November 23rd, 2009

Internet: A threat to government or the other way around? (Part 4)

Posted by Doug Hanchard @ November 23, 2009 @ 10:51 AM

Categories: Antitrust, Blogs, Censorship, China, Commerce, Congress, Copyright, Courts, Cyber Security, Cybercrime, Cyberwar, Defense, Disaster recovery, E-government, Elections, European Parliament, European Union, FCC, FTC, Government 2.0, Government technology, Green Dam, Homeland security, Intellectual Property, Intelligence, International, Journalism, Justice, Law enforcement, Open government, Regulations, Security, Senate, Social networks, Spam, Standards, State & Local Govt, Telecom, UK, United Kingdom, United Nations, Web, politics

Tags: Law, Court, Counter Point, Internet, Government, Doug Hanchard

Justice systems around the world had their entire world turned upside down over the past several years because of the Internet. The basic sets of laws, often founded on a nation’s constitution are being used in ways that many forefathers never anticipated or envisioned. Republic, Dominion and Socialist government institutions around the world are all facing the same issues - often without any clear path of legal precedent.

One of the challenges facing courts is jurisdiction. Because of the very nature of the Internet, legal systems are now faced with new roadblocks that did not exist 10 years ago. Traditional methods of law enforcement and legal treaties do work and continue to be the basis of process and dealing with prosecution and trials. Interpretation of existing laws and applying them to Internet-related cases has not been a significant challenge in many cases. But there are some new aspects of what is admitted into court.

Evidence

What has shocked the system is how Internet-based materials are now used in the courts as evidence. Everything from ISP logs, website blogs, and social media sites (among others) are now being used in ways that prosecutors and jurists have never had to deal with in the past. It is also becoming a battle ground for several areas of law, particularly the integrity of evidence. This has many in the legal world concerned. It’s becoming clear that this will be an area of significant debate and will have far-reaching consequences. Internet evidence does not have look and feel of traditional evidence and, in many cases, has yet to be challenged as to its validity. Prosecutors are faced with a dilemma that impacts how and what they prosecute. This in turn has created a new source of political initiatives that are not only questionable, but in some parts of the world viewed as extreme.

Don’t have a Law yet? We’ll make one

The evolution of law and how it is created has traditionally been a slow and low priority part of the political system. No longer is that the case. Government ministers and cabinet officials appear to be fast-tracking new laws, specifically because of the Internet at a rapid pace of late. Politicians are practically tripping over themselves drafting new bills that claim that they know how to fix the problems of cybercrime and abuse. These ideas are moving at such a rapid pace that often few people actually have read the fine print. What concerns many is the advice politicians are getting on how Internet law should be created. Governments all over the world will have significant impact on such issues as free speech, Net neutrality, news, crime and governance of institutions.

Prosecution

There is not much sympathy for the courts in many parts of the world. That may soon change as news travels across the multimedia world of the Internet. Attorneys general throughout the United States are political and create their own priorities and thus control what is heard before the courts. This may have significant consequences as to the timing of how the Internet evolves and impact the economics of the service that potentially influences it’s usage for decades. In the United Kingdom, the courts will have to take into account European treaties and the European Parliament. Canada’s magistrates may strike down or uphold newly created laws that may wind up creating in-balance that could take years to reverse.

Rules await the Internet

Regulators such as the CRTC, FCC, OfCom are charting new territory in communication rules and regulations. Lawmakers are beginning to micro-manage this process. No one yet knows what the impact these new elements will have on the judicial system. It will take years before this is known and goes through several rigorous tests of the court system. Case law may take a decade or more before any true outcomes are known. By that time, a nation will have changed political administration and have new agendas that reset the cycle before some true outcomes are known. Net Neutrality will be debated and wind up before the courts in jurisdictions around the world. The results will vary like your bandwidth speed and access to content.

Global perspective

Laws of a nation are now being combined in many parts of the world. The very essence of a sovereign nation set of laws is slowly being merged into a single set by which it will adhere to. This is particularly true in Europe where the European Parliament is attempting to create laws specifically surrounding the Internet. This has the potential to create political and legal challenges for courts in how they make decisions. The consequences have significant long term impacts on how courts operate and what order of Appeals and jurisdiction as they enter cyber space with profound outcomes yet to be decided.

