Security against Surveillance: IT Security as Resistance to Pervasive Surveillance

Main Article Content

Mike Zajko

Abstract

This paper examines Five Eyes surveillance programs as a threat to IT (Information Technology) security and IT security as resistance to these programs. I argue that the most significant of Snowden's disclosures have been the Five Eyes agencies’ systematic compromise of the technologies, networks, and standards in use within their own countries and abroad. Attacks on domestic infrastructure contradict the defensive posture of these agencies but are consistent with the project of cyber security as defined by the Five Eyes. The cyber security project of the Five Eyes nations is expansive in scope and has proceeded along dangerous lines. By assigning signals intelligence agencies the dual role of exploiting IT systems as well as securing them, a contradiction has been baked into our evolving notion of cyber security. A comprehensive response should include political and legal reforms, disentangling the Five Eyes' offensive and defensive roles, and narrowing the scope of the cyber security project. However, the most effective forms of resistance for individuals and institutions so far have been through an increased emphasis on IT security practices.     

Article Details

Section
Articles
Author Biography

Mike Zajko, University of Alberta

Mike Zajko is a PhD Candidate in Sociology at the University of Alberta, studying the roles and responsibilities of internet intermediaries.

References

Acohido, Byron. 2013. Chinese Military Hackers Were “Noisy.” USA Today, February 19. https://www.usatoday.com/story/news/world/2013/02/19/chinese-military-hacking-group-us-attacks- cybersyping/1930307/.

Australia’s Cyber Security Strategy. 2016. https://cybersecuritystrategy.pmc.gov.au/assets/img/PMC-Cyber-Strategy.pdf

Barnard-Wills, David, and Debi Ashenden. 2012. Securing Virtual Space Cyber War, Cyber Terror, and Risk. Space and Culture 15 (2): 110–23.

Beinart, Matthew. 2017. NSA To Share More Unclassified Information on Cyber Threats To Build Industry Partnerships. Defense Daily, November 15. http://www.defensedaily.com/nsa-share-unclassified-information-cyber-threats-build- industry-partnerships/

Clarke, Richard A., Michael J. Morell, Geoffrey R. Stone, Cass R. Sunstein, and Peter Swire. 2013. Liberty and Security in a Changing World: Report and Recommendations of The President’s Review Group on Intelligence and Communications Technologies. https://obamawhitehouse.archives.gov/sites/default/files/docs/201312_rg_final_report.pdf

CSEC. 2014. A-2014-0012. https://drive.google.com/file/d/0B0wdLKxvw1xsYzhKWVFJenlNWE0/edit

Deibert, Ron. 2012. Distributed Security as Cyber Strategy: Outlining a Comprehensive Approach for Canada in Cyberspace. Canadian Defence & Foreign Affairs Institute Research Paper.
https://citizenlab.org/wp-content/uploads/2012/08/CDFAI-Distributed-Security-as-Cyber-Strategy_-outlining-a- comprehensive-approach-for-Canada-in-Cyber.pdf

Dhami, Mandeep K. 2011. Behavioural Science Support for JTRIG’S Effects and Online HUMINT Operations. https://theintercept.com/document/2015/06/22/behavioural-science-support-jtrig/

Diffie, Whitfield, and Susan Landau. 2007. Privacy on the Line: The Politics of Wiretapping and Encryption (updated and expanded edition). Cambridge, MA: MIT Press.

Dignan, Larry. 2015. Snowden, PRISM fallout will cost U.S. tech vendors $47 billion, less than expected. ZDNet, April 2. http://www.zdnet.com/article/snowden-prism-fallout-will-cost-u-s-tech-vendors-47-billion-less-than-expected/

Dunn Cavelty, Myriam. 2007. Cyber-Security and Threat Politics: US Efforts to Secure the Information Age. London: Routledge.

Dunn Cavelty, Myriam. 2013. From Cyber-Bombs to Political Fallout: Threat Representations with an Impact in the Cyber-Security Discourse. International Studies Review 15 (1): 105–22.

