Defense claims covert recordings violated Constitution, moves to have them thrown out.
The government’s on-again, off-again love affair with everything cyber is back on again. The CIA has just shifted its focus, abandoning its position as the free world’s foremost franchiser ofclandestine torture sites and rebranding as the agency of choice for all things cyberwar-related.
For years, legislators have been attempting to grant themselves permission to strong-arm tech companies into handing over all sorts of information to the government under the guise of cybersecurity. CISPA, CISA, etc. The acronyms come and go, but the focus is the same: information sharing.
Of course, the promise of equitable sharing remains pure bullshit. Tech companies know this and have been understandably resistant to the government’s advances. There are few, if any positives, to these proposed “agreements.” The government gets what it wants — lots and lots of data — and the companies get little more than red tape, additional restrictions and fleeing customers.
The government has recently been playing up the narrative that unreasonable tech companies are standing in the way of the nation’s super-secure future.
U.S. government officials say privately they are frustrated that Silicon Valley technology firms are not obtaining U.S. security clearances for enough of their top executives, according to interviews with officials and executives in Washington and California. Those clearances would allow the government to talk freely with executives in a timely manner about intelligence they receive, hopefully helping to thwart the spread of a hack, or other security issues.
The lack of cooperation from Silicon Valley, Washington officials complain, injects friction into a process that everyone agrees is central to the fight to protect critical U.S. cyberinfrastructure: Real-time threat information sharing between government and the private sector.
Before dealing with the questionable promise of “real-time threat information sharing,” let’s deal with the supposedly minor requirement of security clearances. It’s not as if this won’t impose undue burdens on tech company leaders, especially when they already have a pretty good idea this stipulation will be a major hassle followed by continued opacity from a government that’s 90% lip service and 10% outright lying. Tech execs are being asked to make all the effort and hope against hope there will actually be some benefits.
“I believe that this is more about the overclassification of information and the relatively low value that government cyberintel has for tech firms,” said one Silicon Valley executive. “Clearances are a pain to get, despite what government people think. Filling out the paper work … is a nightmare, and the investigation takes a ridiculous amount of time.”
“I think tech companies are doing a return-on-investment analysis and don’t think the government intel is worth the cost or effort,” said the Silicon Valley executive. “This is why government threat signature sharing initiatives are such a nothing-burger: The signatures are of limited value and only a few select companies with clearances can actually use them.”
The clearance process can easily take over a year. The application runs 127 pages and asks a mixture of questions ranging from highly-intrusive to facially-ridiculous.
In an interview last month, Timothy D. Cook, Apple’s chief executive, said the N.S.A. “would have to cart us out in a box” before the company would provide the government a back door to its products. Apple recently began encrypting phones and tablets using a scheme that would force the government to go directly to the user for their information. And intelligence agencies are bracing for another wave of encryption.
In fact, it seems noteworthy that this whole issue of increasing encryption by the tech companies to keep everyone out has been left off the official summit schedule. As the NY Times notes, Silicon Valley seems to be pretty much completely fed up with the intelligence community after multiple Snowden revelations revealed just how far the NSA had gone in trying to “collect it all” — including hacking into the foreign data centers of Google and Yahoo. And, on top of that, the NSA’s efforts to buy up zero day vulnerabilities before companies can find out and patch them:
“What has struck me is the enormous degree of hostility between Silicon Valley and the government,” said Herb Lin, who spent 20 years working on cyberissues at the National Academy of Sciences before moving to Stanford several months ago. “The relationship has been poisoned, and it’s not going to recover anytime soon.”