Government Policy on the Privacy of Facebook Users - Research Paper Example

Personal Position Paper on Government Policy on the Privacy of Facebook Users The notion of “privacy” means differentthings to different Americans, especially those who use social networking sites such as Facebook (Brandtzæg, Marika and Jan Håvard 1020). Some users understood the term from the old notion of civil liberties. Others understand it from the perspective on increasing monitoring of online communications by the government and enterprises. Even with the varying understanding of the idea of privacy, the majority of American adults fear that their privacy is getting increasingly threatened by the day. On the other hand, the majority of young Americans, who constitute the largest proportion of the users of Facebook and other social networking sites, worry less about their privacy. In February 2011, DHS announced that they planned to roll out a program that would make it possible for them to censor media content, including data relating to social media(Wagner 390). The program would gather personal data of the users of Facebook and other social networking sites and relay that information to all levels of government, foreign government and private companies. In part, the data would be gathered by undercover agents who would disguise as ordinary social media users while, in the real sense, they were on these sites to spy on genuine users. The agency also indicated that it would store personal data for a period not exceeding five years. This program sounded so sinister that one wonders why the DHS had to announce it. Nonetheless, under the program, the government has continued to collect the personal information of the users of Facebook. This program and the policy underpinning it are a serious infringement on the civil liberties, especially the right to privacy, the Constitution grants to every American. The government must abandon them and seek alternative ways of achieving their ways. The journey toward a federal policy on the freedom of Internet kicked off to a slow start in early 2010(Wagner 398). Then, in early 2011, the Egyptian revolt, to which Twitter and Facebook added fuel, injected some impetus into the process. The development in Egypt made the federal government see the urgent need for a policy that would help security agencies circumvent barriers to combating cyber crime, while at the same time making it difficult for dictatorial regimes to employ the same technology to suppress divergent views. The process of enacting the policy was slowed down by heated debates over which projects the policy needed to prioritize. Moreover, questions were raised over the rather narrow scope of the Internet the proposed policyhad adopted; initially, the drafters of the policy had envisioned the Internet as a double-edged sword which citizens could use to oust oppressive regimes, but which the same regimes could also use to stamp out dissent. An Overview of the Policy However, from the Internet research contacted, not a single scholarly source was found that proved that the proposed federal policy on the freedom (and privacy) of Internet users in general, and social media users in particular, saw the light of the day. It would appear that the attempt either failed or stalled. The closest the author of this paper got to the policy is the 2011 DHS social media monitoring program described in the above introduction. Thus, it would appear that the only official policy that governs the privacy of Facebook users is that developed and executed by the company. However, the U.S. government, through the proposed Cyber Intelligence Sharing and Protection Act (CISPA), intended to stop Facebook and similar sites from following their privacy policies(Wagner 400). CISPA stalled in April 2013 after the Senate declined to approve it. Besides the Senate, CISPA met much resistance from several other quarters such as those advocating Internet privacy. The DHS justified their social media monitoring program on grounds that it was one of the most effective ways of fighting cybercrime in general and terrorism in particular(Wagner 389). This paper proposes an alternative way of fighting cyber crime that will not compromise the privacy of Facebook users: packet attestation. In investigating cybercrime, the typical starting pint is the address of the IP source. Sadly, source addresses are prone to forgery, leading to false accusations while the real culprits walk away scot-free. Packet attestation helps to verify the actual source of a given IP packet as opposed to the alleged source(Haeberlen 1). This way, innocent Internet users cannot be falsely accused of committing crimes. However, a major setback to the use of packet attestation to fight cyber crime is the fact that there is no direct support for it on the Internet(Haeberlen 2). Packets have no “number plates” that tie them, beyond any reasonable doubt, to the source that sent them. In addition, attempts to add such a capability to the Internet would face formidable technical, administrative, legal and political challenges. It would require stronger means of authenticating users and more secure, hence more expensive, software for every device connected to the Internet. Besides, it would need a globally recognized authority to prosecute cyber criminals regardless of where they lived in the world. These challenges notwithstanding, the adoption of packet attestation would confer several benefits as discussed in the following paragraphs. Attestations preserve the privacy of users because their sole purpose is to verify what the person performing the query already knows(Haeberlen 2). A person who performs a query with a malicious intent would need to speculate both the entire payload of the packet and the amount of time it took to transmit it, if