Section 215 of the Patriot Act will expire during the summer of 2015 and will not be renewed unless the White House changes the scale of the surveillance programs for which the National Security Administration (NSA) uses the authorization, according to James Sensenbrenner Jr. (R-Wis.), an original author of the Patriot Act and its two reauthorizations, stated Washington insider-news source The Hill.It appears that Obama's inexplicable decision to only tinker with the domestic spying program is a failure.
“Unless Section 215 gets fixed, you, Mr. Cole, and the intelligence community will get absolutely nothing, because I am confident there are not the votes in this Congress to reauthorize it,” Sensenbrenner warned Deputy Attorney General James Cole during the Feb. 4 hearing.
Even civil rights defenders like myself acknowledge that there might be instances when the NSA needs to monitor a person's communications, but that in no way justifies mass data collection.
Section 215 is the critical foundation upon which the 4th Amendment is under assault.
“Section 215 of the Patriot Act authorizes the government to obtain “any tangible thing” relevant to a terrorism investigation, even if there is no showing that the “thing” pertains to suspected terrorists or terrorist activities,” according to an ACLU position paper. “This provision is contrary to traditional notions of search and seizure, which require the government to show reasonable suspicion or probable cause before undertaking an investigation that infringes upon a person’s privacy. Congress must ensure that things collected with this power have a meaningful nexus to suspected terrorist activity or it should be allowed to expire.”The alternative that Sensenbrenner supports, with the ACLU as his unlikely ally, is the USA Freedom Act.
Obama's plan to push the burden of domestic spying upon private companies is also a loser for reason other than the fact that this in no way stops the mass violations of the 4th Amendment. It merely privatizes it.
The NSA is already working with private companies to spy on us.
There are three broad ways that these software companies collaborate with the state: a National Security Agency program called "Bullrun" through which that agency is alleged to pay off developers like RSA, a software security firm, to build "backdoors" into our computers; the use of "bounty hunters" like Endgame and Vupen that find exploitable flaws in existing software like Microsoft Office and our smartphones; and finally the use of data brokers like Millennial Media to harvest personal data on everybody on the Internet, especially when they go shopping or play games like Angry Birds, Farmville, or Call of Duty.But that isn't the biggest problem with out-sourcing the NSA's domestic spying program. The biggest problem is that private companies have a very poor record at protecting customer data.
The Target data breach that allowed the theft of 40 million credit and debit cards is just the most obvious example. You probably didn't notice that Neiman Marcus and three other stores were also hacked at the same time.
The credit information of 100 million user accounts was stolen from Sony Playstation in 2011. The data of 45 million customes was stolen in 2007 from TJ Maxx and Marshalls.
And that only counts external hackers. Barclays Bank just got busted for illegally selling customer data.
The fact is that you are more likely to have had your personal information stolen in the last five years than to have not.
In fact, the supply of stolen credit cards has literally flooded the black market.
The Traverse City, Michigan-based Ponemon Institute, which researches data security, estimates that thieves annually steal 8.4 million credit-card numbers in the U.S. alone. How do cyberbandits, who have turned hacking into a volume business, unload all those numbers? A lot like Amazon.com, it turns out.Cybercriminals steal data worth $114 Billion a year. To put that into perspective, all bank robberies in the U.S. in 2010 was $43 Million. The global market for cocaine is $85 Billion.
Customers on CVV2s can search for card numbers by bank, card type, credit limit and zip code, loading them into a virtual shopping basket as they go. The site offers the ability to search by bank identification number. That means customers can choose cards by institutions known to have weak security, Poxxie said. CVV2s even has an automated feature that lets clients validate the numbers in real time, to make sure the bank hasn’t canceled the card.
Don't want just credit card information, but want to steal a bank account instead? That'll be just $300. Want to remote control a car? That'll be $20. In accordance with the laws of supply and demand, the price for stolen data is dropping and dropping fast.
Chances are that what you thought you knew about computer security is wrong.
it’s pretty clear the traditional conventions of AV, anti-malware, intrusion detection and prevention are no longer working.If things are so bad on the internet, why haven't you heard about it? You should ask who would be interested in telling you? The companies that need you to shop on their web site? The software companies that need you to buy their products? The intelligence agencies that want to monitor your internet use?
I remember a gentleman tell me back in the 90's how software companies had the wrong incentives when it came to security. Basically, they made more sales for adding features, but security patches only factored into the cost of making the product. So security is considered a liability, not an asset.
Like the issue of government spying, the issue of the lack of security on the internet is also reaching critical mass. It won't be long before the majority of people realize that the internet is a very different place than the image we'll been sold, and that the drawbacks are often greater than the advantages.
Representative Ted Poe, a Texas Republican, questioned how many criminal cases federal investigators have filed using information from the phone records program.
There “may be one,” said James Cole, deputy attorney general in the U.S. Department of Justice.