Tag Archives: Center for Strategic and International Studies

Digital Authoritarianism: AI Surveillance Signals the Death of Privacy

Posted on by
Reply
Illustration: Prathap Ravishankar

By John W. Whitehead & Nisha Whitehead

Source: The Rutherford Institute

“There are no private lives. This a most important aspect of modern life. One of the biggest transformations we have seen in our society is the diminution of the sphere of the private. We must reasonably now all regard the fact that there are no secrets and nothing is private. Everything is public.” ― Philip K. Dick

Nothing is private.

We teeter on the cusp of a cultural, technological and societal revolution the likes of which have never been seen before.

While the political Left and Right continue to make abortion the face of the debate over the right to privacy in America, the government and its corporate partners, aided by rapidly advancing technology, are reshaping the world into one in which there is no privacy at all.

Nothing that was once private is protected.

We have not even begun to register the fallout from the tsunami bearing down upon us in the form of AI (artificial intelligence) surveillance, and yet it is already re-orienting our world into one in which freedom is almost unrecognizable.

AI surveillance harnesses the power of artificial intelligence and widespread surveillance technology to do what the police state lacks the manpower and resources to do efficiently or effectively: be everywhere, watch everyone and everything, monitor, identify, catalogue, cross-check, cross-reference, and collude.

Everything that was once private is now up for grabs to the right buyer.

Governments and corporations alike have heedlessly adopted AI surveillance technologies without any care or concern for their long-term impact on the rights of the citizenry.

As a special report by the Carnegie Endowment for International Peace warns, “A growing number of states are deploying advanced AI surveillance tools to monitor, track, and surveil citizens to accomplish a range of policy objectives—some lawful, others that violate human rights, and many of which fall into a murky middle ground.”

Indeed, with every new AI surveillance technology that is adopted and deployed without any regard for privacy, Fourth Amendment rights and due process, the rights of the citizenry are being marginalized, undermined and eviscerated.

Cue the rise of digital authoritarianism.

Digital authoritarianism, as the Center for Strategic and International Studies cautions, involves the use of information technology to surveil, repress, and manipulate the populace, endangering human rights and civil liberties, and co-opting and corrupting the foundational principles of democratic and open societies, “including freedom of movement, the right to speak freely and express political dissent, and the right to personal privacy, online and off.”

The seeds of digital authoritarianism were planted in the wake of the 9/11 attacks, with the passage of the USA Patriot Act. A massive 342-page wish list of expanded powers for the FBI and CIA, the Patriot Act justified broader domestic surveillance, the logic being that if government agents knew more about each American, they could distinguish the terrorists from law-abiding citizens.

It sounded the death knell for the freedoms enshrined in the Bill of Rights, especially the Fourth Amendment, and normalized the government’s mass surveillance powers.

Writing for the New York Times, Jeffrey Rosen observed that “before Sept. 11, the idea that Americans would voluntarily agree to live their lives under the gaze of a network of biometric surveillance cameras, peering at them in government buildings, shopping malls, subways and stadiums, would have seemed unthinkable, a dystopian fantasy of a society that had surrendered privacy and anonymity.”

Who could have predicted that 50 years after George Orwell typed the final words to his dystopian novel 1984, “He loved Big Brother,” we would come to love Big Brother.

Yet that is exactly what has come to pass.

After 9/11, Rosen found that “people were happy to give up privacy without experiencing a corresponding increase in security. More concerned about feeling safe than actually being safe, they demanded the construction of vast technological architectures of surveillance even though the most empirical studies suggested that the proliferation of surveillance cameras had ‘no effect on violent crime’ or terrorism.”

In the decades following 9/11, a massive security-industrial complex arose that was fixated on militarization, surveillance, and repression.

Surveillance is the key.

We’re being watched everywhere we go. Speed cameras. Red light cameras. Police body cameras. Cameras on public transportation. Cameras in stores. Cameras on public utility poles. Cameras in cars. Cameras in hospitals and schools. Cameras in airports.

We’re being recorded at least 50 times a day.

It’s estimated that there are upwards of 85 million surveillance cameras in the U.S. alone, second only to China.

On any given day, the average American going about his daily business is monitored, surveilled, spied on and tracked in more than 20 different ways by both government and corporate eyes and ears.

