Snowden Leaks Spill Over Into The Courts

image: hannaharendtcenter.org

Nearly three years after former NSA contractor Edward Snowden first leaked details about massive domestic spying, his revelations have prompted a broader discourse, especially among legal scholars, over the potentially invasive nature of big data cyber-surveillance tools.

Even as intelligence officials, the FBI and Congress worry about the rise of terrorists using encryption to communicate, legal experts are concerned that the enormous volume of data still being collected and stored by the National Security Agency and other intelligence agencies will pose legal concerns based on the Fourth Amendment of the US Constitution. The Fourth Amendment prohibits unreasonable searches and seizures without a judge's warrant supported by probable cause.

Since Snowden's first leaks in June 2013, hundreds of formerly covert programs have been revealed, all of which have contributed to an enormous storage trove of data. At least one ongoing lawsuit seeks to delete much of that data. Recently Snowden's revelations, was compiled by Margaret Hu, an assistant professor at Washington and Lee University School of Law.

Hu is also author of an academic article, Big Data Blacklisting that describes a process of finding individuals "guilty until proven innocent" based on suspicious digital data and database screening results.

"This is absolutely a critical time to really examine these programs before they are normalized and integrated into the system of governance and the way we live our lives," Hu said last week in a Madison Vision Series lecture at James Madison University in Harrisonburg, Va. Madison is widely hailed as the father of the US Constitution.

Decisions expected by the US Supreme Court in the next two years could expand the rights protected under the Fourth Amendment, she said.

"The Supreme Court could say we're going to reach farther and read more protections in order to safeguard the Fourth Amendment. Or, the second choice is [for the Supreme Court] to say to government to make technology smaller," Hu said. "The democratic experiment will fail unless we find a way to make the Constitution bigger or technology smaller."

Hu has joined a growing number of legal scholars concerned with the rise of what they term the "National Surveillance State." In 2008, well before Snowden's revelations, Yale University law professor Jack Balkin outlined that concern in an academic paper, The Constitution in the National Surveillance State. Back in 2006, University of Texas law professor Sanford Levinson had joined Balkin to write, The Process of Constitutional Change: From Partisan Entrenchment to the National Surveillance State.

Hu titled her JMU lecture The Rise of the Cyber-surveillance State. Using the term "cyber-surveillance," she said, emphasizes the use of big data and its connections to the Internet and data mining in surveillance.

"Under this theory, nothing the government is doing is necessarily oppressive," Hu asserted. But she also described how US passports embedded with RFID chips and driver's licenses with digital photos that can be recognizable in a police department database transform the way that government surveillance functions.

Essentially, she said, the government is now targeting suspicious data and not suspicious people. "As we create a more digital footprint, there's a way to look for the hologram of a person, but not the actual person," she said.

As an example, she said, in the vast majority of drone strikes, the attacks are not on individuals, but on the phones that are used — tracked by surveillance of the phone's metadata after multiple times of use.

A potential problem with a digital footprint can arise when a name appears on the increasingly expanding no-fly list, Hu said. "Many on the no-fly list have very limited due process and some are told they will never be able to be removed," she said. "Even if they might be allowed to fly, they won't be told the evidence that led to the nomination of being on there."

In her recent blacklisting article, Hu noted that before people are allowed to fly, work, drive or vote, they might be subjected to mass data collection and automated database screening by intelligence officials.

"Are we using more identity management to infer risk?" Hu asked the JMU audience. "Are we creating more pre-crime systems to keep us safe? Right now, when cases are litigated in court, those unable to exercise their rights are basically told they are collateral damage to keep us safe in this war on terror. What is the reliability of this and the efficacy of this? Going back to Snowden: Do these systems work and are they constitutional?"
Computerworld: http://bit.ly/1RwcnzP

« The White House Has A $19 Billion Cybersecurity Plan
We Need Social Media With A Heart »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

JYVSECTEC - JAMK University of Applied Sciences

JYVSECTEC - JAMK University of Applied Sciences

JYVSECTEC is a cyber security research and development and training centre

ISTQB

ISTQB

ISTQB has defined the "ISTQB Certified Tester" scheme that has become the world-wide leader in the certification of competences in software testing.

Cyber Security Experts Association of Nigeria (CSEAN)

Cyber Security Experts Association of Nigeria (CSEAN)

Cyber Security Experts Association of Nigeria (CSEAN) is a not for profit group of professionals in the field of Information Security in Nigeria and Diaspora.

Indium Software

Indium Software

Indium Software is an Independent Software Testing Company offering software testing services (including security testing) and offshore Quality Assurance solutions.

Remediant

Remediant

Remediant is the leader in Precision Privileged Access Management. We protect organizations from ransomware and data theft via stolen credentials and lateral movement.

Deceptive Bytes

Deceptive Bytes

Deceptive Bytes provides an Active Endpoint Deception platform that dynamically responds to attacks as they evolve and changes their outcome.

Allthenticate

Allthenticate

Allthenticate Single Device Authentication (SDA), enables seamless authentication in both the physical and digital words while unifying management in one easy-to-use interface.

SHe CISO Exec

SHe CISO Exec

SHe CISO Exec is a sustainable global training and mentoring platform in information security and leadership.

Kape Technologies

Kape Technologies

Kape Technologies is a cybersecurity company focused on helping consumers around the world have a better digital experience with greater privacy and protection.

Fifosys

Fifosys

Fifosys is a professional technology infrastructure specialist, delivering a broad portfolio of high quality technical and strategic managed services.

Mosaic Insurance

Mosaic Insurance

Mosaic is a next-generation global specialty insurer distinguished by an exceptional team, agile technology, and a structure that combines Lloyd’s of London strength with a global distribution network

Alea Consulting

Alea Consulting

Alea Consulting is a global risk mitigation and investigative consulting firm, which helps organizations reduce reputation and operational concerns.

Chartered Institute of Information Security (CIISec)

Chartered Institute of Information Security (CIISec)

CIISec is dedicated to helping individuals and organisations develop capability and competency in cyber security.

Willyama Services

Willyama Services

Willyama Services is a certified Information Technology and Cybersecurity professional services business providing services to government and private sector clients.

SecurEyes

SecurEyes

SecurEyes is a leading cybersecurity firm that provides specialised services, including cybersecurity assessments, managed services, and governance risk and compliance services.

AKS iQ

AKS iQ

AKS iQ leads the RegTech sector with AI, automating regulatory compliance in the banking industry and ensuring paperless TBML and CFT adherence in finance.