The Supreme Court

Supreme Court decisions have not had an impact on the Internet - but likely will. Major court decisions at local, state, and provincial levels are being appealed and many will eventually be argued before the Supreme Court. That draws concern because of how many governments nominate and select jurists to be a part of the Supreme Court framework. In general terms, the institution is politically driven and has the potential to create decisions that may in fact be contrary to the very principles that many of us take for granted. It also works in the other direction. Many a government has had policies and laws overturned by the courts. Key segments will be privacy, Internet access and tracking - along with content management tangled with identity security. It could be argued that elected government officials are not a threat to the Internet, the courts are. The counter point is that will force parliamentarians to change the law, a task far easier said than done. Compounding the problem is that the highest courts around the world have (almost) unlimited tenure until death.  Jurists that will have profound impacts on the stance of governments surrounding Internet issues are in China, Pakistan, India, Russia, and the Middle East. China is unique in that it will have to eventually deal with treaties in which it is a signatory to, but no one has yet to appeal any government policies. It may soon have to. If WTO treaties are before their court system, the Internet could be next.

The court system in most democratic nations has dynamics rarely resulting in quick decisions. It may take years before government’s leaders and the lawmakers truly understand what they are dealing with. Some will fail in creating new laws that are considered extreme by many; others may actually pass the litmus test of a Supreme Court decision. History awaits the outcome.

Epilogue - it will never have an ending

So here we are; some of the files are out in the open, more need further decryption, understanding and updating. The pace of the discussion is increasing and appears to be moving along with few delays. 2010 promises to be the start of a new decade that has a few fundamental issues to resolve. The debate has begun and could be a pivotal point in how society uses and government manages the Internet.

Go back to:
Part 1
Part 2
Part 3 in this series

November 17th, 2009

The Queen could better manage security of personal information than civil servants are

Posted by Doug Hanchard @ November 17, 2009 @ 6:02 AM

Categories: Congress, Databases, E-government, Encryption, FBI, Government technology, Healthcare, Home Office, IT Management, Justice, Law enforcement, MI5, MI6, Memory Sticks, Network security, Personnel Management, Privacy, Public health, Queen Elizabeth II, Regulations, Royal Family, Scotland Yard, Security, Senate, State & Local Govt, UK, United Kingdom, piracy

Tags: Council, Health Care, Training, Servant, Laptop Computer, Ministry Of Justice, Notebooks, Vertical Industries, Identity Theft, Benefits

Her majesty’s servants seem to be lacking any sense of responsibility these days. Information in the health care sector, voter information are being either stolen or misplaced on a regular basis. Hundreds of incidents are occurring.

It’s one thing for a leak to be politically motivated, but quite another when it’s careless. In an article I wrote two weeks ago about an U.S. Ethics Committee staffer file sharing a sensitive file investigating members of Congress and winding up in the hands of the Washington Post ,many talk back readers suggested it was intentional.  England on the other hand, seems to have poor training and staff that have little respect or understanding of what they are dealing with.

Last week, the BBC reported that in the U.K., health records are being ‘lost’ in unprecedented scale:

“Unacceptable amounts of data are being stolen, lost in transit or mislaid by staff. Far too much personal data is still being unnecessarily downloaded from secure servers on to unencrypted laptops, USB sticks, and other portable media.”

Companies and public bodies that recklessly or deliberately break the rules face fines of up to half a million pounds from 2010. The Ministry of Justice is considering allowing the ICO to impose fines in the most serious cases.

Fines? How about PRISON instead? Nobody seems to budget for training or make individuals aware of the consequences if data is ‘lost’.

Organized crime seeks out data and coordinates such thefts. In a recent FBI investigation, they nabbed a ring that stole over $9 million with individual and commercial banking information compiled over an extensive period of time and found vulnerability in the bank network. The plan was then executed in less than 12 hours. The three masterminds were caught and yes - they ARE going to prison.

But when civil servants have proper control of the information they are dealing with, patient records and other database formats of personnel records and are lax in the way they handle, manage and secure the data there seems to be a complete lack of discipline for their actions. The bottom line is that nobody seems to care. They have inquiries, investigations and commissions of what went wrong, but in recent history, NOBODY has been fined or prosecuted for what appears to be absolute contempt for security of individuals’ information.

In England it’s almost on the verge of bizarre. The Home Office Minister, MP Hanson wants every ISP to monitor and enable them track where a user has been and what they are downloading - but they can’t seem to even dismiss an employee for losing or locking down memory sticks or laptops with complete data records of individuals that is far more damaging in terms of potential financial ruin of an individual.  The Right Honorable MP Hanson needs to check his backyard before worrying about what happens in public. The need to be heavy handed seems to be used on trivial things, like spying on a city council member that may or may not live within city limits - 21 times! Perhaps it’s time that Scotland Yard bring back Paul Temple and MI6 pull 007 out of retirement and wring somebody’s neck and throw them in jail, let alone be fired. This week, in yet another complete lack of security protocol, 4 laptops go ‘missing’ in a single event.  One of the laptops has voter information — with sufficient data to ruin an individual’s identity with the information contained on the laptop.

