A More Cautious Approach to Security Against Mass Surveillance

At CRYPTO 2014 Bellare, Paterson, and Rogaway (BPR) presented a formal treatment of symmetric encryption in the light of algorithm substitution attacks (ASAs), which may be employed by `big brother\u27 entities for the scope of mass surveillance. Roughly speaking, in ASAs big brother may bias ciphertexts to establish a covert channel to leak vital cryptographic information. In this work, we identify a seemingly benign assumption implicit in BPR\u27s treatment and argue that it artificially (and severely) limits big brother\u27s capabilities. We then demonstrate the critical role that this assumption plays by showing that even a slight weakening of it renders the security notion completely unsatisfiable by any, possibly deterministic and/or stateful, symmetric encryption scheme. We propose a refined security model to address this shortcoming, and use it to restore the positive result of BPR, but caution that this defense does not stop most other forms of covert-channel attacks

Journalistic freedom and the surveillance of journalists post-Snowden

A paradigmatic shift is sometimes revealed by an unanticipated and extraordinary event, and so it was with Edward Snowden in 2013. A National Security Agency (NSA) contractor, Snowden was so appalled at the exponential expansion of covert digital surveillance that he decided it was his moral duty to inform the public, indeed the world. This he did from a hotel room in Hong Kong when he gave a small group of selected journalists access to 1.7 million classified documents taken from the NSA. These documents revealed the global snooping capabilities of the NSA and its ‘Five Eyes’ intelligence agency partners (ASIO in Australia, CSE in Canada, GCSB in New Zealand, and the GCHQ in United Kingdom). The Five Eyes can vacuum up just about all digital communications anywhere, anytime, and much else besides if they are so minded. Many who take a deep interest in signals intelligence thought these Anglo-Saxon agencies had probably increased their capabilities since 9/11, but even they were shocked when Snowden revealed the sheer scale – it far exceeded any estimate of capability

The Ethics of Police Body-Worn Cameras

Over the past decade, police departments in many countries have experimented with and increasingly adopted the use of police body-worn cameras. This article aims to examine the moral issues raised by the use of PBWCs, and to provide an overall assessment of the conditions under which the use of PBWCs is morally permissible. It first reviews the current evidence for the effects of using PBWCs. On the basis of this review the article sets out a teleological argument for the use of PBWCs. The final two sections of the article review two deontological objections to the use of PBWCs: the idea that use of PBWCs is based on or expresses disrespectful mistrust, and the idea that the use of PBWCs violates a right to privacy. The article argues that neither of these objections is persuasive, and concludes that we should conditionally accept and support the use of PBWCs

The Retrieval of Liberalism in Policing

There is a growing sense that many liberal states are in the midst of a shift in legal and political norms—a shift that is happening slowly and for a variety of reasons relating to security. The internet and tech booms—paving the way for new forms of electronic surveillance—predated the 9/11 attacks by several years, while the police’s vast use of secret informants and deceptive operations began well before that. On the other hand, the recent uptick in reactionary movements—movements in which the rule of law seems expendable—began many years after 9/11 and continues to this day. One way to describe this book is an examination of the moral limits on modern police practices that flow from the basic legal and political tenets of the liberal tradition. The central argument is that policing in liberal states is constrained by a liberal conception of persons coupled with particular rule of law principles. Part I consists of three chapters that constitute the book’s theoretical foundation, including an overview of the police’s law enforcement role in the liberal polity and a methodology for evaluating that role. Part II consists of three chapters that address applications of the theory, including the police’s use of informants, deceptive operations, and surveillance. The upshot is that policing in liberal societies has become illiberal in light of its response to both internal and external threats to security. The book provides an account of what it might mean to retrieve policing that is consistent with the basic tenets of liberalism and the limits imposed by those tenets. [This is an uncorrected draft of the book's preface and introduction, forthcoming from Oxford University Press.

The security implications of geoengineering:blame,imposed agreement and the security of critical infrastructure

The prospect of solar geoengineering in response to climate change (on the basis of its supposedly significantly lower cost and/or more rapid impact on global temperature than carbon reduction strategies) raises a number of security concerns that have traditionally been understood within a standard Geo-political framing of security. This relates to unrealistic direct application in inter-State warfare or to a securitization of climate change. However, indirect security implications are potentially significant. Current capability, security threats and international law loopholes suggest the military, rather than scientists would undertake geoengineering, and solar radiation management (SRM) in particular. SRM activity would be covered by Critical National Infrastructure policies, and as such would require a significant level of secondary security infrastructure. Concerns about termination effects, the need to impose international policy agreement 4 (given the ability of 'rogue States' to disrupt SRM and existing difficulties in producing global agreement on climate policy), and a world of extreme weather events, where weather is engineered and hence blameworthy rather than natural, suggest these costs would be large. Evidence on how blame is attributed suggest blame for extreme weather events may be directed towards more technologically advanced nations, (such as the USA) even if they are not engaged in geoengineering. From a security perspective SRM is costly, ungovernable, and raises security concerns of a sufficient magnitude to make it a non-viable policy option