they are to learn anything personal about the sender. At the same time, attestation complements the available circumstantial evidence surrounding an attack(Kamal, Bleakly and Dobson 12). Should the results of the attestation turn out to be negative, they shield the suspect from false accusations. Where, on the other hand, results turn out to be positive, the victim and the system operator can take deliberate steps to stop an impending attack. Where, the case is a serious one, the results give law enforcers more concrete evidence. This scenario differs significantly from the status quo where the government has all the personal information relating to Facebook users in the palm of their hands. To add insult to injury, the aforementioned 2011 program allows the DHS to share that information with third parties such as the police, other law enforcement agencies, other governments and private business organizations(Wagner 401). There are no limits to what these parties can do with the data they obtain from the DHS. This situation severely compromises the privacy of Facebook users. Packet attestation demands no changes to Web 2.0, the current Internet architecture(Seshadri, Luk and Perring 1063). Moreover, it can be integrated into Web 2.0 gradually. Even the technical requirements are quite simple. It would be sufficient to add a couple of strategically positioned boxes that capture a hash of every single packet they detect. They would then store these hashes for defined periods of time. However, the main shortcoming would be the amount of storage space that a worldwide deployment would demand. On average, it is estimated that every computer connected to the Internet would need approximately 32 standard hard disks. Packet attestation does not call for changes to the existing protocols, core routers and end hosts. Also, it does not lead to larger packet sizes. Neither does it require the critical path to be crypto graphed(Chen, Wang and Wang 780). The implication of all this is that, save for the end user of the computer who would probably spend more on storage space, overall, the cost of adopting packet attestation is reasonable and acceptable for all actors –the government, social media firms, hardware manufacturers and software developed. Even for the end user, the higher initial cost of increasing storage could be traded for enhanced privacy. Finally, feasibility studies have demonstrated that it would be possible to deploy packet attestation today(Maniatis and Chun 138). The studies have used prototypes to estimate both the performance of packet attestation and potential negative effects on major performance measures such as jitter and the rate of packet loss. Taken as a whole, the results of a number of studies indicate that it would be possible to deploy packet attestation today. However, the main obstacle would be the lack of a body that would be recognized the world over and be responsible for user certification and for people who commit cyber crimes wherever they may be in the world(Jing and Curtmola 750). Today, such an authority is not possible as different countries have different laws on cybercrime. However, many scholars agree that that the United Nations, by virtue of its global footprint, provides a good starting point for the debate over the international body to oversee packet attestation. In the name of fighting cyber crime and terrorism, the United States government, through the DHS, has, in recent years gained ever increasing access to the personal data relating Facebook account holders. If enacted, the now stalled CISPA would have removed the privacy policy that governs the use of Facebook from the company to the government. This development would have allowed the government unlimited access to private information(Wagner 402). However, even the CISPA stalled, the government still enjoys considerable access to the said data. This development compromises the privacy of Facebook users. Consequently, this paper has proposed an alternative means the government could use to achieve their ends while not interfering with the privacy of Facebook account holders. Part of the solution lies in packet attestation. With this tool, law enforcers can positively and authoritatively identify cyber criminals without digging too deep into the affairs innocent users of Facebook. Works cited Brandtzæg, Petter, Lüders Marika and Skjetne Jan Håvard. "Too Many Facebook “Friends”? Content Sharing and Sociability Versus the Need for Privacy in Social Network Sites." International Journal of Human-Computer Interaction 5.3 (2010): 1006-1030. Document. Chen, Ing-Ray, Yating Wang and Ding-Chau Wang. "Reliability of wireless sensors with code attestation for intrusion detection." Information Processing Letters, 8.2 (2010): 778-786. Document. Haeberlen, Andreas.Fighting Cybercrime with Packet Attestation. Technical Report. Philadelphia: University of Pennsylvania, 2011. Document. Jing, Dong, and R. Curtmola. "Pollution Attacks and Defenses in Wireless Interflow Network Coding Systems." IEEE Transactions on Dependable and Secure Computing12.4 (2012): 741-755. Document. Kamal, Abu Raihan, Chris Bleakly and Simon Dobson. "Packet-level attestation (PLA): A framework for in-network sensor data reliability." Transactions on Sensor Networks (TOSN),9.2 (2013): 1-28. Document. Maniatis, Petros, and Byung-Gon Chun. "Small trusted primitives for dependable systems." Operating Systems Review,45.1 (2011): 126-141. Document. Seshadri, Arvind, Mark Luk and Adrian Perring. "Software attestation for key establishment in sensor networks." Ad Hoc Networks, 9.6 (2011): 1059-1067. Document. Wagner, Ben. "Governing Internet Expression: How Public and Private Regulation Shape Expression Governance." Journal of Information Technology & Politics,10.4 (2013): 389-403. Document. Read More