3. Internet Privacy and Personal Access at Risk

by Project Censored
Published: Last Updated on

Following in the steps of its predecessor, the Obama administration is expanding mass government surveillance of personal electronic communications. This surveillance, which includes the monitoring of the Internet as well as private (nongovernmental) computers, is proceeding with the proposal or passage of new laws granting government agencies increasingly wider latitude in their monitoring activities. At the same time, private companies and even some schools are engaging in surveillance activities that further diminish personal privacy.

Student Researchers:

  • Lynn DemosBen Solomon, Steve Wojanis, Trisha Himmelein, Emily Schuler, Claire Apatoff, Erin Kielty, and Tom Rich (DePauw University)
  • Alyssa Auerbach, Tyler Head, Mira Patel, Andrew Nassab, and Cristina Risso (Sonoma State University)

Faculty Evaluators:

  • Jeff McCall, Dave Berque, Brian Howard, and Kevin Howley (DePauw University)
  • Jimmy Dizmang (University of San Diego)
  • Noel Byrne and Kelly Bucy (Sonoma State University)
  • Mickey Huff (Diablo Valley College)

In spring 2009, Senate Bill 773, the Cybersecurity Act of 2009, was proposed, which gives the president power to “declare a cyber security emergency” with respect to private computer networks, and to do with these networks what it deems necessary to diffuse the attack. In a national emergency, the president would also have the power to completely shut down the Internet in the US. The proposal requires that certain private computer systems and networks be “managed” by “cyberprofessionals” licensed by the federal government. The bill permits the president to direct the national response to the cyber threat if necessary for national defense and security; to conduct “periodic mapping” of private networks deemed to be critical to national security; and to require these companies to “share” information requested by the federal government.

Such steps toward increased control over private computer networks have been taken amid an ongoing program of mass surveillance begun by the George W. Bush administration supposedly in response to the attacks of September 11, 2001. In January 2002, the Defense Advanced Research Projects Agency (DARPA) established the Information Awareness Office (IAO) to “imagine, develop, apply, integrate, demonstrate and transition information technologies, components and prototype, closed-loop, information systems that will counter asymmetric threats by achieving total information awareness.” Under the Bush administration, such surveillance technology was developed and subsequently deployed through major US telecommunication and Internet service providers (ISPs) to conduct mass, warrantless dragnets of all domestic and international electronic traffic passing through switches in the US. This technology includes so-called “deep packet inspection” (DPI) technology, which employs sophisticated algorithms to parse all Internet contents (data, voice, and video), searching for key words such as “rebel” or “grenade.”

Presently no legislation exists that disallows use of such technology to conduct mass, warrantless surveillance. In fact, in January 2009, as David Karvets reported in Wired, the Obama administration sided with the Bush administration by asking a federal judge to set aside a ruling that kept alive a lawsuit challenging the Bush administration’s authority to eavesdrop on Americans without warrants. Moreover, amendments to the Foreign Intelligence Surveillance Act (FISA) passed in 2008—and voted for by then Senator Obama—had already made it possible for the federal government to conduct such information dragnets without warrants. The 2008 FISA amendments also require electronic communication service providers such as AT&T and Verizon to “immediately provide the Government with all information, facilities, or assistance necessary to accomplish the [intelligence] acquisition,” while granting these companies retroactive and prospective immunity against civil suits, state investigations, and criminal prosecution.

In addition, in April 2009, the Obama Justice Department invoked the “state secrets privilege” to bar American citizens from suing the US government for illegally spying on them. It also went even further than the Bush administration by arguing that the US government is completely immune from litigation for illegal spying and can never be sued for surveillance that violates federal privacy laws.

The federal government is also presently increasing its capacity to analyze the massive sea of data on the Internet. As part of an effort to gather more “open source intelligence,” the Central Intelligence Agency (CIA) is investing in Visible Technologies, a data-mining company that analyzes the content of social media Web sites. Visible Technologies, which has offices in New York, Seattle, and Boston, was created in 2005, and in 2006 it developed a partnership with WPP, a worldwide communications firm. This company has the capacity to examine over half a million sites per day.

The Federal Bureau of Investigation (FBI) has also resorted to using federal court subpoenas to try to gain access to private, online information. On January 30, 2009, IndyMedia, an alternative online news source, received a subpoena from the Southern District of Indiana Federal Court for the “IP addresses, times, and any other identifying information” of all the site’s visitors on June 25, 2008. IndyMedia was then prohibited from notifying visitors of this release of otherwise private and protected information because disclosure “would impede the investigation being conducted and thereby interfere with the enforcement of the law.” IndyMedia and the Electronic Frontier Foundation (EFF) challenged the order and the subpoena was eventually dropped.

The Obama administration is also currently working with a group of UN nations on the development of the Anti-Counterfeiting Trade Agreement (ACTA), “a new intellectual property enforcement treaty” to prevent illegal downloading and copying of songs, movies, pictures, and other legally protected Web content. The new law is being developed in secrecy and might allow government access to personal content on hard drives thought to be in breach of copyright. On November 3, 2009, nations participating in negotiations on the proposed law met in Seoul, South Korea, for a closed discussion of “enforcement in the digital realm.” According to a leaked memo from the conference, the US is pushing for a three-strikes/graduated-response policy and proactive policing of ISPs to ensure that any digital copyright infringements are caught, stopped, and punished.

In addition to the current trend of government surveillance, private employers are also reading employees’ e-mails, eavesdropping on their telephone calls, monitoring their Internet access, and watching them through the use of hidden cameras. Millions of workers carry company-issued cell phones, which are equipped with a global positioning system (GPS). The technology required to track cell phones is inexpensive (costing only five dollars per month for round-the-clock surveillance of an employee) and is readily available.

