Press-Republican

July 14, 2013

What is more important, privacy or security?

BY STEWART DENENBERG, Technology and Society
Press-Republican

---- — The tradeoff between privacy and security is once again making headlines.

In case you’ve been hibernating, allow me to summarize this story, which pits our personal privacy — nay, our very freedom — against the security needs of the government of the United States of America.

The way I understand the situation is that all of this National Security Agency phone tapping and Internet snooping started with the Bush administration shortly after 9/11 and has continued to the present Obama administration.

The government claims that it is not an infringement of your Fourth Amendment protection against “unreasonable search” because it does not use the use the actual data (your phone conversations and internet communications); instead it captures just the “metadata.”

What, you may ask, is “metadata”? It’s data that describes the original data or information about the information in the call or email and might better be called “meta-information.”

It usually includes the date and time the information was transmitted or, if it was a phone call, the calling number and the number you called.

So although, your phone conversation or email or visit to that racy website is accessible to the government computers, they are not examined unless a “national security” flag is raised.

And what, you may continue to ask, is a “national security” flag? An example of that might be if the phone number or email address matched the phone number of someone on a terrorist list.

Then and only then, according to the government, do the wheels of justice engage. The NSA contacts a Foreign Intelligence Surveillance Act Court for permission to access the actual data (in our example, the audio of the phone call) to follow up this lead and begin an investigation. However, critics of the Surveillance Act Court claim that it is merely a “rubber stamp” and too easily grants requests to snoop.

The technology that allows all of our phone, Internet and financial transactions to be tracked by the government is called “Big Data” by the Information Technology community.

In simple terms, Big Data is a shorthand phrase denoting the computer programs and hardware that can search very large databases, such as phone calls, credit cards and other banking transactions, to expose patterns and connections that would otherwise be impossible for humans to do by themselves.

Timothy B. Lee, in his article for the June 16 Washington Post, “The High Cost of Encryption,” quotes computer scientist J. Alex Halderman: “Security is rarely free. There are tradeoffs between convenience and usability and security.”

By convenience and usability he means that most everyone uses the encryption offered by their email provider, which only protects the transmission on the way from your computer to the main server, where the emails are decrypted and stored and thus accessible by the provider and also by the NSA.

While there are existing encryption apps that keep your message encrypted from your end to the other end, they are not convenient to use and difficult for the providers to implement, so most users have opted for convenience over tighter security.

In the same edition of the Washington Post is the article, “How PRISM (a clandestine national security electronic surveillance program) could destroy the tech giants” by Farhad Manjoo, who raises another important point.

Manjoo claims that many have adopted the attitude, “Hey, I’m not doing anything wrong, so I don’t really care if the NSA is reading my email...”

But, he continues, that is no reason for us not to demand a fuller accounting of what data the government is gathering on us. That way, at least, we’ll be better able to make an informed decision as to whether the tradeoff between privacy and security is really worth it.

As he says, “It’s perfectly fine for us to decide that we’re OK with this invasion of privacy...But we can’t decide if the tradeoff is worth it if it’s all secret.”

The president seems to want to start a conversation about the tradeoffs between privacy and security, and our senator across the lake, Patrick Leahy, chair of the Judiciary Committee, is pushing legislation to condense, clarify and curtail the reach of government into our freedoms.

That’s a good start.

Dr. Stewart A. Denenberg is an emeritus professor of computer science at Plattsburgh State, retiring recently after 30 years there. Before that, he worked as a technical writer, programmer and consultant to the U.S. Navy and private Industry. Send comments and suggestions to his blog at www.tec-soc.blogspot.com, where there is additional text and links. He can also be reached at denenbsa@gmail.com.