Date post: | 27-Dec-2015 |
Category: |
Documents |
Upload: | loreen-simpson |
View: | 217 times |
Download: | 1 times |
Security & Privacy After Snowden: The Review Group &
the USA Freedom ActGartner Security & Risk Management Summit
Peter Swire
Senior Counsel, Alston & Bird LLP
Huang Professor of Law and EthicsScheller College of Business
Georgia Institute of Technology
June 10, 2015
Overview of the Talk
USA Freedom Act passed last week Link between President’s Review Group and USA
Freedom NSA reform has gone surprisingly far That story at www.peterswire.net
Technology issues raised by the Review Group report Tension between cyber offense and defense, for
crypto and zero days The role of IT professionals
This happened last week: coincidence?Last Triple Crown Winner: Affirmed (1978); American Pharaoh (2015)
Last Foreign Intel Reform: FISA (1978); USA Freedom (2015)
Creation of the Review Group
Snowden leaks of 215 and Prism in June, 2013 August – Review Group named Report due in December 5 members
Our assigned task
Protect national security Advance our foreign policy, including economic
effects Protect privacy and civil liberties Maintain the public trust Reduce the risk of unauthorized disclosure
Our Report
Meetings, briefings, public comments 300+ pages in December, 2013, republished Princeton
University Press 46 recommendations
Section 215 database “not essential” to stopping any attack; recommend government not hold phone records
Pres. Obama speech January 2014 Adopt 70% in letter or spirit
USA Freedom Act & RG Recommendations
Section 215 order only with judicial approval and heightened standard (Rec 1)
End government storage of bulk telephone data and have records held in private sector, accessible only with a judicial order (Rec 5)
Similar limits on bulk collection: National Security Letters (Rec 2) and FISA pen/trap
General rule limiting bulk collection (Rec 4) – the new law as a message to agency lawyers to watch out
Greater transparency by government about foreign intelligence orders (Rec 9 & 10)
Congressional approval of public interest advocates to represent privacy and civil liberties interests before the FISC (Rec 28)
Administration Measures
In 2014, Administration already required judge before looking at a phone number under Section 215
Transparency, including FISC opinions, company transparency reports
Some limits on “incidental collection” under Prism (Section 702)
National Security Letters Previously stayed secret 50 years (or longer) New rule that secret no longer than 3 years, unless
senior DOJ official finds essential
Administration Measures (2)
White House oversight of the intelligence community: More on this later in the talk Sensitive intelligence collection Surveillance of foreign leaders Zero-day equities process
Funding increases In place for Privacy & Civil Liberties Oversight Board Pending for Mutual Legal Assistance Treaty staffing
and tech upgrades (current topic of my research)
Measures Affecting Non-US Persons
Presidential Policy Directive 28 History of spying – open season on foreign nationals
outside your boundaries New human rights-style declaration that will treat non
US persons the same as US persons for foreign intelligence purposes, except where that won’t work For Germany? Syria?
Minimization and dissemination rules apply. Privacy recognized as an integral part of intelligence process.
Hard to assess scope from the outside but a change in philosophy
Measures Affecting Non-US Persons (2)
US Privacy Act reform History that applies to US persons (citizens and lawful
permanent residents), but not to non-US persons Dept. of Homeland Security treats the same Administration support for this in statute, including
judicial redress for non-US persons. Good step, although limited scope of Privacy Act
protections
Summary on NSA Reform
What we have seen: Biggest pro-privacy legal reform in intelligence since
enactment of FISA in 1978 The administration’s multiple reforms USA Freedom sends a democratic message for
agencies to be thoughtful about privacy RG factual finding of strong compliance system in
NSA Tech companies have strengthened encryption &
security for users in multiple ways To me, an encouraging response compared to the
debates immediately after 9/11
Part 2: One Internet, Multiple Equities
The same Internet for: Intelligence, law enforcement E-Commerce Free speech & political dissent All the fun stuff – cat videos Military theaters of combat
One Internet -- Outline
Effects are larger due to convergence of: Domestic and civilian communications, with Foreign, intelligence, and military communications
One major area of debate for IT: Larger tensions between offense and defense in
cybersecurity
IC: Convergence of Communications Cold War
Soviet systems separate from U.S. systems Main threat from nation states U.S. citizens rarely made “long-distance” or
“international” calls Today
One global Internet Main threat from terrorists and others who swim in a
sea of civilian communications U.S. citizens have many communications that route
outside of the U.S., where FISA rules are different Mayer: “pervasive” information from U.S. browsing
goes outside of U.S.
