Dr. Susan Landau, a visiting professor from Tufts University, discussed the conflict in the digital age between privacy and security.
The age of information is in full swing, and data is the new and readily available currency. However, not everyone is happy about how easy information is to access, even if it could lead to the arrest of potential terrorists and other malicious agents. This ongoing war between privacy and security was the centerfold of Dr. Susan Landau’s presentation “Listening In: Cybersecurity in an Insecure Age” last Thursday.
As a part of TU’s Graves Cybersecurity Distinguished Lecture Series, Landau discussed the varied intricacies of privacy in modern times. She began with a recent court case after the San Bernardino terrorist attack. Essentially, the court case revolved around the FBI demanding Apple to release software to open a terrorist’s iPhone, with Apple refusing out of fear that the software would be abused or leaked.
In the end, the case was dropped. Not because the FBI gave up, but because they found another company to hack the phone for them. The contents of the phone revealed absolutely nothing relevant to the case.
Following this anecdote, Landau then discussed some different examples of encryption that have been used over the years. Then she shared how easily even seemingly complex encryptions can be cracked just by looking at patterns within the code. Some encryptions are as hardy as they seem, but code-cracking is quickly rising to meet these challenges.
Later in the lecture, Landau talked about first cases of wiretapping landlines in the United States and how the government quickly began using this technology inappropriately. Instead of supplementing current investigations with wiretaps, federal agencies would use wiretaps to invade the lives of people they may only have had a passing suspicion of. The judicial branch soon began to crack down on the government for excessively invading people’s privacy by requiring warrants and limiting when agents could listen in.
Yet it did not stop there. Federal agencies would arrest people suspected to be terrorists or spies and claim their suspicions were raised by an anonymous tip. Often, the prosecution would fail to provide any actual legal evidence and were forced to admit there had been no tip; they had used wiretaps without a warrant. These illegal arrests led to many actual threats to the country be allowed to walk free.
As time passed, landlines were quickly surpassed by mobile phones. This opened up many new challenges and opportunities for criminals and law enforcement alike. “15 years ago, you were not only not carrying cell phones, or sending texts … but most of these illegal conversations were done in person,” Landau said, describing how the Galleon
Group was convicted of insider trading through a series of texts.
With a society that has adopted so many forms of digital communication, it was shocking to hear Landau state that wiretapping laws have been incredibly slow to reflect these changes. Before these laws were updated, the government did not just listen in to specific people, they began using metadata. Metadata is data that describes patterns in other data and was used with phone histories collected from Internet service providers to detect potential threats before they were realized.
This was done with seemingly good intentions and appeared harmless. But, once it was revealed via Snowden, researchers quickly showed how even gathering someone’s phone history without listening can be invasion of privacy. After all, making multiple calls to somewhere such as an abortion clinic has very heavy implications. Landau argued that while metadata may make it easier to find criminals, the cost to privacy was too high for many citizens.
Despite this, Landau does not blame the law enforcement or the federal agencies for their dubious tactics. Rather, she blames the lack of manpower and poor funding that they receive. Another solution that could help is better communication between the local, state and federal levels about their situation and needs.
Landau concluded with a discussion about the civil organizations that shape federal policies (such as Planned Parenthood, Kiwanis Club and the American Cancer Society).
She claimed that these organizations are what stand between legislators and votes as a liaison. However, they are also the weak links in America’s civic infrastructure as they are crucial to society but are not capable of protecting themselves. They require protection from the government but also have options available that can be implemented without assistance such as two-factor authentication.
The next Graves Cybersecurity Distinguished Lecture is set for some time in the fall of 2018. For more information on Dr. Susan Landau or this presentation, her book “Listening In: Cybersecurity in an Insecure Age” is available for purchase online and in stores.