630 likes | 1.05k Views
The USA Patriot Act. Aaron Nishina Jon Gerard Ricky Sood . The USA Patriot Act . Formal definition: the Uniting and Strengthening America by Providing Tools Required To Intercept and Obstruct Terrorism (USAPA). History Behind The Computing Policies of the USAPA.
E N D
The USA Patriot Act Aaron Nishina Jon Gerard Ricky Sood
The USA Patriot Act • Formal definition: the Uniting and Strengthening America by Providing Tools Required To Intercept and Obstruct Terrorism (USAPA)
History Behind The Computing Policies of the USAPA • Attorney General John Ashcroft • His views on cyber-crime in the United States pre-9/11 • May 22, 2001
Terrorism In the U.S. • Domestic vs. International terrorism • The need to fight terrorism • Relation to computing • The government’s solution
What is the Patriot Act? • Anti-terrorism legislative document • Addresses cyber crimes issues • Fundamental privacy vs. security issues • Creates new laws / Appends Old Laws
Some of the Major Provisions • Court subpoena no longer needed for ISP’s to give information • Computer crimes are now “terrorist” offenses • ISP’s have to give up more user information • Court orders no longer needed for monitoring suspects in computer crimes cases • Appends the Computer Fraud and Abuse Act • Major changes at Libraries in the U.S. • Development of electronic crime task force within the U.S. Secret Service • Implementation of the Carnivore Tracking Device
Who Are the Stakeholders? • Computer users in the public • Internet Service Providers • Libraries • Law Enforcement • Terrorists
Ethical and Legal Questions about the USAPA • The USAPA affects policies regarding wiretapping and warrants • As is common with such cases, it is asked “Do these new changes violate Constitutional (Legal) Rights?” • Many people have strong reservations about the need for privacy. “Do these new policies violate the right to privacy?”
Ethical and Legal Questions • Debate has arisen over usefulness vs. legitimacy • No cases has challenged the computer provisions in the USAPA yet • Biggest concerns: email and information handling • Fourth and Ninth Amendments in Question
The Right to Privacy • Not expressly given in the Constitution • Fourth Amendment is a compelling argument for privacy because it guarantees the right to be secure in one’s own person, house, and papers • Fifth Amendment protects people from divulging certain information • Ninth Amendment grants rights not expressly given in the Constitution
The Right to Search only with Probable Cause • Email interception has been treated in the USAPA as similar to wiretapping • Fourth Amendment requires probable cause for the issue of a warrant • In Katz vs. U.S. 1967, the Supreme Court stated that the Fourth Amendment protects people, not places. What a person seeks to keep private is constitutionally protected (phone conversations included)
To reiterate: • Who are the major sides in the argument for and against the Patriot Act? • U.S. Government offices such as the Whitehouse, CIA, FBI, and Dept. of Justice are in favor. • Civil Liberties Groups such as the ACLU, and Electronic Frontier Foundation (EFF)are against it.
Analysis of the USAPA by President Bush “Surveillance of communications is an essential tool to pursue and stop terrorists. The existing laws were written in the era of rotary telephones. This bill met with an overwhelming support in Congress because it upholds and respects civil liberties.
Analysis of the USAPA by the EFF “It seems clear that the vast majority of sections included have not been carefully studied by Congress, nor was sufficient time taken to debate it or hear testimony from experts. The civil liberties of ordinary Americans have taken a tremendous blow”
Analysis of the USAPA by the Congressional Research Service “Critics of the USAPA have suggested that it may have gone too far. The Act itself responds to some of these reservations. Many of the wiretapping amendments sunset on December 2005. The Fourth Amendment protects private conversations, but it does not cloak even highly personal information [such as ISP records].”
Case Study: Zacarias Moussaoui • How would the USAPA have affected the events leading up to 9/11? • In specific, we look at computer-related provisions in the USAPA • We chose to study the only case involving someone on trial for the 9/11 attacks: Zacarias Moussaoui
Case Study: Zacarias Moussaoui - Who was he? • A 33 year old French-born Moroccan with a history of Muslim radicalism • Entered the U.S. February 2001 and immediately began learning how to fly • Studied at the Pan Am Flying Academy in Eagan, Minnesota • He paid for his lessons with about $8000 in cash
Case Study: Zacarias Moussaoui - Who was he? • Instructors became suspicious because it seemed that Moussaoui was most concerned with steering aircraft, and not landing or taking off • FBI detained Moussaoui on August 17 and he is now charged with 6 criminal counts concerning 9/11.
Case Study: Zacarias Moussaoui • At the time of his arrest, the FBI found flight manuals for a Boeing 747, 2 knives, fighting shields and a laptop computer • The FBI was also notified by French Intelligence that Moussaoui was suspected of involvement with Islamic extremists
Case Study: Zacarias Moussaoui - FBI Requests a warrant • The FBI requested a warrant under the Foreign Intelligence Surveillance Act (FISA) to search his computer • Denied due to insufficient evidence that Moussaoui was involved with terrorists. • It turns out that information regarding the spraying of pesticides from planes was among the content on his computer.