Privacy as a Public Good

Privacy is commonly studied as a private good: my personal data is mine to protect and control, and yours is yours. This conception of privacy misses an important component of the policy problem. An individual who is careless with data exposes not only extensive information about herself, but about others as well. The negative externalities imposed on nonconsenting outsiders by such carelessness can be productively studied in terms of welfare economics. If all relevant individuals maximize private benefit, and expect all other relevant individuals to do the same, neoclassical economic theory predicts that society will achieve a suboptimal level of privacy. This prediction holds even if all individuals cherish privacy with the same intensity. As the theoretical literature would have it, the struggle for privacy is destined to become a tragedy. But according to the experimental public-goods literature, there is hope. Like in real life, people in experiments cooperate in groups at rates well above those predicted by neoclassical theory. Groups can be aided in their struggle to produce public goods by institutions, such as communication, framing, or sanction. With these institutions, communities can manage public goods without heavy-handed government intervention. Legal scholarship has not fully engaged this problem in these terms. In this Article, we explain why privacy has aspects of a public good, and we draw lessons from both the theoretical and the empirical literature on public goods to inform the policy discourse on privacy

Governing autonomous vehicles: emerging responses for safety, liability, privacy, cybersecurity, and industry risks

The benefits of autonomous vehicles (AVs) are widely acknowledged, but there are concerns about the extent of these benefits and AV risks and unintended consequences. In this article, we first examine AVs and different categories of the technological risks associated with them. We then explore strategies that can be adopted to address these risks, and explore emerging responses by governments for addressing AV risks. Our analyses reveal that, thus far, governments have in most instances avoided stringent measures in order to promote AV developments and the majority of responses are non-binding and focus on creating councils or working groups to better explore AV implications. The US has been active in introducing legislations to address issues related to privacy and cybersecurity. The UK and Germany, in particular, have enacted laws to address liability issues, other countries mostly acknowledge these issues, but have yet to implement specific strategies. To address privacy and cybersecurity risks strategies ranging from introduction or amendment of non-AV specific legislation to creating working groups have been adopted. Much less attention has been paid to issues such as environmental and employment risks, although a few governments have begun programmes to retrain workers who might be negatively affected.Comment: Transport Reviews, 201

Surveillance arbitration in the era of digital policing

This article analyses adoptions of innovative technology into police surveillance activities. Extending the nascent body of empirical research on digital policing, the article draws on qualitative interview data of operational police uses of advanced surveillance technologies. Separate illustrative examples are drawn from social media intelligence gathering, digital forensics and covert online child sexual exploitation investigations. Here, surveillance governance mechanisms, often authored in the ‘pre-digital’ era, are deemed ill-fitting to the possibilities brought by new technologies. This generates new spaces of interpretation, where regulatory frameworks become renegotiated and reinterpreted, a process defined here as ‘surveillance arbitration’. These deliberations are resolved in myriad ways, including perceived licence for extended surveillance and, conversely, more cautious approaches motivated by perceived exposure to regulatory sanction

Smallpox and Bioterrorism: Why the Plan to Protect the Nation Is Stalled and What to Do

The Iraq war is over, no weapons of mass destruction (WMD) have yet been found, and the president's smallpox plan, though sound, is running out of steam. Instead of being well on the way to protecting the nation's civilian population by vaccinating up to 10 million health, emergency, and public safety workers, we are stalled at 37,971 vaccinated civilians while the military has successfully and safely vaccinated more than 450,000 people. Moreover, whether or not WMD are found in Iraq, it is only one of a number of nations on the list of suspects. Of all biological weapons, smallpox has the greatest potential for doing widespread harm. Given that the risk of death or serious harm to anyone from any form of terrorism is very low, we should live our daily lives normally, not in fear. However, to do that we need to be sure that our government is taking effective steps to reduce the chances of terrorism and, when it occurs, to minimize its consequences. Even though there is enough vaccine for everyone, we are ill prepared to rapidly contain smallpox after a bioterrorist release. Although Centers for Disease Control and Prevention (CDC) guidelines have recently improved, they continue to overstate the risk of side effects of the vaccine and erroneously suggest that, after an attack, the techniques used decades ago to eradicate smallpox will work well today. Medicine and public health are very risk-averse professions in our risk-averse culture. We have not yet realized the complexity and difficulty of vaccinating millions of Americans rapidly after an attack. Nor have we come to grips with the need to make rapid, possibly draconian, post-attack decisions based on limited data of uncertain quality. That type of decisionmaking runs counter to the culture of public health. The Bush administration needs to revitalize our preparations for a smallpox bioterrorist event