Beware of what you say, what you read, what you write, where you go, and with whom you communicate, because it will all be recorded, stored and used against you eventually, at a time and place of the government’s choosing.

Yet it’s not just what we say, where we go and what we buy that is being tracked.

We’re being surveilled right down to our genes, thanks to a potent combination of hardware, software and data collection that scans our biometrics—our faces, irises, voices, genetics, microbiomes, scent, gait, heartbeat, breathing, behaviors—runs them through computer programs that can break the data down into unique “identifiers,” and then offers them up to the government and its corporate allies for their respective uses.

As one AI surveillance advocate proclaimed, “Surveillance is no longer only a watchful eye, but a predictive one as well.” For instance, Emotion AI, an emerging technology that is gaining in popularity, uses facial recognition technology “to analyze expressions based on a person’s faceprint to detect their internal emotions or feelings, motivations and attitudes.” China claims its AI surveillance can already read facial expressions and brain waves in order to determine the extent to which members of the public are grateful, obedient and willing to comply with the Communist Party.

This is the slippery slope that leads to the thought police.

The technology is already being used “by border guards to detect threats at border checkpoints, as an aid for detection and diagnosis of patients for mood disorders, to monitor classrooms for boredom or disruption, and to monitor human behavior during video calls.”

For all intents and purposes, we now have a fourth branch of government: the surveillance state.

This fourth branch came into being without any electoral mandate or constitutional referendum, and yet it possesses superpowers, above and beyond those of any other government agency save the military. It is all-knowing, all-seeing and all-powerful. It operates beyond the reach of the president, Congress and the courts, and it marches in lockstep with the corporate elite who really call the shots in Washington, DC.

The government’s “technotyranny” surveillance apparatus has become so entrenched and entangled with its police state apparatus that it’s hard to know anymore where law enforcement ends and surveillance begins.

The short answer: they have become one and the same entity. The police state has passed the baton to the surveillance state, which has shifted into high gear with the help of artificial intelligence technologies. The COVID-19 pandemic helped to further centralize digital power in the hands of the government at the expense of the citizenry’s privacy rights.

“From cameras that identify the faces of passersby to algorithms that keep tabs on public sentiment online, artificial intelligence (AI)-powered tools are opening new frontiers in state surveillance around the world.” So begins the Carnegie Endowment’s report on AI surveillance note. “Law enforcement, national security, criminal justice, and border management organizations in every region are relying on these technologies—which use statistical pattern recognition, machine learning, and big data analytics—to monitor citizens.”

In the hands of tyrants and benevolent dictators alike, AI surveillance is the ultimate means of repression and control, especially through the use of smart city/safe city platforms, facial recognition systems, and predictive policing. These technologies are also being used by violent extremist groups, as well as sex, child, drug, and arms traffickers for their own nefarious purposes.

China, the role model for our dystopian future, has been a major force in deploying AI surveillance on its own citizens, especially by way of its social credit systems, which it employs to identify, track and segregate its “good” citizens from the “bad.”

Social media credit scores assigned to Chinese individuals and businesses categorize them on whether or not they are worthy of being part of society. A real-name system—which requires people to use government-issued ID cards to buy mobile sims, obtain social media accounts, take a train, board a plane, or even buy groceries—coupled with social media credit scores ensures that those blacklisted as “unworthy” are banned from accessing financial markets, buying real estate or travelling by air or train. Among the activities that can get you labeled unworthy are taking reserved seats on trains or causing trouble in hospitals.

In much the same way that Chinese products have infiltrated almost every market worldwide and altered consumer dynamics, China is now exporting its “authoritarian tech” to governments worldwide ostensibly in an effort to spread its brand of totalitarianism worldwide. In fact, both China and the United States have led the way in supplying the rest of the world with AI surveillance, sometimes at a subsidized rate.

This is how totalitarianism conquers the world.

While countries with authoritarian regimes have been eager to adopt AI surveillance, as the Carnegie Endowment’s research makes clear, liberal democracies are also “aggressively using AI tools to police borders, apprehend potential criminals, monitor citizens for bad behavior, and pull out suspected terrorists from crowds.”

Moreover, it’s easy to see how the China model for internet control has been integrated into the American police state’s efforts to flush out so-called anti-government, domestic extremists.