Company-issued laptops are also being monitored. Companies usually permit their employees to use such computers for personal purposes as well as for business. However, unbeknownst to the employees, all their private files (such as e-mails, photographs, and financial records) are being inspected by company techs when the computers are brought in for upgrades or repairs. Consequently, anything the techs deem questionable can be disclosed to management. Further, if the company-issued laptop has a webcam, the employer can use it to eavesdrop on the employee, even if he or she is in the bathroom.

Such clandestine use of computer webcams has not been limited to private companies spying on their employees. In one recent case, a suburban Philadelphia school district issued laptops to its students and secretly installed software that allowed school administrators to spy on the students.

As electronic surveillance technologies continue to improve, in the absence of laws to regulate their use and government watchdogs to ensure that these laws are followed, privacy in the digital age will predictably continue to decline.

Update by Liz Rose at Free Press

Deep packet inspection is a technology that gives corporations unprecedented control over Internet communications. It’s the same technology that allows Iran and other countries to try to stifle Internet freedom. The use of DPI is now pervasive and has spread to next-generation wireless networks. In this country, the adoption of DPI means that the telephone and cable companies that provide Internet service can monitor, inspect, and block Internet traffic, posing a serious threat to the open Internet.

There are two major developments in this story:

  1. Major telecommunications companies (including Verizon, Comcast, AT&T, RCN, and COX) have now purchased DPI technology. Because of this investment, and because the technology has now been applied to wireless communications, the industry’s control over the Internet is increasing. The latest generation of DPI enables companies to monitor and ultimately to charge people for every use of an Internet connection.Free Press filed ten pages of comments with the Federal Communications Commission (FCC) about DPI. See pages 141 to 151 of our comments in the Net Neutrality proceeding on January 14, 2010 (http://www.freepress.net/node/76101). Free Press also released a paper titled “Deep Packet Inspection: The End of the Internet as We Know It” by Josh Silver, in March 2009, before the Democracy Now! story, “Deep Packet Inspection: Telecoms Aided Iran Government to Censor Internet Technology Widely Used in US,” ran, and it provides evidence of the threat posed by corporations having the power to inspect, block, and choke traffic on the Internet: (see http://www.freepress.net/files/Deep_Packet_Inspection _The_End_of _the_Internet_As_We_Know_It.pdf).
  2. On April 6, 2010, a federal court ruled that the FCC does not have the authority under the jurisdiction that it claimed to stop Comcast—or any company—from blocking or choking Internet traffic. So right now, there is no recourse when a company does abuse its power over online communications. The FCC has indicated that it may move ahead and try to reassert its authority to set rules of the road for the Internet, but most observers think it will be a long battle ahead over the jurisdictional issues as well as over any possible rules.


Josh Silver, “Deep Packet Inspection: Telecoms Aided Iran Government to Censor Internet, Technology Widely Used in US,” Democracy Now!, June 23, 2009, http://www.democracynow.org/2009/6/23/deep­_packet_inspection_telecoms_aided_iran.

David Karvets, “Obama Sides With Bush in Spy Case,” Wired, January 22, 2009, http://www.wired.com/threatlevel/2009/01/obama-sides-wit/.

Kim Zetter, “Deep-Packet Inspection in U.S. Scrutinized Following Iran Surveillance,” Wired, June 29, 2009, http://www.wired.com/threatlevel/2009/06/deep-packet-inspection.

Declan McCullagh, “Bill Would Give President Emergency Control of Internet,” CNET News, August 28, 2009, http://news.cnet.com/8301-13578_3-10320096-38.html?tag=mncol.

Kevin Bankston, “From EFF’s Secret Files: Anatomy of a Bogus Subpoena,” Electronic Frontier Foundation, November 9, 2009, http://www.eff.org/wp/anatomy-bogus-subpoena-indymedia.

Gwen Hinze, “Leaked ACTA Internet Provisions: Three Strikes and Global DMCA,” Electronic Frontier Foundation, November 3, 2009, http://www.eff.org/deeplinks/ 2009/11/leaked-acta-internet-provisions-three-strikes-and-.

Michael Geist, “The ACTA Internet Chapter: Putting the Pieces Together,” Michael Geist Blog, November 3, 2009, http://www.michaelgeist.ca/content/view/4510/125.

Tim Jones, “In Warrantless Wiretapping Case, Obama DOJ’s New Arguments Are Worse Than Bush’s,” Electronic Frontier Foundation, April 7, 2009, http://www.eff.org/deeplinks/2009/04/obama-doj-worse-than-bush.

Steve Aquino, “Should Obama Control the Internet,” Mother Jones, April 2, 2009, http://motherjones.com/politics/2009/04/should_obama_control_internet.

Noah Shachtman, “U.S. Spies Buy Stake in Firm that Monitors Blogs, Twitter,” Wired, October 19, 2009, http://www.wired.com/dangerroom/2009/10/exclusive-us-spies-buy-stake-in-twitter-blog-monitoring-firm.

Noah Shachtman, “CIA Invests in Software Firm Monitoring Blogs, Twitter,” Democracy Now!, October 22, 2009, http://www.democracynow.org/2009/10/22/cia_invests_in _software_firm_monitoring.

Lewis Maltby, “Your Boss Can Secretly Film You in the Bathroom—The Countless Ways You Are Losing Privacy at Work,” AlterNet, March 17, 2010, http://www.alternet.org/rights/146047/your_boss_can_secretly_film_you_in_the_bathroom_—_the_countless_ways_you _are_losing_privacy_at_work.

Elliot D. Cohen, Mass Surveillance and State Control: The Total Information Awareness Project (New York: Palgrave Macmillan, 2010).

Corporate Media Sources:

Rob Pegoraro, “Copyright Overreach Goes on World Tour,” Washington Post, November 5, 2009, financial sec., G01.