Nude photos, phone records, NSA data offer essential lessons for admins

Simon Phipps | Sept. 8, 2014

Whether via Apple's iCloud, the DEA, or the NSA, data is leaking everywhere -- can anyone avoid exposure?

As you've heard many times by now, someone with no life or ethics appears to have hacked into numerous celebrity accounts on Apple's iCloud service and copied private photographs wholesale. At least a few of those photographs are intimate and revealing. As if that juvenile intrusion on adult privacy wasn't enough, they've then posted them in the Internet's frat houses for the world's sexually frustrated imbeciles to ogle.

This case raises questions about the very act of putting data online. There may be primary benefits for doing so, but as technology decision makers, we need to raise questions about secondary costs. Let's consider additional data points.

We also learned this week thatthe DEA has been using phone call data going back decades-- stored by AT&T for any call in which it participated, not just for its customers -- as a covert source in the agency's investigations. Unlike the NSA data, this is not merely material relating to foreigners -- this iseveryone'sdata, going back as far as 1987. It can be accessed by officials by filling out a form -- called an "administrative subpoena" but not involving any judicial review. As the New York Times says:

The Hemisphere Project, a partnership between federal and local drug officials and AT&T that has not previously been reported, involves an extremely close association between the government and the telecommunications giant.

Was this usage what the developers or executives had in mind a quarter of a century ago as they started logging the data? Or has it been stored "just in case" because it existed and seemed valuable and over time has found more and more users? There must be an enormous database -- the epitome of big data -- and it's probably used for multiple purposes.

As to that NSA data, a great deal of confusion about "surveillance" seems to be floating around. In the United Kingdom, questions are being asked about all the data-gathering by the British equivalent of the NSA, GCHQ. In response, Secretary of State Theresa Mayhas respondedthat "there is no programme of mass surveillance and there is no surveillance state" and labels claims that GCHQ engages in unlawful hacking as "nonsense." Yet clearly, a lot of data is being gathered.

GCHQ, the NSA, and probably every other intelligence agency worth the name is actively gathering data from the Internet. Everything on the Internet is transient, with different decay periods, so gathering information is a constant process. They believe everything that can be gathered without illegal action is fair game, so they gather anything and everything they can, storing it just in case.

They are without doubt capturing and recording all and any email, instant messages, Web pages, social media traffic, and so on. Recent disclosures reveal thatthe NSA collects"nearly everything a user does on the Internet," then offers analysts tools to search that data. The NSA has a variety of explanations why it's all legally gathered.

Read more here:
Nude photos, phone records, NSA data offer essential lessons for admins