Files contained names, addresses, dates of birth, signatures, postal vote forms and statements used to confirm the identity of 14,673 voters. Councillor Julian Daly, whose details were on the missing laptop, said the situation was “troubling”.

The data was protected by two levels of security, the council said, but admitted there was a “slight risk” it could be accessed.

Hackers have time - it’s not a slight risk, it’s a DEFINITE risk.

Everyone affected is to receive a letter to inform them of the situation.

Inform? What good is that going to do? Their identities have ALREADY been compromised.

Mr Daly, who is leader of the Conservative group at the Lib Dem controlled council, added: “That’s all the information you need to set up a bank account. It’s classic identity theft territory. “It is troubling that the data was on a portable machine and it was accessible for someone to walk off with it.”

Bureaucrat Understatement of the year:

Daniel Goodwin, the council’s chief executive, said: “I would like to apologise to residents and reassure them the council takes its responsibility to look after their personal data very seriously.”

Seriously - then Mr. Goodwin should take responsibility for complete lack of training of staff under his management and turn himself in and go to jail. It’s going to take that kind of punishment before somebody figures out that people have to follow some pretty basic COMMON SENSE rules and regulations or face the consequences. Either that or go to jail.

It would appear that the common trait among all these incidences in training or even having a security practice in place when such information is being used by employees, contractors and administrators. And clearly there is no sense of responsibility by any of the staff using the information. I sense HRM Corgi’s could manage security of the information better than some of the administrators in charge.

 Loading ...

November 10th, 2009

U.K. minister wants enhanced monitoring of Internet usage

Posted by Doug Hanchard @ November 10, 2009 @ 7:06 AM

Categories: Commerce, Courts, Cyber Security, Cybercrime, Databases, E-government, Government technology, Home Office, IT Management, Intelligence, International, Law enforcement, NSA, Network security, Networking, Open government, RIAA, Regulations, Security, Servers, Social networks, Standards, State & Local Govt, Telecom, UK, VoIP, piracy

Tags: Internet Usage, Agency, British Broadcasting Corp., Monitoring, Internet Service Provider, Service Provider, U.K., Web Portal, U.K. Home Office Minister David Hanson, Minister Hanson

U.K. Home Office Minister David Hanson is pushing for further data archiving of information by Communications Service Providers, including such web portals as Facebook. In a BBC published article, the Minister responsible for Privacy, Christopher Graham, (along with several other un-named ministers) has some serious concerns  with the proposal.

Home Office Ministry - United Kingdom

Not only does Minister Hanson suggest that records be accessible at the source, but also tracked by internet service providers. Such a system would require immense capital and infrastructure. Based on what the Minister desires, it would appear that he wants investigative agencies to have broader mandates in observing people and creating dossiers on anyone in the world. This suggests that the British are gearing up to have a significant electronic intelligence community, similar to the U.S. variant, the National Security Agency. While most G-8 nations have extensive archives and records, it has never been required by local internet service providers or other telecommunications companies to maintain the records to the extent the Home office is suggesting. Such systems have never been within the budget of local police agencies. Minister Hanson is possibly suggesting that these costs should be passed on to the user of the internet services through cost sharing mechanisms of the communications provider and the government through direct subsidy, using tax dollars to implement the initial construction of the platforms required. Read the rest of this entry »

November 9th, 2009

Wireless users may be shut off if sharing copyrighted files

Posted by Doug Hanchard @ November 9, 2009 @ 6:28 AM

Categories: Commerce, Copyright, Courts, International, Justice, Law enforcement, Mobile/wireless, Net neutrality, Patents, Privacy, Security, Telecom, UK, Web services, piracy

Tags: Service Provider, U.K., Wireless, Wireless Security Problem, Internet, Wi-Fi, Wireless LANs, Internet Service Providers (ISPs), Business Services, Wireless And Mobility

Internet services have created explosive growth in distribution of copyright materials. Some people are distributing it and don’t even know it, some argue. Reaction, regardless whether a consumer knows it or not, is to push for extensive reform and new enforcement capabilities to prevent further erosion and  protect their content. The U.K. government responded (Oct. 28) with proposed enforcement options for OFCom to use at its discretion. Among them is the ability to shut off a user’s wireless WiFi service if user is found to be transmitting internet traffic such as file transfer of copyright material. Singling out wireless access to the internet is just the start. Read the rest of this entry »

