angrymnk wrote:
Ok. I don't disagree. ****, I am actually mostly in agreement. I do find it mildly amusing that you think NSA part is negligible given it was the NSA that gave our police stingray as a tool, but other than that.. it is like I am on the other side of the looking glass.
I don't think the NSA gave police such devices, but that the same security device companies provide them to both (and the FBI, and probably several other investigative organizations). The technology would exist whether the NSA existed or not. Heck. I've seen enough base station designs to know exactly how it's done, and it's really not rocket science. But yes, that's one of the areas one might question in terms of being tracked via a device that you can't really turn off (a cell phone) without seriously degrading the purpose of the device itself. And it's a real issue in terms of privacy. As more of our day to day activities involve technological devices that communicate via some sort of network, the more data we give off about ourselves just by walking down the street.
Such devices still don't listen in on content (so not a "wiretap"), but being able to get dumps from cell towers (or set up fake ones as in the case with Stingray), you can still determine everyone who was in an area at any given time. The degree to which that represents a true invasion of privacy is still subject to debate. Heck. I'm not even sure where I fall on that particular issue. I'm just saying that it *is* an issue to be discussed and debated.
Quote:
I am not sure why/how you think all of those cannot be handled at the same time? How is fake cell phone tower easier to explain than wholesale interwebz backup in terms of popular messaging?
Because one is being used by law enforcement and the other is not. When you read up on police using these sorts of techniques, it's always in terms of hours of data and a handful of sources (like cell towers). This is (currently) a resource issue. Police forces simply don't have the data storage capacity to collect and retain every bit of metadata from every source within their jurisdictions. So they rely on subpoenas to cell tower companies after the fact to get data as needed. So each grab of data is in response to a criminal justice investigation and not just collecting it ahead of time and holding it for later examination if it's needed (which is where most of the privacy concerns come in with metadata).
The NSA, on the other hand, does have the resources to collect vast amounts of data and store it for later use. Enough that they can use this nationwide to look for patterns that may indicate national security threats. But, the NSA isn't a law enforcement agency. They can't use that data to prosecute someone for a crime. As long as that remains the case, I'm far less concerned about such data collection by the NSA than other forms of data collection by agencies that may use it against me in some punitive way.
As I mentioned earlier, I'm less more concerned with the collection of data itself (although that is still a concern) as I am with government regulations that effectively require the creation of said data in the first place. An example would be if government decided that in order to be a licensed car insurance carrier, you must require that all customers with cars equipped with a OBDII scanner that records details about your driving. Currently, some insurance companies offer "safe driving discounts" if you plug those devices in. But there are secondary uses for the data, right? And what if the government starts mandating such things? In the same vein, there's already a movement to require "safety devices" to be installed in cars, which effectively turn your car into a mobile cellular device that communicates with other devices around you (other cars, or devices placed on the side of the road). The idea being that you could make your car smarter by allowing it to communicate with other cars around it and help avoid collisions (or even allow for automatic control). Similarly, devices on the side of the road could send signals to oncoming cars alerting them to hazards ahead or whatever. Of course, the same devices could also collect data on any vehicle traveling along the road. And they're talking about a whole bunch of data, including things like airbag sensor data (which say, could be used to tell a listening device if you have a passenger in your car, and possibly even the weight of said passenger).
Medical data is even more problematic. It's kinda funny to me that every time there's some kind of wearable tech device (smart watches are the current "thing"), the immediate go-to purpose is always health monitoring. For joggers, of course. Right. Of course, no one uses these devices for that purpose (well, almost no one), but that's what is always on the marketing brochures. It's like someone out there really really really wants people to wear networked devices that continually monitor our health. I can't imagine why that would be? And absolutely falls far more into the "private stuff no one should have access to" area, but if the cost of getting a wearable device is that it also collects health information and sends it off somewhere, how do you avoid that? And with the government getting more into the health market, how to we prevent it from arguing that since it's paying for our health care, it has the right to monitor our health. You know, to detect conditions that could be treated cheaply early rather than waiting for them to become more expensive (preventative medicine, right?). The same authority that just passed a law mandating that everyone buy health insurance could also mandate that we all wear health monitoring devices. Slippery slope? Not really.
There's a ton of "scary stuff" that can easily be justified as "safety and security". And I'm far more concerned about it than the NSA. Do I know what form these things will take exactly? Nope. But it's not hard to see a pattern. Certainly, there are some aspects of technology that simply as a matter of convenience make it harder to keep (semi) private activities private (ish). And businesses absolutely are willing to give us discounts for signing up for rewards cards, or for plugging a monitor into our car, or using a credit card to buy things rather than cash, or connecting our store account with our social media accounts. But those businesses can't actually compel us to do so. We can still choose to keep our activities as private as possible if we want. But as time goes by, this becomes more difficult. And I've seen a pattern of government regulation that does seem almost aimed at making it, if not impossible, increasingly difficult to minimize one's digital footprint.
And that's far more of a concern to me. Now, you're correct that we can choose to fight both, but as I mentioned earlier, when we expand the scope of what we fight, we weaken the fight itself. We're spreading the same resources over more things. Also, as I kinda touched on earlier, the NSA isn't forcing us to use those services that generate the metadata that they are tapping into. The privacy question here is whether the problem is the reading of data we put out that is technically "in the public space", or actions that force us to put data into that public space in the first place. Put in more analog terms, it's the difference between fighting against someone listening to you while you're eating food in public, and fighting against something that forces you to eat all your meals in public. It's not the fact that my public activities can be monitored, but that more of my activities are "public" that is the problem. So I'd rather focus on that side of the equation, if that makes any sense.
Might be a totally lost cause, but that's how I view the issue anyway.
Edited, May 11th 2015 5:05pm by gbaji