suggestion to you."
21. ‚If you have something
that you don’t want
anyone to know, maybe
you shouldn’t be doing it
in the first place‛
- Google CEO Eric Schmidt
22. ‚U.S. agencies collected and shared the personal information of thousands
of Americans in an attempt to root out untrustworthy federal workers that
ended up scrutinizing people who had no direct ties to the U.S. government
and simply had purchased certain books.‛
23. What can we do?
"I live in a world where using my own name on github and IRC
was a specific conscious choice that required actual bravery from
me, because I know that I am statistically exposing myself to
retribution for doing so.‚
"Let’s say that again: I live in a world where being myself in public,
talking about things I care about under my own name in public, is
a specific choice which requires both courage and a backup plan.‚
‚by clarifying the threats, by publicly affirming the decency of the
bystanders, we create a world where you don’t have to be quite so
brave to speak up."
24. What can we do?
Advocate and educate
At our libraries, in our communities, and as a profession
Feb 11, https://thedaywefightback.org/
EFF & ACLU
Find opportunities to address the issues in instruction
Help patrons think through their personal threat model
25. Tools
Be vigilant about info use on the tools we provide
Tor Browser: https://www.torproject.org
Ghostery: https://www.ghostery.com
More at http://prism-break.org
26. Back to the questions
In light of the NSA revelations, are our patrons’ information
literacy skills sufficient to ensure privacy?
If not, how do we educate the public on these issues?
What is the role of the librarian?
27. Thanks!
Gabe: @gabe_gossett, gabe.gossett@wwu.edu
Rebecca: wilderr2@students.wwu.edu
Brian: @davidsoneducate
Research materials available at
http://www.zotero.org/groups/225433
This presentation is for educational purposes only – this is NOT legal advice
Hinweis der Redaktion
1982: “NSA possesses the technology to scan the mass of signals transmitted through various communications systems and then to select out by computer those messages in which certain words or phrases occur. It is thereby possible for that agency to acquire all communications over a monitored system in which, for example, a person’s name is mentioned.”Dycus, S., Berney, A. L., Banks, W. C., & Raven-Hansen, P. (1997). National Security Law (2nd Ed.). Aspen Publishers (pp. 642, 640, 796) (quoting Halkin v. Helms, 690 F.2d 977 (1982) “Plaintiffs filed suit in October 1975, after disclosures by the press and the President’s Commission on CIA Activities Within the United States (the Rockefeller Commission) revealed that government agencies, including the FBI and the CIA, had conducted intelligence operations that resulted in surveillance of United States citizens who opposed the war in Vietnam.” Held: “The executive’s resolution of the issue in favor of secrecy terminates the inquiry under FOIA just as it does under the state secrets privilege.”). Available at http://scholar.google.com/scholar_case?case=12220446803611647907&hl=en&as_sdt=6&as_vis=1&oi=scholar)See also Priest, D., & Arkin, W. (2010, July 19). A hidden world, growing beyond control. (“Every day, collection systems at the National Security Agency intercept and store 1.7 billion e-mails, phone calls and other types of communications. The NSA sorts a fraction of those into 70 separate databases.”)The Washington Post. Retrieved from http://projects.washingtonpost.com/top-secret-america/articles/a-hidden-world-growing-beyond-control/print/See also: Wilder, R. (2014, January 12) The Epoch of Incredulity. (reviews reports of government surveillance, beginning with the Lincoln administration).Learning Document. Retrieved from: http://learningdocument.wordpress.com/2014/01/12/the-epoch-of-incredulity/
See also Colbert, S. (2013, June 11). PRISM Surveillance Program. The Colbert Report. Comedy Central. Retrieved from http://www.colbertnation.com/the-colbert-report-videos/427034/june-11-2013/prism-surveillance-program
See e.g.Ackerman, S., & Ball, J. (2014, February 27). Yahoo webcam images from millions of users intercepted by GCHQ. The Guardian. Retrieved from http://www.theguardian.com/world/2014/feb/27/gchq-nsa-webcam-images-internet-yahooAckerman, S. (2014, February 28). Senators to investigate NSA role in GCHQ “Optic Nerve” webcam spying. The Guardian. Retrieved from http://www.theguardian.com/world/2014/feb/28/nsa-gchq-webcam-spy-program-senate-investigation
The iceberg
Ingest, Secure, Index, Query
Ingest
Ingest
Secure/Index?
