https://research.tue.nl/en/publications/communication-in-a-world-of-pervasiv... Appelbaum, Jacob R.. /Communication in a world of pervasive surveillance : Sources and methods: Counter-strategies against pervasive surveillance architecture. Eindhoven : Eindhoven University of Technology, 2022. 327 p.
CHAPTER 1 Introduction "Wer die Wahrheit nicht weiß, der ist bloß ein Dummkopf. Aber wer sie weiß und sie eine Lüge nennt, der ist ein Verbrecher." 1 -- Bertold Brecht, Das Leben des Galilei, Seite 71 Electronic surveillance systems, in their twenty-first century totality, create an environ- ment of pervasive surveillance where most, if not all, communications channels are mon- itored in some capacity. Sociologists and other academic researchers define surveillance in many different ways [Mar15]. We consider the definition from Lyon from Surveillance Studies: "any systematic, routine, and focused attention to personal details for a given pur- pose (such as management, influence, or entitlement)" [Lyo14]. Today's Internet is the pri- mary terrain of struggle [GBC11, Kat90, Her00, Ziz08, Cun15, GE07] between those com- mitted to attacking electronic communications, whether in targeted [Bam16] surveillance of individuals or indiscriminate mass surveillance [Eur18, Eur78, Eur06, Eur84, Eur10, Eur87, Eur15, Eur16] of whole populations, and those committed to securing communi- cations from attack. The two most prevalent surveillance adversaries are state [Gre14b] and corporate [Zub19, Int21a, Int21b] actors, though in some situations there is no meaningful distinc- tion between these. Fusion Centers [Wik21i] for example, are an American domestic intelligence apparatus that aggregates data provided by government agencies, corpora- tions, and private persons, resulting at times in Americans being persecuted for engaging in constitutionally protected activities. Surveillance data of all kinds collected from other terrains [Goo21, War15b] readily merges into the Internet's IP traffic flows. This collec- tion is not merely through passive observation of our communications, but also through active interaction and exploitation, along with analysis of behavioral data, other systems data, and data at rest. To name just a few examples: · In-person, face-to-face meetings when personal or professional electronic equip- ment is present in the same room [ATL06, CCTM16]. · Targeted and mass surveillance of telephone metadata and call content [SM13, GS14]. · Targeted and mass surveillance of postal mail [Nix13]. · Public and private video surveillance, especially when used in tandem with machine learning for identification based on height, gait, and/or facial structure among oth- ers [EKGBSBA16]. · Stylometry of written text to identify anonymous authors [BAG12]. · Analysis of video and images of biological structures such as veins, ear shape, as well as of body modifications such as piercings and tattoos [RP14]. As new sources of data become available in nearly every realm of life, we find new surveil- lance tools being designed to exploit them. Understanding these surveillance practices is critical for building defenses. It is now commonly understood that the US Government does "kill people based on metadata" [Col14] including children [Sca13a, Bon13, Kri19, AR21], intentionally 2 and unintentionally. The state's capacity for violence is enhanced with additional surveillance capabilities. Historical as well as contemporary use of data and metadata to socially sort [Lyo03] has enabled human rights abuses such as persecuting political refugees [CM+ 17, DNI21], assassinations [Col14] and genocide [Bla12]. Modern proponents of both targeted and mass surveillance regularly claim that grant- ing authorities surveillance powers will help to prevent terrorist acts. We know that while this is sometimes true [EM13, BSSC14], it is often false, with disastrous conse- quences [GRS14, Rot15]. We also know that the existence of interception capabilities puts both the operators [Bam16] and users of communication infrastructure at direct risk, and that the same surveillance methods intended for terrorists are diverted to tar- geting democratically elected leaders [JAS13]. This leads us to ask: In order to protect our societies from terrorist acts, must we leave ourselves vulnerable? Is it worth the trade-off to occasionally catch the least competent would-be terrorists, corrupt officials, spies, criminals, and thieves? The questions themselves seem absurd when the answer promotes criminality of all kinds: corporate espionage, economic warfare, government espionage, human-rights violations, lawfare, so-called "targeted killings" (assassinations), untargeted killings, etc. Yet an affirmative answer to those questions is an observable na- tional policy in countries around the world. The deployment of standardized communications protocols in the last century made it possible to perform surveillance in a highly automated fashion. We investigate some of these surveillance systems extensively with help from documents exposed by whistle- blowers, known and unknown, or other anonymous insiders. We compare the intentions and stated beliefs of surveillance adversaries with those of protocol designers, who in recent years have belatedly started to introduce the term surveillance, and later mass surveillance, into Internet-related protocol publications [FT14, BSJ+ 15a]. 1 "He who does not know the truth is merely a fool. But whoever knows it and calls it a lie is a criminal." 2 The President of The United States of America is directly involved in some assassination decisions [Poi14, Par15], something of an explicit concern [Ken11] to the founders of the country.