Fung, Brian. 2013. Microsoft: U.S. Government Is a Potential Security Threat Washington Post, December 5. http://www.washingtonpost.com/blogs/the-switch/wp/2013/12/05/microsoft-u-s-government-is-a-potential-security- threat/

Gallagher, Ryan. 2014. How Secret Partners Expand NSA’s Surveillance Dragnet. The Intercept, June 18. https://firstlook.org/theintercept/article/2014/06/18/nsa-surveillance-secret-cable-partners-revealed-rampart-a/

GCHQ. 2010. Full Spectrum Cyber Effects. https://www.aclu.org/files/natsec/nsa/Full%20Spectrum%20Cyber%20Effects.pdf

Greenberg, Andy. 2013. NSA’s Verizon Spying Order Specifically Targeted Americans, Not Foreigners. Forbes, June 5. http://www.forbes.com/sites/andygreenberg/2013/06/05/nsas-verizon-spying-order-specifically-targeted-americans-not- foreigners/

Hansen, Lene, and Helen Nissenbaum. 2009. Digital Disaster, Cyber Security, and the Copenhagen School. International Studies Quarterly 53 (4): 1155–75.

IETF. 2013. Leading Engineers Agree to Upgrade Standards to Improve Internet Privacy and Security. IETF. http://www.ietf.org/blog/leading-engineers-agree-upgrade-standards-improve-internet-privacy-and-security/

Koop, Peter. 2014. Top Level Telecommunications: What Is Known about NSA’s PRISM Program. Top Level
Telecommunications. http://electrospaces.blogspot.ca/2014/04/what-is-known-about-nsas-prism-program.html

Lennard, Natasha. 2013. “Google’s NSA Outrage: Correct and Hypocritical.” Salon, November 4. http://www.salon.com/2013/11/04/googles_nsa_outrage_correct_and_hypocritical/

Levy, Steven. 2001. Crypto: Secrecy and Privacy in the New Code War. London, England: Allen Lane.

MacAskill, Ewen, Julian Borger, Nick Hopkins, Nick Davies, and James Ball. 2013. Mastering the Internet: How GCHQ Set out to Spy on the World Wide Web. The Guardian, June 21. http://www.guardian.co.uk/uk/2013/jun/21/gchq-mastering-the-internet

Margolis, Joel. 2013. Reader Forum: Team Telecom, the Softbank/Sprint Deal and the Impact on CALEA Obligations. RCR Wireless News, June 10. http://www.rcrwireless.com/article/20130610/opinion/reader-forum-team-telecom- softbanksprint-deal-impact-calea-obligations/

Marx, Gary T. 2003. A Tack in the Shoe: Neutralizing and Resisting the New Surveillance. Journal of Social Issues 59 (2): 369– 390.

Menn, Joseph. 2013. U.S. Cyberwar Strategy Stokes Fear of Blowback. Reuters, May 10. http://in.reuters.com/article/2013/05/10/usa-cyberweapons-idINDEE9490AX20130510

Moglen, Eben. 2014. Privacy under Attack: The NSA Files Revealed New Threats to Democracy. The Guardian, May 27. http://www.theguardian.com/technology/2014/may/27/-sp-privacy-under-attack-nsa-files-revealed-new-threats- democracy

Morozov, Evgeny. 2013. Evgeny Morozov on Why Our Privacy Problem Is a Democracy Problem in Disguise. MIT Technology Review. http://www.technologyreview.com/featuredstory/520426/the-real-privacy-problem/

Nakashima, Ellen. 2016. National Security Agency Plans Major Reorganization. The Washington Post, February 2.

Neocleous, Mark. 2008. Critique of Security. Edinburgh, UK: Edinburgh University Press.

New York Times. 2013. Documents Show N.S.A. Efforts to Spy on Both Enemies and Allies. New York Times, November 3. http://www.nytimes.com/interactive/2013/11/03/world/documents-show-nsa-efforts-to-spy-on-both-enemies-and- allies.html

New Zealand Cyber Security Strategy 2015. https://www.dpmc.govt.nz/sites/default/files/2017-03/nz-cyber-security-strategy-december-2015.pdf

Nissenbaum, Helen. 2005. Where Computer Security Meets National Security. Ethics and Information Technology 7 (2): 61–73.

