Introduction and Thoughts About Recent Surveillance “Revelations”

Jan 16, 2014 8:34:53 PM

Hello everyone!  I have been at Enterprise Management Associates for a couple of months now and decided that it is time to write an introduction and blog.  For those of you who have been following the blog from Scott Crawford, I hope you will find my blogs stimulating and possibly entertaining.  I tend to throw a few zingers in on occasion for a little humor as sometimes security writing can come across a little dry.

I have been in the security business for almost 20 years, which makes me feel as old as my kids say I am.  In that time, I have worked outsourcing operations and internal Information security for fortune 100 through local government to SMBs in multiple verticals.  I am also a part time educator for Capitol College out of Laurel, Md.  You can see my full bio here.

Please feel free to follow me on twitter where I try to focus on relevant and timely security technology, issues, and articles (not my current lunch menus or the color of a house…) @SecurityMonahan

There is always a lot going on in security, which is good for those of us in the field.  On this particular occasion I had some thoughts on the recent article from the Washington Post with the latest revelations from Snowden on the NSA tracking of US citizens. (Warning!  It is a long article.)

The first thing I have to say is, why is anyone shocked about this?!?  Governmental law enforcement and intelligence agencies have been doing this for years.

Various organizations and their precursors were involved in unsanctioned and/or questionable, rights infringement surveillance on US domestics well before the Internet – back in the 1950s during the Red Scare and McCarthyism.  The law enforcement and intelligence communities are voracious and insatiable information consumers so you have to expect it to be tapped into the Internet backbones and data centers to “feed the need”.  Since the Information Age has begun, there have been programs such as FBI’s Carnivore (fall of 1997) gathering data from Internet and other communications.  Given the historical examples and functional purposes of these organizations, no one should be in the least surprised.

A common justification for these types of surveillance is, “If you have nothing to hide then you shouldn’t care.”, or something similar.  These arguments are intrinsically flawed.  With bulk data

(actual or meta) gathering, comes privacy loss. Going with the presented argument, those who say bulk surveillance should be allowed are by extension saying that recording of lawful activities in our bedrooms and bathrooms is ok.  Though there may be no illegal activities going on in those locations, no one wants them recorded because they feel entitled to privacy during those activities.  Our phone conversations don’t usually contain illegal communications but they are ours and meant for the intended recipient only.

We have an expectation of privacy without illegal activity.

I welcome thoughtful comments and discussion.

In Part 2 I will speak further on this and ultimately how we can improve our privacy on the web.

 

Enhanced by Zemanta
David Monahan

Written by David Monahan

David is a senior information security executive with several years of experience. He has organized and managed both physical and information security programs, including security and network operations (SOCs and NOCs) for organizations ranging from Fortune 100 companies to local government and small public and private companies. He has diverse audit and compliance and risk and privacy experience such as providing strategic and tactical leadership to develop, architect, and deploy assurance controls; delivering process and policy documentation and training; and working on educational and technical solutions.

    Lists by Topic

    see all

    Posts by Topic

    see all

    Recent Posts