[liberationtech] Could the U.S. Government Start Reading Your Emails?

[Rebecca MacKinnon]

http://news.discovery.com/tech/government-reading-emails-privacy-111203.html

Could the U.S. Government Start Reading Your Emails?

A new security research project is designed to scan millions of IMs, texts and emails every day.

Sat Dec 3, 2011 12:34 PM ET | content provided by John Brandon, FoxNews.com/SciTech

Cherie Anderson runs a travel company in southern California, and she's convinced the federal government is reading her emails. But she's all right with that.

"I assume it's part of the Patriot Act and I really don't mind," she says. "I figure I'm probably boring them to death."

It's likely Anderson is not alone in her concerns that the government may be monitoring what Americans say, write, and read. And now there may be even more to worry about: a newly revealed security research project called PRODIGAL -- the Proactive Discovery of Insider Threats Using Graph Analysis and Learning -- which has been built to scan IMs, texts and emails . . . and can read approximately a quarter billion of them a day.

PHOTOS: 5 Ways to Protect Yourself Online

"Every time someone logs on or off, sends an email or text, touches a file or plugs in a USB key, these records are collected within the organization," David Bader, a professor at the Georgia Tech School of Computational Science and Engineering and a principal investigator on the project, told FoxNews.com.

PRODIGAL scans those records for behavior -- emails to unusual recipients, certain words cropping up, files transferred from unexpected servers -- that changes over time as an employee "goes rogue." The system was developed at Georgia Tech in conjunction with the Defense Advanced Research Projects Agency (DARPA), the Army's secretive research arm that works on everything from flying cars to robotic exoskeletons.


DNEWS VIDEO: IPHONE IN SPACE EXPLAINED
Initially, PRODIGAL will scan only the communications of military volunteers and people who work in federal agencies. But the very existence of such a project is sure to unnerve citizens like Anderson. Is the government reading my emails? Are they already monitoring me?

"Some people say it's one step further toward a police state," said Anthony Howard, a book author and security expert who has consulted for the Department of Homeland Security.

But Bader and other experts are quick to dismiss the idea that PRODIGAL could be used to monitor everyone in America. The scans work only on internal systems, they say -- not across the entire Internet. And the experts say such a project is long overdue: by monitoring for "anomalies" and predicting extreme behavior, catastrophes can be prevented, such as a soldier in good mental health becoming homicidal or a government employee sharing key classified information.

ANALYSIS: Is the Internet Destroying Privacy?

"Today, an analyst may receive tens of thousands of 'anomalies' per day, where an anomaly is an unexplained event," Bader said.

The new system is designed to aid analysts in processing those anomalies. And it's not alone.

Bader equated the PRODIGAL system to Raytheon SureView, an internal scanning system that looks for suspicious activity and alerts federal agencies about possible threats. Another system is the Einstein project, which was developed after 9/11 and scans government employees for key words and links suspicious activity to National Security Agency databases.

But PRODIGAL scans vastly more data than those systems: as much as a terabyte or more per day, what Georgia Tech described as "massive data sets."

PRODIGAL is part of an existing DARPA security project called Anomaly Detection at Multiple Scales (ADAMS), which was announced earlier this year. Details about how ADAMS works are not widely known; Georgia Tech's recent announcement is one of the first reports to explain how these detection engines work.

According to Bader, PRODIGAL uses complex "graph-processing" algorithms to analyze threats and piece together a jigsaw puzzle of communications. The system then ranks the unusual activity before feeding the most suspicious threats to agents.

Cyber-security expert Joseph Steinberg, CEO of Green Armor Solutions, said ADAMS is unique in that it scans through a massive stream of data. He says the new project, which will take about two years to develop and will cost $9 million, will be more effective at analyzing threats and determining if they are valid.

But the issue is not the scanning technology itself; it's how the information is interpreted -- and whether it ultimately helps at all, Howard told FoxNews.com.

"Since there is no real data publicly available to substantiate that any of this technology is preventing terrorist attacks or strengthening our borders from within, [we can't] really say definitively that this technology is doing any good," he said.

The challenge, he said, is that criminals and terrorists often use multiple channels of communication, some encrypted -- and know how to avoid existing detection systems.

Nevertheless, PRODIGAL's ability to scan reams of data is clearly the next step in tracking unusual activity, and it's guaranteed to raise a red flag for Anderson and others.

"Since people tend to be imperfect, the data captured can easily be mishandled. Where does it end?" Howard said.

--
Rebecca MacKinnon
Schwartz Senior Fellow, New America Foundation
Cofounder: GlobalVoicesOnline.org
Author: ConsentoftheNetworked.com
Cell: +1-617-939-3493
Twitter: @rmack




_______________________________________________
liberationtech mailing list
liberationtech at lists.stanford.edu

Should you need to change your subscription options, please go to:

https://mailman.stanford.edu/mailman/listinfo/liberationtech

If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"

You will need the user name and password you receive from the list moderator in monthly reminders.

Should you need immediate assistance, please contact the list moderator.

Please don't forget to follow us on http://twitter.com/#!/Liberationtech

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE