Earlier this month, I wrote about a case out of Maryland involving a Florida resident who was pulled-over by Maryland Transportation Authority (MDTA) police, and subjected to harassment and intimidation, all because the driver was the holder of a Florida concealed carry permit. The incident raised serious questions about the clear bias against firearm owners in a state with a reputation for being notoriously anti-Second Amendment. More troubling, is the still–unanswered question about how MDTA police even knew of an individual concealed carry permit issued outside of their state.
As egregious as are the circumstances surrounding the Maryland incident, it is just one of a growing number of examples of how information about individuals exercising their constitutional rights, is being data-based and shared by law enforcement databases as “suspicious activity.”
Following its investigation of the September 11, 2001 terror attacks, the 9/11 Commission cited a lack of cooperation and information-sharing among law enforcement agencies, as a major vulnerability in America’s national security. One of byproducts of the Commission’s recommendations was the creation of more than 40 state and urban area fusion centers. These were designed to serve as localized clearinghouses for the “receipt, analysis, gathering, and sharing of threat-related information” from partners within law enforcement, public safety, and even the private sector.
The selling point for the states (in addition to money) was that access to such a national network of “suspicious activity” data, would improve the safety of local law enforcement, and make them more effective at stopping crime. For the Feds, the collection and analysis of localized threat assessments, and a far larger flow of information from local law enforcement to the Department of Homeland Security, was the driving force. Thus the DHS (in effect, the entire federal government) gained unprecedented access to a vast data trove on private citizens that goes far beyond anything relating to criminal activity, much less terrorism.
Furthermore, by tapping into a “national” exchange of information that is, in part, contributed to by partners in the private sector, the DHS also found a way to circumvent privacy restrictions in the Privacy Act of 1974. Now, DHS can use the efficiency and flexibility of the private sector to mine and analyze data that, by law, it is prohibited from collecting and maintaining on its own. Moreover, national crime database systems such as the Regional Information Sharing Systems (RISSnet) are federally funded, but controlled by state and local level law enforcement entities; adding even more insulation from oversight despite its “critical” role in the overall Information Sharing Environment — the federal nexus of information sharing through which all of this data eventually flows.
The original goal may have been to improve communication between levels of law enforcement, but instead law enforcement has created one enormous Cloud of data on private citizens, that is breathtaking in its scope. This vast database is subject to virtually no oversight or accountability as to what information is collected, who is able to access the data, or how the data is used in “fighting crime.” In essence, this “fusion” has created the same type of shadowy “DarkNet” for law enforcement information sharing for which the federal government has demonized (and prosecuted) the private sector. The end result leaves local law enforcement with resources once only available to federal agencies, and federal agencies with access to surveillance capabilities previously available only to local law enforcement.
The only privacy protections afforded to citizens within the ISE are the same hollow promises of respecting “civil liberties” made by those who reject any hint of greater civil liberties oversight, or state and local law enforcement refusing to participate in this information sharing – something not likely to happen given the clear trends of over-criminalization and over-militarization. Ultimately, it is the lack of privacy protections or civil liberties oversight that allows law enforcement to turn completely legal activities, like owning a gun or supporting third-party candidates, into actionable intelligence based on some vague notion of “suspicious activity.”
Given the vastness of these networks, and collusion between private sector and law enforcement officials at the local, state and federal levels, only Congress has the necessary leverage to penetrate the shield that for so long has protected this law enforcement “DarkNet” from scrutiny. Its task however, will not be easy. Despite serious deficiencies in the fusion centers system documented in a two-year, bipartisan investigation by the Senate Permanent Subcommittee on Investigations the system remains, in the view of the respected Electronic Frontier Foundation, completely immune from oversight.
Now that Republicans, led by pro-privacy leaders such as Sen. Rand Paul and Rep. Justin Amash, have regained control over the House and the Senate, GOP officials should, at a minimum, immediately call for hearings. The value of such hearings lies in uncovering what exactly is being shared among law enforcement agencies about private citizens on these networks; and then to legislate safeguards to ensure the constitutional rights respected in one state are not used against law-abiding citizens in another. Otherwise, the type of abuse against a lawful Florida concealed-carry permit holder by Maryland traffic police, will become even more commonplace in states where freedom is trumped by “security.”
The launch of the new iPhone 6 late last month set a record for Apple, selling 10-million units in the first three days. In spite of the record-setting sales, it was not long before consumer enthusiasm for the new technology dulled with reports of alleged problems, including a potential for bending if sat on for long periods; a phenomenon quickly dubbed “Bendgate.” The release of the iPhone 6 presented another, more serious problem for a much different demographic: government snoops.
Rather than continuing to be the rope in a tug-of-war between consumer privacy and warrantless government requests for consumer data, Apple smartly took itself out of the game altogether. The techno-giant did this through its new iOS 8 operating system which Apple claims makes it not “technically feasible for [Apple] to respond to government warrants for the extraction of this data from devices.” Not surprisingly, Apple’s movedid not sit well with government officials who not only see surreptitious surveillance as their duty, but a right no citizen should have the power to impede.
The surge in technological innovation over the last few years has raised the stakes in this fight, highlighted by the recent Supreme Court rulingRiley v. California in which the Justices clearly noted the differences in searching paper files versus digital data. However, the federal government’s efforts to undermine the development and use of devices or programs (such as encryption keys) that protect citizens’ communications against government snooping, goes back more than two decades.
In 1994, for example, Congress passed the Communications Assistance for Law Enforcement Act (CALEA), which forces telecommunication carriers and manufacturers to modify their digital communications platforms and hardware in order to facilitate the government’s ability to surreptitiously monitor communications made over those networks. The original version of CALEA, which pertained primarily to telephone communications, was expanded in 2004 to include internet traffic and VoIP services. Even this did not slake the government’s thirst for access to information.
In 2012, the FBI began pushing for even greater access to even more digital technology — messaging services and email — complaining that it was “going dark” because rapidly-advancing technology was making it too difficult for its agents to conduct electronic surveillance. Like CALEA, technology companies would be forced to build “back doors” into programing code to facilitate electronic eavesdropping; failure to comply with the rules would result in $25,000 per-day fines. The Obama administration strongly backed these new rules, but plans to present legislation to Congress were delayed after blowback from the Snowden-NSA revelations; still, the “going dark” mantra is repeated regularly by FBI officials.
Concerns with the current and proposed rules regarding access to digital data go beyond personal privacy. Infrastructure modification requirements — either to existing networks or to those being built — come with a residual price tag and compliance costs that consumers ultimately will bear. Moreover, as the Electronic Freedom Foundation notes, these rules give the FBI and other federal agencies “veto power over proposed innovations to the Internet in order to make spying easier.”
Not content to limit their efforts to legislation, the Feds also continue behind-the-scenes efforts to undermine methods of encryption as well as the ability of private citizens or companies to be able to encrypt their communications against the government.
Last September, ProPublica and the New York Times released a damning report about the NSA’s multi-billion dollar, decades-long war on private encryption. According to the article, based on more of Edward Snowden’s leaked documents, the NSA “deployed custom-built, superfast computers to break codes, and began collaborating with technology companies in the United States and abroad to build entry points into their products,” thereby making private encryption effectively useless at keeping the prying eyes of government out of digital communications. In fact, this has long been a goal of federal law enforcement agencies going back to at least 1994, when Uncle Sam proposed mandating use of the “Clipper Chip” to override private encryption. This illustrates clearly that no matter how much information government gains, it always seeks more.
The implications of the debate are far-reaching, especially as technology continues to advance, and the value of digital information transmitted across the communication spectrum increases. The leak of private photos of celebrities is but the latest example of how data security is intimately tied to personal privacy rights. Allowing government unfettered access to any data stored or transmitted digitally, which is its ultimate goal, permanently surrenders control of this information to anyone with this “back door” access – good guys, bad guys or simple voyeurs.
This is precisely what Ayn Rand foresaw and understood when she said more than half a century ago, “When you take away a man’s privacy, you gain the power to control him absolutely.” She saw the future and it is here.