Query
Potential for chilling effects – will students worry about generating a “questionable pattern” and self-censor their learning experience?
Why ingest, secure, index and query? The reasons appear to include the discovery of historical trends and the development of “predictive power.”See also:Harris, S. (2013, September 9). The Cowboy of the NSA. ("Alexander wants as much data as he can get. And he wants to hang on to it for as long as he can. To prevent the next terrorist attack, he thinks he needs to be able to see entire networks of communications and also go "back in time," as he has said publicly, to study how terrorists and their networks evolve. To find the needle in the haystack, he needs the entire haystack."Alexander's strategy is the same as Google's: I need to get all of the data," says a former administration official who worked with the general.”) Foreign Policy. Retrieved from http://www.foreignpolicy.com/articles/2013/09/08/the_cowboy_of_the_nsa_keith_alexanderNaughton, J. (2014, February 1). Facebook’s first 10 years: is it now in danger of swallowing the web? (“ …Facebook's business model is analogous to that of the US National Security Agency. Both need to use surveillance of both intimate and public online activity to make inferences about behaviour. The NSA claims that this enables it to spot and thwart terrorism and other bad stuff. Facebook's implicit – but rarely explicitly articulated – claim is that intensive monitoring of what its users do enables it to both tailor services to their needs and provide precise targeting information for advertisers.“)The Guardian. Retrieved from http://www.theguardian.com/technology/2014/feb/01/facebook-first-10-years-mark-zuckerbergBond-Graham, D., & Winston, A. (2014, February 27). Forget the NSA, the LAPD Spies on Millions of Innocent Folks. ("Computer programs also can learn "acceptable behavior" by humans — such as pedestrian or vehicular traffic patterns — and alert cops when something "abnormal"' occurs.“)LA Weekly. Retrieved from http://www.laweekly.com/los-angeles/forget-the-nsa-la-cops-spy-on-millions-of-innocent-folks/Content?oid=4473467GAO Report: TSA Should Limit Future Funding for Behavior Detection Activities. (2013, November 14). ("According to TSA’s strategic plan and other program guidance for the BDA program released in December 2012, the goal of the agency’s behavior detection activities, including the SPOT program, is to identify high-risk passengers based on behavioral indicators that indicate “mal-intent.” For example, the strategic plan notes that in concert with other security measures, behavior detection activities “must be dedicated to finding individuals with the intent to do harm, as well as individuals with connections to terrorist networks that may be involved in criminal activity supporting terrorism.”“)Public Intelligence. Retrieved from https://publicintelligence.net/gao-behavior-detection/ via via http://www.loweringthebar.net/2013/12/assorted-stupidity-57.html
Historically revelatory
Predictive Power See also Cadwalladr, C. (2014, February 22). ("Google will know the answer to your question before you have asked it, he says. It will have read every email you've ever written, every document, every idle thought you've ever tapped into a search-engine box. It will know you better than your intimate partner does. Better, perhaps, than even yourself.“) Are the robots about to rise? Google’s new director of engineering thinks so…. The Guardian. Retrieved from http://www.theguardian.com/technology/2014/feb/22/robots-google-ray-kurzweil-terminator-singularity-artificial-intelligence