According to journalist Adrian Shahbaz’s in-depth report, there are nine elements to the Chinese model of digital authoritarianism when it comes to censoring speech and targeting activists: 1) dissidents suffer from persistent cyber attacks and phishing; 2) social media, websites, and messaging apps are blocked; 3) posts that criticize government officials are removed; 4) mobile and internet access are revoked as punishment for activism; 5) paid commentators drown out government criticism; 6) new laws tighten regulations on online media; 7) citizens’ behavior monitored via AI and surveillance tools; 9) individuals regularly arrested for posts critical of the government; and 9) online activists are made to disappear.

You don’t even have to be a critic of the government to get snared in the web of digital censorship and AI surveillance.

The danger posed by the surveillance state applies equally to all of us: lawbreaker and law-abider alike.

When the government sees all and knows all and has an abundance of laws to render even the most seemingly upstanding citizen a criminal and lawbreaker, then the old adage that you’ve got nothing to worry about if you’ve got nothing to hide no longer applies.

As Orwell wrote in 1984, “You had to live—did live, from habit that became instinct—in the assumption that every sound you made was overheard, and, except in darkness, every movement scrutinized.”

In an age of too many laws, too many prisons, too many government spies, and too many corporations eager to make a fast buck at the expense of the American taxpayer, we are all guilty of some transgression or other.

No one is spared.

As Elise Thomas writes for Wired: “New surveillance tech means you’ll never be anonymous again.”

It won’t be long before we find ourselves looking back on the past with longing, back to an age where we could speak to whomever we wanted, buy whatever we wanted, think whatever we wanted, go wherever we wanted, feel whatever we wanted without those thoughts, words and activities being tracked, processed and stored by corporate giants, sold to government agencies, and used against us by militarized police with their army of futuristic technologies.

Tread cautiously: as I make clear in my book Battlefield America: The War on the American People and in its fictional counterpart The Erik Blair Diaries1984 has become an operation manual for the omnipresent, modern-day AI surveillance state.

Without constitutional protections in place to guard against encroachments on our rights when power, AI technology and militaristic governance converge, it won’t be long before Philip K. Dick’s rules for survival become our governing reality: “If, as it seems, we are in the process of becoming a totalitarian society in which the state apparatus is all-powerful, the ethics most important for the survival of the true, free, human individual would be: cheat, lie, evade, fake it, be elsewhere, forge documents, build improved electronic gadgets in your garage that’ll outwit the gadgets used by the authorities.”

Evidence points to another Snowden at the NSA

Posted on by
2

NSA-CIA-Edward-Snowden

By James Bamford

Source: Reuters

In the summer of 1972, state-of-the-art campaign spying consisted of amateur burglars, armed with duct tape and microphones, penetrating the headquarters of the Democratic National Committee. Today, amateur burglars have been replaced by cyberspies, who penetrated the DNC armed with computers and sophisticated hacking tools.

Where the Watergate burglars came away empty-handed and in handcuffs, the modern- day cyber thieves walked away with tens of thousands of sensitive political documents and are still unidentified.

Now, in the latest twist, hacking tools themselves, likely stolen from the National Security Agency, are on the digital auction block. Once again, the usual suspects start with Russia – though there seems little evidence backing up the accusation.

In addition, if Russia had stolen the hacking tools, it would be senseless to publicize the theft, let alone put them up for sale. It would be like a safecracker stealing the combination to a bank vault and putting it on Facebook. Once revealed, companies and governments would patch their firewalls, just as the bank would change its combination.

A more logical explanation could also be insider theft. If that’s the case, it’s one more reason to question the usefulness of an agency that secretly collects private information on millions of Americans but can’t keep its most valuable data from being stolen, or as it appears in this case, being used against us.

In what appeared more like a Saturday Night Live skit than an act of cybercrime, a group calling itself the Shadow Brokers put up for bid on the Internet what it called a “full state-sponsored toolset” of “cyberweapons.” “!!! Attention government sponsors of cyberwarfare and those who profit from it !!!! How much would you pay for enemies cyberweapons?” said the announcement.