Offense & Defense in Cybersecurity in Era of Converging Communications
Offense was easier when there was a target “there” (in Warsaw Pact or military theater)
Convergence means we are often targeting the same hardware, software, and systems that the good guys use
Strong intelligence and military reasons for offensive capabilities Intelligence advantages if can access bulk data, globally, with
lower risk of casualties than physical entry Historical role of full-throttle offense for the military: crack
Enigma and save the convoys Military in the future - Cyber Command, analogous to the way
the Air Force became key to offense Where more critical infrastructure is online, then offense against
it more valuable
Defense and Cybersecurity Old days:
Military (and NSA) have long had “information assurance,” to protect own codes and communications
Where find a flaw, then use chain of command to fix it Command and control, so “patch” is installed Operational security, with goal that only the defenders
learn of the patch Today:
Over 90% of critical infrastructure privately held If install a patch, then tip off outsiders: can’t defend the
“good guys” and still attack the “bad guys” Cybersecurity has daily attacks against civilians, so
defense is more important No magic bullets to target only “them”; the offense also
works against “us”
Review Group and Defense
With convergence, much bigger effects on civilian-side defense if IC & military lean toward offense
RG: Areas to strengthen defense: Improve security of government systems
Address insider threat, etc. Zero days Encryption
Zero Days & the Equities Process
A “zero day” exploit means previously unused vulnerability, where defenders have had zero days to respond
Press reports of USG stockpiling zero days, for intelligence & military use
RG Rec 30: Lean to defense. New WH equities process to ensure vulnerabilities are blocked for USG and private networks. Exception if inter-agency process finds a priority to retain the zero day as secret.
Software vendors and owners of corporate systems have strong interest in good defense
WH adopted this this year
Strong Crypto for Defense
Crypto Wars of the 1990’s showed NSA & FBI interest in breaking encryption (offense)
1999 policy shift to permit export globally of strong encryption, necessary for Internet (defense)
Press reports of recent NSA actions to undermine encryption standards & defeat encryption (offense)
RG Rec 29: support strong crypto standards and software; secure communications a priority on the insecure Internet; don’t push vendors to have back doors (defense)
No announcement yet on this recommendation
Strong Crypto for Defense: The 90’s
Crypto Wars of the 1990’s showed NSA & FBI interest in breaking encryption (offense)
1999 policy shift to permit export globally of strong encryption, necessary for Internet, to protect civil liberties (defense) Clipper Chip: proposal to build a back door (key escrow)
into the hardware chips Prohibit export of strong encryption because crypto was a
“munition” A lesson learned: key escrow doesn’t work because the
method of entry used by the “good guys” is a vulnerability to exploit for the bad guys
Plus, other governments will insist on the keys – the least trusted country
Strong Crypto for Defense: Today
Press reports of NSA actions to undermine encryption standards & defeat encryption (offense)
RG Rec 29: support strong crypto standards and software; secure communications a priority on the insecure Internet; don’t push vendors to have back doors (defense)
FBI Director Comey: criticize Apple & Google when they decided not to have a “master key” for phones He worries about “going dark” due to strong crypto
A & G: this is good defense, good protection for our customers
“Going Dark” vs. “Golden Age of Surveillance”
“Going Dark”: when have the phone, no way for FBI to open it May be true, in small number of cases
Golden Age of Surveillance: We all carry tracking devices Meta-data of email, text, phone, SNS shows the co-
conspirators LOTS of other databases that didn’t use to exist
If compare 1990 to 2015, the FBI has far greater capabilities today. Not “dark.”
My view: better to have effective defense against attackers with effective encryption
Internet Policy: Addressing Multiple Risks
In addition to strengthening cyber-defense, there are multiple risks/equities in addition to national security: Privacy & civil liberties Allies Business and the economy Internet governance
RG Recs 16 & 17: Weigh the multiple risks New process & WH staff to review sensitive
intelligence collection in advance Senior policymakers from the economic agencies
(NEC, Commerce, USTR) should participate
Summary on One Internet, Multiple Equities
In addition to national security, have crucial other equities: Strengthen cyber-defense Privacy & civil liberties Allies Business and the economy Internet governance
IC decisions in the context of these other equities Strong crypto for defense more important than broken
crypto for surveillance access Fix zero days for defense more important than having
a shelf full of attacks
Part 3: The Role of IT Professionals
You are at the center of all of the equities of the “One Internet, Multiple Equities” clash of goals
ACM code of ethics – confidentiality & security New Internet Society/IETF security efforts, with ethics for
IT professionals Lean toward defense for your own systems Inform the policy makers of what can be done and
should be done=
The 3 Themes
NSA reform has out-performed the skeptics A democratic affirmation of privacy checks and
balances on surveillance One Internet, multiple equities
The IC cannot decide for all these equities The role of IT professionals
You build these systems
Conclusion
There was no optimizing algorithm for the multiple tasks of the Review Group
There is no optimizing algorithm for your tasks as IT professionals, to conduct surveillance, prevent intrusion, govern the Internet, etc.
You are in the center of the great moral issues of our time
We all need your participation and insights Let’s get to work