02:46 GMT +325 November 2017
Live
    A photo taken on July 16, 2013 shows a sign reading video surveillance fixed to a lamp post in front of radomes of the former monitoring base of the US intelligence organization National Security Agency (NSA) in Bad Aibling, southern Germany

    Can New Cyber Strategy Legalize Sending Foreign Militaries US Citizen Data?

    © AFP 2017/ CHRISTOF STACHE
    US
    Get short URL
    0 55545

    A provision of the Pentagon’s new Cyber Defense Strategy may allow government agencies to send information about U.S. citizens to foreign militaries, some defense analysts are arguing.

    This week, Defense Secretary Ashton Carter described "three missions" of his department's cyberstrategy during a speech at Stanford University.

    "The first is to defend DoD networks, systems, and information," Carter said. "The second is to defend the U.S. homeland and U.S. national interests against cyberattacks of significant consequence," he said. "And the third is to provide integrated cyber capabilities to support military operations and contingency plans."

    However, some analysts say a provision of the Pentagon’s new Cyber Defense Strategy may allow government agencies to send information about US citizens to foreign militaries.

    The provision in the strategy made public last week reads, "As a part of its cyber dialogue and partnerships, DOD [Department of Defense] will work with key Middle Eastern allies and partners to improve their ability to secure their military networks as well as the critical infrastructure and key resources upon which U.S. interests depend. Key initiatives include improved information sharing to establish a unified understanding of the cyber threat, an assessment of our mutual cyber defense posture, and collaborative approaches to building cyber expertise."

    The strategy is causing some alarm among the privacy community.

    “If the attacker can gain access to a user account with lots of access rights, like a computer administrator, they will be able to move right past all the alarms and defenses,” said Matt Kodma of the cyber intelligence analytics group Recorded Future according to DefenseOne. “However, the behavior of that user account, once it's been hijacked by a cyber attacker, will be unusual.”

    Tucker also suggests monitoring certain actions like the uploading of large files with plenty of mystery code that doesn’t seem to have a clear purpose.

    “This authorization would not just seriously undermine Americans’ Fourth Amendment rights, which would otherwise require the government to obtain a warrant based on probable cause to access much of that same information, it would create an expansive new means of general-purpose government surveillance. (Sec. 5(d)(5)(A)),” wrote Robyn Greene, who serves as policy counsel for the Open Technology Institute at the New America Foundation.

    Mark Jaycox, a legislative analyst at the Electronic Frontier Foundation, has made similar arguments.

    “Existing private rights of action for violations of the Wiretap Act, Stored Communications Act, and potentially the Computer Fraud and Abuse Act would be precluded or at least sharply restricted … It remains to be seen why such immunity is needed when just a few months ago, the FTC and DOJ noted they would not prosecute companies for sharing such information.”

     

    Related:

    Germany's Role in NSA Spying May Have Embarrassing Implications for Merkel
    US Freedom Act to Reform ‘Secret’ NSA Oversight Court -Digital Rights Group
    Bill to Modify NSA Mass Spying on Citizens Reintroduced to US Congress
    US Patriot Act Should Be ‘Let Die’ - NSA Whistleblower
    US Congress Wants to Extend NSA Spying Until 2020
    Tags:
    digital surveillance, digital privacy, privacy, surveillance, spying, NSA spying, New America Foundation, Electronic Frontier Foundation, National Security Agency (NSA), NSA, Ashton Carter, Robyn Greene, Mark Jaycox, Washington, DC
    Community standardsDiscussion
    Comment via FacebookComment via Sputnik
    • Сomment