The group said it was releasing some NSA files for “free” and promised “better” ones to the highest bidder. However, those with loosing bids “Lose Lose,” it said, because they would not receive their money back. And should the total sum of the bids, in bitcoins, reach the equivalent of half a billion dollars, the group would make the whole lot public.

While the “auction” seemed tongue in cheek, more like hacktivists than Russian high command, the sample documents were almost certainly real. The draft of a top-secret NSA manual for implanting offensive malware, released by Edward Snowden, contains code for a program codenamed SECONDDATE. That same 16-character string of numbers and characters is in the code released by the Shadow Brokers. The details from the manual were first released by The Intercept last Friday.

The authenticity of the NSA hacking tools were also confirmed by several ex-NSA officials who spoke to the media, including former members of the agency’s Tailored Access Operations (TAO) unit, the home of hacking specialists.

“Without a doubt, they’re the keys to the kingdom,” one former TAO employee told the Washington Post. “The stuff you’re talking about would undermine the security of a lot of major government and corporate networks both here and abroad.” Another added, “From what I saw, there was no doubt in my mind that it was legitimate.”

Like a bank robber’s tool kit for breaking into a vault, cyber exploitation tools, with codenames like EPICBANANA and BUZZDIRECTION, are designed to break into computer systems and networks. Just as the bank robber hopes to find a crack in the vault that has never been discovered, hackers search for digital cracks, or “exploits,” in computer programs like Windows.

The most valuable are “zero day” exploits, meaning there have been zero days since Windows has discovered the “crack” in their programs. Through this crack, the hacker would be able to get into a system and exploit it, by stealing information, until the breach is eventually discovered and patched. According to the former NSA officials who viewed the Shadow Broker files, they contained a number of exploits, including zero-day exploits that the NSA often pays thousands of dollars for to private hacking groups.

The reasons given for laying the blame on Russia appear less convincing, however. “This is probably some Russian mind game, down to the bogus accent,” James A. Lewis, a computer expert at the Center for Strategic and International Studies, a Washington think tank, told the New York Times. Why the Russians would engage in such a mind game, he never explained.

Rather than the NSA hacking tools being snatched as a result of a sophisticated cyber operation by Russia or some other nation, it seems more likely that an employee stole them. Experts who have analyzed the files suspect that they date to October 2013, five months after Edward Snowden left his contractor position with the NSA and fled to Hong Kong carrying flash drives containing hundreds of thousands of pages of NSA documents.

So, if Snowden could not have stolen the hacking tools, there are indications that after he departed in May 2013, someone else did, possibly someone assigned to the agency’s highly sensitive Tailored Access Operations.

In December 2013, another highly secret NSA document quietly became public. It was a top secret TAO catalog of NSA hacking tools. Known as the Advanced Network Technology (ANT) catalog, it consisted of 50 pages of extensive pictures, diagrams and descriptions of tools for every kind of hack, mostly targeted at devices manufactured by U.S. companies, including Apple, Cisco, Dell and many others.

Like the hacking tools, the catalog used similar codenames. Among the tools targeting Apple was one codenamed DROPOUTJEEP, which gives NSA total control of iPhones. “A software implant for the Apple iPhone,” says the ANT catalog, “includes the ability to remotely push/pull files from the device. SMS retrieval, contact-list retrieval, voicemail, geolocation, hot mic, camera capture, cell-tower location, etc.”

Another, codenamed IRATEMONK, is, “Technology that can infiltrate the firmware of hard drives manufactured by Maxtor, Samsung, Seagate and Western Digital.”

In 2014, I spent three days in Moscow with Snowden for a magazine assignment and a PBS documentary. During our on-the-record conversations, he would not talk about the ANT catalog, perhaps not wanting to bring attention to another possible NSA whistleblower.

I was, however, given unrestricted access to his cache of documents. These included both the entire British, or GCHQ, files and the entire NSA files.

But going through this archive using a sophisticated digital search tool, I could not find a single reference to the ANT catalog. This confirmed for me that it had likely been released by a second leaker. And if that person could have downloaded and removed the catalog of hacking tools, it’s also likely he or she could have also downloaded and removed the digital tools now being leaked.

In fact, a number of the same hacking implants and tools released by the Shadow Brokers are also in the ANT catalog, including those with codenames BANANAGLEE and JETPLOW. These can be used to create “a persistent back-door capability” into widely used Cisco firewalls, says the catalog.