November 6th, 2009

Human x-ray machines: Coming soon to an airport near you

Posted by Doug Hanchard @ November 6, 2009 @ 5:00 AM

Categories: Canada, Congress, FAA, Government technology, Homeland security, Intelligence, International, Justice, Law enforcement, Privacy, Public health, Science, Security, Transportation, UK

Tags: U.S., Canada, Airport, Transportation, Security, Doug Hanchard

In the movie Total Recall, Arnold Schwarzenegger (Gov. of California) runs through a security check point corridor operating using X-Ray technology. That film was released in 1990. Today that technology is being installed around the world at airports, border check points, marine ports and high risk security environments such as court buildings. They are currently being assessed or used in Canada, the U.S., U.K., Russia, Japan, and Australia. Some countries, such as India, have outright rejected them based on privacy and considered too offensive to passengers. Significant concern is being raised as to the long term medical impacts to humans going through the devices.

In Canada, the Canadian Air Transport Security Agency (CATSA) organization has completed some field trials at smaller airports (Kelowna, B.C.) and is looking to purchase a half dozen of the machines to continue further assessment. There are approximately 18 airports in the U.S. using them. In the U.K. several airports now have them including Manchester. Testing in several countries has been going since 2004. In the U.S. the Transportation Security Administration began field trials in 2007. The technology offers security details to process passengers quickly and determine if weapons or other contraband is on a person without doing physical body search. Such technology would significantly improve the detection of hidden materials. Read the rest of this entry »

November 5th, 2009

Copyright associations want enforcement for free

Posted by Doug Hanchard @ November 5, 2009 @ 10:41 AM

Categories: Canada, Censorship, Congress, Copyright, Courts, Cyber Security, Cybercrime, Defense, E-government, European Union, Intellectual Property, International, Justice, Law enforcement, Privacy, RIAA, Regulations, Security, State & Local Govt, Telecom, UK

Tags: Monitor, Internet Service Provider, Deep Packet Inspection Technique, Internet Service Providers (ISPs), Monitors & Displays, Internet, Hardware, Components, Doug Hanchard

The internet has opened the Pandora’s Box - that everything that can be duplicated - will be. This simple truth will drive up costs for you the consumer. You will pay one of three ways: through the government and the court system (taxes);through your monthly internet access fees paid to your ISP (network operations and infrastructure); or, finally, through higher product costs. More than likely, you will pay all three.

The first generation of technology, copyright protection was easy to target and manage. Organizations such as the MPAA, RIAA, and others lobbied and won governing laws and regulations that ‘taxed’ (in some countries it is defined as a levy) blank tape cassettes and eventually blank CD and DVD products to ‘pay’ for potential infringements of copyright materials. Products that were not taxed (so far) were hard drives, memory cards and Next Gen (NG) Personal Video Recorders (PVR’s) used to record television shows. The time has probably come in which artists and vendors will have to contribute funding for enforcement through sales of their products directly in each jurisdiction they wish to have copyright protection.  That cost would then be passed onto consumers through increases in prices. Read the rest of this entry »

November 4th, 2009

European Parliament to revisit telecom regulations

Posted by Doug Hanchard @ November 4, 2009 @ 4:30 AM

Categories: Courts, Cyber Security, Disaster recovery, E-government, European Parliament, European Union, Government technology, International, Justice, Law enforcement, Mobile/wireless, Network security, Open government, Privacy, Regulations, Security, Spam, Standards, State & Local Govt, Telecom, UK, VoIP, piracy

Tags: Internet Access, Telecom Regulation, European Parliament, Telephony, Telecom & Utilities, Telecommunications, Networking, Doug Hanchard

The Members of the European Parliament (MEP) are to convene once more on November 4 to discuss Internet access, along with new rules that are currently being tabled and will be the sole topic up for discussion. At the last meeting on October 6, the Council of EU Telecommunications Ministers formally rejected Parliament’s second-reading amendment on internet access, which dealt with access freedom, indirectly pointed to file sharing and creating a law on disconnecting users that do so illegally.

In a press release by the European Parliament, the Council for EU telecommunications will be discussing a variety of legal issues that have caused a stir around the world on restricting internet access.

Alejo VIDAL-QUADRAS (EPP, Spain) who heads Parliament’s Conciliation Committee delegation, said after the last of these meetings on Thursday morning: “We go into the negotiations in a spirit of compromise, but determined to defend users’ rights and committed to the development of a regulatory framework that will incentivise investment and open up the market. We will do all we can to achieve a good solution, but Council has to understand that Parliament will defend without hesitation the freedom of the citizens it represents”.