Information literacy – why does privacy matter? Why does confidentiality matter?See e.g.American Library Association. (n.d.). Liberty, Privacy & Surveillance. (“Lack of privacy and confidentiality chills users' choices, thereby suppressing access to ideas. The possibility of surveillance, whether direct or through access to records of speech, research and exploration, undermines a democratic society.”)ALA.org. Retrieved December 10, 2013, from http://www.ala.org/advocacy/privacyconfidentialitySavage, C. (2013, August 8). N.S.A. Said to Search Content of Messages to and From U.S. (“"JameelJaffer, a senior lawyer at the A.C.L.U., said Wednesday that such “dragnet surveillance will be poisonous to the freedoms of inquiry and association” because people who know that their communications will be searched will change their behavior.“They’ll hesitate before visiting controversial Web sites, discussing controversial topics or investigating politically sensitive questions,” Mr. Jaffer said. “Individually, these hesitations might appear to be inconsequential, but the accumulation of them over time will change citizens’ relationship to one another and to the government.”") The New York Times. Retrieved from http://www.nytimes.com/2013/08/08/us/broader-sifting-of-data-abroad-is-seen-by-nsa.htmlPilkington, E. (2014, February 12). NSA actions pose “direct threat to journalism” leading watchdog warns. (“"CPJ’s critical appraisal of the NSA’s mass surveillance comes hard on the heels of a special report it published last October in which the former Washington Post editor Leonard Downie accused the Obama administration of blasting a chill through US journalism through its aggressive pursuit of official leakers. Downie concluded that the clamp-down was making it more difficult for the press to hold government accountable for its actions.“)The Guardian. Retrieved from http://www.theguardian.com/world/2014/feb/12/nsa-direct-threat-journalism-cpj-reportHattem, J. (2014, February 24). Bar Association protests NSA spying. TheHill. Text. Retrieved from http://thehill.com/blogs/hillicon-valley/technology/199075-lawyers-protest-nsa-snooping [citing James R. Silkenat. (2014, February 20). Re: Preservation of Attorney-Client Privilege for U.S. Law Firms and their Overseas Clients. (“"The interception and sharing of attorney-client privileged communications by government agencies—or any third party—raises concerns, including chilling the full and frank discussion between lawyer and client that is essential for effective legal representation.“) Retrieved fromhttp://www.americanbar.org/content/dam/aba/uncategorized/GAO/2014feb20_privilegedinformation_l.authcheckdam.pdf ]Arthur, C. (2013, August 20). Groklaw legal site shuts over fears of NSA email snooping. ("Jones cites the revelations that the US National Security Agency (NSA) can capture any email, and can store encrypted email for up to five years, as having prompted her decision to shutter the site: "the simple truth is, no matter how good the motives might be for collecting and screening everything we say to one another, and no matter how "clean" we all are ourselves from the standpoint of the screeners, I don't know how to function in such an atmosphere. I don't know how to do Groklaw like this," she writes.“)The Guardian. Retrieved from http://www.theguardian.com/technology/2013/aug/20/groklaw-shuts-nsa-surveillance
Self-censorship risks? See also American Library Association. (n.d.). Privacy and Confidentiality. ("Just as people who borrow murder mysteries are unlikely to be murderers, so those seeking information about terrorism are unlikely to be terrorists (see Resolution on the USA Patriot Act and Related Measures That Infringe on the Rights of Library Users, Resolution Reaffirming the Principles of Intellectual Freedom in the Aftermath of Terrorist Attacks, and Resolution on the Terrorism Information Awareness Program). Assuming a sinister motive based on library users' reading choices makes no sense and leads to fishing expeditions that both waste precious law enforcement resources and have the potential to chill Americans' inquiry into current events and public affairs (see Freedom to Read Statement).“)ALA.org. Retrieved December 10, 2013, from http://www.ala.org/advocacy/privacyconfidentiality/privacy/privacyconfidentiality
a template for possible ways to respond to chilling effects and risks of self-censorshipSee also: Wilder, R. (2014, March 2). Courage and a Backup Plan. Retrieved from: http://learningdocument.wordpress.com/2014/03/02/courage-and-a-back-up-plan/