Consisting of about 300 megabytes of code, the tools could easily and quickly be transferred to a flash drive. But unlike the catalog, the tools themselves – thousands of ones and zeros – would have been useless if leaked to a publication. This could be one reason why they have not emerged until now.

Enter WikiLeaks. Just two days after the first Shadow Brokers message, Julian Assange, the founder of WikiLeaks, sent out a Twitter message. “We had already obtained the archive of NSA cyberweapons released earlier today,” Assange wrote, “and will release our own pristine copy in due course.”

The month before, Assange was responsible for releasing the tens of thousands of hacked DNC emails that led to the resignation of the four top committee officials.

There also seems to be a link between Assange and the leaker who stole the ANT catalog, and the possible hacking tools. Among Assange’s close associates is Jacob Appelbaum, a celebrated hacktivist and the only publicly known WikiLeaks staffer in the United States – until he moved to Berlin in 2013 in what he called a “political exile” because of what he said was repeated harassment by U.S. law enforcement personnel. In 2010, a Rolling Stone magazine profile labeled him “the most dangerous man in cyberspace.”

In December 2013, Appelbaum was the first person to reveal the existence of the ANT catalog, at a conference in Berlin, without identifying the source. That same month he said he suspected the U.S. government of breaking into his Berlin apartment. He also co-wrote an article about the catalog in Der Spiegel. But again, he never named a source, which led many to assume, mistakenly, that it was Snowden.

In addition to WikiLeaks, for years Appelbaum worked for Tor, an organization focused on providing its customers anonymity on the Internet. But last May, he stepped down as a result of “serious, public allegations of sexual mistreatment” made by unnamed victims, according to a statement put out by Tor. Appelbaum has denied the charges.

Shortly thereafter, he turned his attention to Hillary Clinton. At a screening of a documentary about Assange in Cannes, France, Appelbaum accused her of having a grudge against him and Assange, and that if she were elected president, she would make their lives difficult. “It’s a situation that will possibly get worse” if she is elected to the White House, he said, according to Yahoo News.

It was only a few months later that Assange released the 20,000 DNC emails. Intelligence agencies have again pointed the finger at Russia for hacking into these emails.

Yet there has been no explanation as to how Assange obtained them. He told NBC News, “There is no proof whatsoever” that he obtained the emails from Russian intelligence. Moscow has also denied involvement.

There are, of course, many sophisticated hackers in Russia, some with close government ties and some without. And planting false and misleading indicators in messages is an old trick. Now Assange has promised to release many more emails before the election, while apparently ignoring email involving Trump. (Trump opposition research was also stolen.)

In hacktivist style, and in what appears to be phony broken English, this new release of cyberweapons also seems to be targeting Clinton. It ends with a long and angry “final message” against “Wealthy Elites . . . breaking laws” but “Elites top friends announce, no law broken, no crime commit[ed]. . . Then Elites run for president. Why run for president when already control country like dictatorship?”

Then after what they call the “fun Cyber Weapons Auction” comes the real message, a serious threat. “We want make sure Wealthy Elite recognizes the danger [of] cyberweapons. Let us spell out for Elites. Your wealth and control depends on electronic data.” Now, they warned, they have control of the NSA’s cyber hacking tools that can take that wealth away. “You see attacks on banks and SWIFT [a worldwide network for financial services] in news. If electronic data go bye-bye where leave Wealthy Elites? Maybe with dumb cattle?”

Snowden’s leaks served a public good. He alerted Americans to illegal eavesdropping on their telephone records and other privacy violations, and Congress changed the law as a result. The DNC leaks exposed corrupt policies within the Democratic Party.

But we now have entered a period many have warned about, when NSA’s cyber weapons could be stolen like loose nukes and used against us. It opens the door to criminal hackers, cyber anarchists and hostile foreign governments that can use the tools to gain access to thousands of computers in order to steal data, plant malware and cause chaos.

It’s one more reason why NSA may prove to be one of Washington’s greatest liabilities rather than assets.

 

About the Author

James Bamford is the author of The Shadow Factory: The Ultra-Secret NSA From 9/11 to the Eavesdropping on America. He is a columnist for Foreign Policy magazine.