The group is reviewing a complete package of innovation, safety and other reforms in respects to telecommunications, including traditional television and radio broadcast, security, privacy,  email spam, cyberterrorism,  phone number portability and those with disabilities accessing technology. Currently the council is at a significant cross roads on the Internet access and file sharing, copyright and this single issue could scrap the entire telecom package being tabled and given final reading for passage.

Looming larger is how European Parliament’s new regulations and Laws would affect sovereignty of each nation’s jurisdiction with respect to enforcement. One such example: if an individual is convicted of an infraction in Spain, would that country’s court decision (if based on this new set of Laws) be then applicable to all other nations inside the EU with respect to the individual’s conviction? If it is enforceable and agreed upon by all signing nations, this may indicate that Europe is beginning to eliminate the issue of sovereignty all together.

November 4th, 2009

U.S. Ethics Committee staffer file-shares sensitive document

Posted by Doug Hanchard @ November 4, 2009 @ 3:52 AM

Categories: Congress, Cybercrime, Ethics, Journalism, Justice, Regulations, Security

Tags: File-sharing, Ethics, Computer, Post, Business Ethics, Productivity, Peer To Peer (P2P), Leadership, Management, Internet

Perhaps file sharing should be banned.  The Washington Post reports that a (now) ex-employee of the U.S. House Ethics Committee put a sensitive report detailing 30+ current investigations  on to a public accessible computer. Wired Magazine also reported on this story, saying it was put onto a personal computer, and then placed it into a file folder used for peer to peer file sharing to the Internet. No word on what file sharing application tool was used. If it was setup as anonymous FTP, it may have been from one specific computer or wound up on hundreds if not thousands of computers.

The Post reveals;

The ethics committee is one of the most secretive panels in Congress, and its members and staff members sign oaths not to disclose any activities related to its past or present investigations. Watchdog groups have accused the committee of not actively pursuing inquiries; the newly disclosed document indicates the panel is conducting far more investigations than it had revealed.

Washington Post staff reporters Ellen Nakashima and Paul Kane indicate that they did not receive the document directly from the employee personal computer, but through other sources.

The website for the Ethics Committee issued a release immediately following the story by the Post and stated that regardless of how much cyber security was put into place, it was impossible to avoid ‘individual error’.

Ironically, prominently placed on their website is a direct link of employee training & responsibilities on Ethics. What astounds me is how an employee would even think it’s necessary to put such sensitive information onto a personal computer at home. Surely there must be more to this story than just a whole whack of rules that a staffer on the Ethics Committee chose to ignore. Sounds like somebody escaped a plethora of federal charges. If not, there may be one more investigation to add to the list.

November 2nd, 2009

Net Neutrality: You own the Internet - make sure it becomes Law

Posted by Doug Hanchard @ November 2, 2009 @ 6:23 AM

Categories: Censorship, Congress, Copyright, Courts, Cybercrime, E-government, FCC, International, Journalism, Justice, Law enforcement, Net neutrality, Privacy, Regulations, Security, Social networks, Standards, State & Local Govt, Telecom, Web services

Tags: Regulation, Net Neutrality, Law, News Organization, Changes, Internet, Doug Hanchard

Last week I wrote about how Net Neutrality could be blown to pieces in satire and followed up with another piece suggesting that the Internet is not free from government monopolies and corporate service providers. An advocate of an open system that has choice and no boundaries barring access needs some ammunition to fight back with. It has plenty if used appropriately.

For the first time in the world, there’s a service that has a unique platform, allowing all free people to interact, demonstrate, express and bind together to resolve issues. The internet is the vehicle which has and will continue to drive change, innovation, and create an entirely new political landscape that does not have limitations. Could turn out to be a bad or good thing. But internet users will be decision makers on this point, not corporations. Read the rest of this entry »

October 15th, 2009

NSA to host Security Automation Conference

Posted by Doug Hanchard @ October 15, 2009 @ 8:07 AM

Categories: Conferences, Cyber Security, Government technology, Homeland security, Intelligence, Law enforcement, Network security, Security

Tags: U.S. Department Of Homeland Security, Conference, NIST, Automation, Security, Doug Hanchard

From October 26 - 29, the National Security Agency / Central Security Service will host the Security Automation Conference and Expo at the Baltimore Convention Center.

In their press release of October 2, key note speakers will be Tony Sager, NSA; Phil Reitinger, DHS; Richard Hale, DISA; and John Thompson, Symantec. Established by NIST five years ago with an attendance of less than 50 people, the conference is now jointly sponsored by NIST, NSA, DISA and the DHS. More than 1,000 attendees are expected at the conference.

To review the full agenda visit the NSA website.