NSA. 2010. Huawei Powerpoint Slides. https://www.aclu.org/sites/default/files/assets/huawei-powerpoint-slides.pdf

NSA. 2013. Intelligence Budget Request. http://www.nytimes.com/interactive/2013/09/05/us/documents-reveal-nsa-campaign-against-encryption.html.

Perlroth, Nicole. 2013. Government Announces Steps to Restore Confidence on Encryption Standards. New York Times—Bits September 10. http://bits.blogs.nytimes.com/2013/09/10/government-announces-steps-to-restore-confidence-on-encryption-standards/

Perlroth, Nicole, Jeff Larson, and Scott Shane. 2013. N.S.A. Able to Foil Basic Safeguards of Privacy on Web. The New York Times, September 5. http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html

Public Safety Canada. 2015. Information on Cyberbullying. https://www.getcybersafe.gc.ca/cnt/cbrbllng/index-en.aspx

Ranger, Steve. 2017. Why the CIA's iOS, Android and Windows Hack Stockpile Puts Zero-Day Hoards in the Spotlight.
ZDNet, March 8. http://www.zdnet.com/article/cias-ios-android-windows-hack-stockpile-puts-zero-day-hoards-in-the-spotlight/

Risen, James, and Laura Poitras. 2013. N.S.A. Report Outlined Goals for More Power. New York Times, November 22. http://www.nytimes.com/2013/11/23/us/politics/nsa-report-outlined-goals-for-more-power.html

Sanger, David E., and Nicole Perlroth. 2014. Internet Giants Erect Barriers to Spy Agencies. New York Times, June 6. http://www.nytimes.com/2014/06/07/technology/internet-giants-erect-barriers-to-spy-agencies.html

Sanger, David E. 2017. Journalism after Snowden: A New Age of Cyberwarfare. Columbia Journalism Review, March 7. https://www.cjr.org/opinion/edward-snowden-cyberwarfare.php

Satarino, Adam, and Chris Strohm. 2016. The Behind-the-Scenes Fight Between Apple and the FBI. Bloomberg, March 20. https://www.bloomberg.com/news/features/2016-03-20/the-behind-the-scenes-fight-between-apple-and-the-fbi

Schneier, Bruce. 2013. The NSA Is Commandeering the Internet. The Atlantic, August 12. http://www.theatlantic.com/technology/archive/2013/08/the-nsa-is-commandeering-the-internet/278572/

Schneier, Bruce. 2014. “Internet Subversion.” Schneier on Security. https://www.schneier.com/blog/archives/2014/05/internet_subver.html

Shane, Scott, Nicole Perlroth, and David E. Sanger. 2017. Security Breach and Spilled Secrets Have Shaken the N.S.A. to Its Core. The New York Times, November 12. https://www.nytimes.com/2017/11/12/us/nsa-shadow-brokers.html.

Shiffman, John, and Kristina Cooke. 2013. Exclusive: U.S. Directs Agents to Cover up Program Used to Investigate Americans. Reuters, August 5. http://www.reuters.com/article/2013/08/05/us-dea-sod-idUSBRE97409R20130805

Spiegel. 2013. The NSA Uses Powerful Toolbox in Effort to Spy on Global Networks. Spiegel Online, December 29. http://www.spiegel.de/international/world/the-nsa-uses-powerful-toolbox-in-effort-to-spy-on-global-networks-a- 940969.html

Talbot, David. 2013. Bruce Schneier: NSA Spying Is Making Us Less Safe. MIT Technology Review. http://www.technologyreview.com/news/519336/bruce-schneier-nsa-spying-is-making-us-less-safe/

Telecommunications (Interception Capability and Security) Act 2013. (New Zealand). http://www.legislation.govt.nz/act/public/2013/0091/latest/whole.html

UK Cyber Security Strategy. 2011. https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/60961/uk-cyber-security-strategy-final.pdf

US Senate Select Committee to Study Governmental Operations with Respect to Intelligence Activities. 1976. National Security Agency Activity Concerning Americans. In Book III: Supplementary Detailed Staff Reports on Intelligence Activities and the Rights of Americans.
http://www.aarclibrary.org/publib/church/reports/book3/pdf/ChurchB3_10_NSA.pdf

Warner, Michael. 2012. Cybersecurity: A Pre-History. Intelligence and National Security 27 (5): 781–99.