Case Study: Zacarias Moussaoui - The Relationship to the USAPA • How does this case relate to the Patriot Act? • The requested for a warrant was under provisions by the FISA. These provisions have been updated with the USAPA • There are additional provisions in the USAPA alone that could have allowed a warrant to be issued
Case Study: Zacarias Moussaoui - Details We are Interested In. • Moussaoui was a suspected terrorist by French Intelligence • He was suspected by the FBI in Minnesota to be a terrorist
Case Study: Zacarias Moussaoui - The act of getting a warrant • FISA is changed by USAPA to state that terrorism only needs to be a “significant purpose for an investigation” ; this is less than “probable cause” • Other USAPA provisions could also have been used to obtain a warrant
Case Study: Zacarias Moussaoui - What can the FBI do with that warrant? • Under Section 219, a FISA warrant now entitles investigators the ability “to coordinate efforts to investigate potential hostile attacks” • Would have allowed for the searching of his computer • This is how computers are very much a part of this case!
Case Study: Zacarias Moussaoui - What was on his computer? • Pesticide and Crop Dusting Information • In retrospect, relevant because of Anthrax Attacks • What is important is the potential information!
Case Study: Zacarias Moussaoui - What was on his computer? • Ethical: Overall good to American people is obvious • Unethical action of invading Moussaoui’s privacy relatively minor? • What is important is the potential information
Case Study: Zacarias Moussaoui • Benefits of USAPA seem clear • Disadvantages seem to be minor • We need to examine other cases regarding the USAPA
Case Study 2: Internet Service Providers • Part of Corporate America • How does the USA Patriot Act affect them? (Sec. 212) • Law Enforcement’s POV • Civil Libertarian’s POV • Pro’s & Con’s • Ethical Questions
ISPs: Part of Corporate America • They do not generally engage in criminal or terrorist activity • There are large and small ISPs alike and the effects on both must be taken into account. • The financial impacts on both must be taken into account
How does the USA Patriot Act affect ISPs? • Allows ISPs to “voluntarily” disclose electronic communications • In the event immediate danger or death or serious bodily injury to a person requires such disclosure.
Law Enforcement’s POV • Previous Law was inadequate • No provisions allowing providers to disclose customer records or communications in emergencies • Did not expressly permit a provider to voluntarily disclose “non-content” records to law enforcement for purposes of self protection • Providers could disclose the content of communications for this reason
What Does “Non-Content” Mean • It includes records of session times and durations, temporarily assigned network (IP) addresses; means in sources of payments, including credit card or bank account numbers
Civil Libertarians POV • It allows ISPs to voluntarily handover all "non-content" information to law enforcement with no need for a court order or subpoena • It expands the records that the government may seek with a simple subpoena (no court review required) • i.e. “non-content” Information
Pro’s • ISPs may now authorize law enforcement to intercept a computer trespasser’s wire or electronic communications • No need for law enforcement to first obtain a court order before performing these surveillance activities • Computer system operators can now obtain assistance from law enforcement when they are attacked by trespassing “hackers” • The DOJ analogizes this new power to a homeowner calling the police
Con’s • CSPs may now voluntarily disclose information about users to law enforcement • May now voluntarily disclose to the government user communications or customer records • Financial burden on ISP / Additional Man power is uncertain
Ethical Questions • Is it ethical to allow ISPs to make the determination of whether or not there is an emergency involving immediate danger of death or serious physical injury to any person ?
Ethical Questions Continued • Is it ethical to impose any additional technical obligation or requirement on a ISP which may impact it financially?
Ethical Questions Continued • The USA Patriot Act allows for ISPs to “voluntarily” disclose information to law enforcement, how will the public view the ISP who “might” have had information which could have prevented a terrorist act? • The FBI has recently come under fire for this exact situation
Case Study 3: The General Computing Public • A Broader Overview • Internet Users • Students • Software Piracy
Internet Users • Most businesses and home computer users as well, require an internet connection • We are the minority of the Computing Public • Most of the general computing is weary of the security of the internet • Anything that affects an ISPs ability to function also impacts the general computing public
Pro’s • The easy answer…! • Most will not notice any difference • ISPs able to provide better service to their customers
Con’s • The easy answer…! • More innocent victims • ISPs unable to provide adequate service to their customers
Ethical Questions • Is it ethical that the USAPA makes law enforcements job of apprehending criminals easier at the cost of affecting a greater number of innocents?
Ethical Questions Continued • Is it ethical that the USAPA puts some of the burden of this monitoring on ISPs? • If one ISPs PR is damaged due to this… • Could lead to a cascading effect among the privacy policy of ISPs affecting many internet users.
Students • A large population of the general computing public are students • Academic and personal records at can be accessed by law enforcement • This can be viewed in from two perspectives
Pro’s • Some of the hijacking terrorists were here on student visas • Other immigrants illegally gain entrance to the US under the guise of being students • If the FBI might be able to track those terrorists through their student records • The president acknowledges this fact
Pro’s Continued • Statements made by the President regarding student visas • "We're going to start asking a lot of questions that heretofore have not been asked" • "We're generous with our universities. We're generous with our job opportunities and never did we realize that people would take advantage of our generosity to the extent they have”
Con’s • It is easier for law enforcement to gain access to student records • There are already exceptions to FERPA (Buckley Act) for law enforcement to access these records • More students will be looked upon with suspicion especially those with student visas