Surveillance Flashcards
Controversies
- Potential for electronic interception - voice, email, online activity
- Restrictions on encryption
- export of strong crypto from USA viewed as security threat - Requirements of statute
- gov can get access - Presence of global surveillance systems
- across the world but are they constitutional or necessary
Interception US
Before 1934 widespread interception of phones by gov
In 1934 not allowed for law but could still do it
1968 forbidden in general
1978 separated domestic and foreign surveillance
1986 email and cell phones
2001 restrictions lessened
Interception CA
Similar to US
Law can not arbitrarily listen in 1974
Updated in 1985 for new tech
Wiretapping must be applied for with some specific part of criminal code (food and drugs act, narcotic control act)
Have to present annual reports for filed requests
Lawful access
Surveillance can not begin without a warrant so made it the job of ISP to record and store information so it can be accessed after the warrant
Must give this information to law enforcement
But this information can be obtained without requirement of judicial oversight
Also would ISP be required to retain data before request made
Ex) Alberta MLA: illegally searching name and taking pictures
Those against it say harm to privacy far outweighs the challenges faced by investigators
Email interception
When email is collected
-sender typing message, transmission
When email is stored (seizure)
-senders or receivers device, receiver ISP
Different laws based on different interceptions
Surveillance
Whole communities
Not interception
Ex) public health surveillance
-not concerned with, data at populations not individuals
Systematic investigation or monitoring of one or more persons
Purpose is to collect information about them, their activities, their associates
Secondary intention to deter population from some activity
Threatens human value of privacy
Judicial oversight
Police swears an affidavit stating there is a reason yo believe surveillance will assist investigation
Judge must be satisfied and grant
Only minister for public safety can apply
1. Methods are extremely intrusive must have good reason
2. Must obtain only information needed
3. Public should know what obtaining and how being used
4. Should be destroyed as soon as possible
Cryptography
Hiding data in plain site Plaintext: original text Cyphertext: modified unreadable message Encryption: plain to cypher Decryption: cypher to plain Cryptanalysis: circumvent security of crypto algs Used by: gov, military, finance, anyone
Crypto secrecy
US gov have attempted to control research and keep it secret
Backdoors might exist, legislation influenced by NSA
NSA builds unbreakable code for US gov and attempts to break other codes
US policy prevent export of strong crypto, eventually eliminated
Encryption policy
Law wants to be able to break into safe
Attempt to promote strong crypto but keys given to gov, key escrow, access plaintext, key recovery
CA: Wassenaar arrangement- follow best practices
Takes consideration export practices of other countries when making export permit decisions
Allowed to use any crypto and gov not implement mandatory key recovery or licensing
SIGINT
HUMINT: human intelligence
SIGINT: signals intelligence interception of signals
-extracting, analyzing, researching
CSEC NSA GCHQ
Domestic vs foreign
Rights for domestic but anarchy for foreign (only some restrictions)
Two are being blurred and high tech used on both
US 12333- permits collection of information obtained during lawful foreign intelligence
9/11
US patriots act
-45 days after attacks
-authority to surveil phone email bank records
Section 215
-gov can obtain secret FISA court order requiring third parties to hand over records
Warrant canary: forbidden to reveal this but can say past seven days no requests
STELLARWIND
-eavesdropping if at least one end is foreign without warrant
Edward Snowden
Was contractor for technical support side
Got information and contacted Gellman
Found things if they were stored incorrectly in database
50+K documents
- PRISM
Agreement with apple google… to secretly allow gov to read data stores
Request and sent to them
Was court approved but FISA court