Internet steps put privacy at risk

June 25th, 2015 1:40 am

First Posted: 5/20/2013

The FBI wants new tools to monitor people online, and the Obama administration soon might officially endorse the plan. It would mark another alarming escalation in federal access to Americans’ personal information, and that is not even the worst thing. If the bureau gets its way, it would create security vulnerabilities that hackers and identity thieves could exploit.

In the past, law enforcement could listen in on phone conversations. Today, people store their records online and use Skype or Google+ to chat. Because software often encrypts the data, eavesdropping is difficult, especially on short notice. The FBI dubbed this challenge “Going Dark,” a spooky moniker that invites images of untraceable criminals in a shadowy digital world.

The bureau therefore wants Internet companies to install back doors in their systems. Where investigators once literally tapped into a phone wire, they now would slip through a software hole created just for them.

They insist they would conduct only legal searches, but “legal” apparently is open to debate in some circles. Internal Justice Department documents obtained by the American Civil Liberties Union reveal some investigators believe they do not need a warrant. They argue a subpoena signed by a prosecutor is sufficient. That standard falls far short of usual and proper judicial oversight.

Last month, U.S. Sen. Pat Roberts of Kansas and 11 other senators from both major parties sent a letter to the Internal Revenue Service questioning its authority to obtain email and other electronic communications without a warrant. “We believe these actions are a clear violation of the Fourth Amendment’s prohibition against unreasonable searches and seizures,” they wrote.

We hope they apply that same vigilance to law enforcement.

Under the plan, companies that do not provide access to data when ordered would risk stiff fines, starting at up to $25,000 per day. Many would probably just install the back doors. Others could avoid liability by moving their jobs and servers overseas. The Internet, after all, transcends national borders.

Citizens and lawmakers must not fall into the trap of believing this affects only wrongdoers who attract government attention. Back doors create a security vulnerability, a soft spot that hackers and identity thieves would seek to exploit. When they crack them, they win access to everyone’s data on a particular system. The ensuing harm could be tremendous.

How long, too, until backdoors are used to monitor lawful dissidents both domestic and foreign? The Arab Spring succeeded thanks in large part to social media. It takes little effort to imagine the Egyptian government petitioning for a look at the Twitter chatter. And if the United States declined, hackers would remain an option for a desperate foreign government.

The news out of Washington this week provided ample evidence of the risks of handing the government so powerful a tool. The Internal Revenue Service’s targeting conservative nonprofit groups for special scrutiny demonstrated yet again that federal agencies are not immune to pernicious ideological profiling.

Even more troubling in the context of digital communication, the Department of Justice quietly seized two months worth of phone records from lines used by Associated Press reporters and editors, impinging on the freedom of the press. If a national news organization is not secure from obtrusive, inappropriate searches, average citizens have little hope.

Law enforcement needs tools to pursue criminal investigations, but lawmakers must weigh that against privacy, personal digital security and business needs. Americans should be able to chat online and store their data in the cloud without worrying that Uncle Sam or someone worse is peeking.

The Kansas City Star (Kansas City, Mo.)