The NSA Phone Call Database: The European Perspective

The NSA phone call database is nothing short of a privacy nightmare. Not only is it disconcerting that the President authorized such actions, but America is still unsure about the legality of the whole process. The privacy laws in the US are inadequate for issues of this nature.

It will be interesting to see how this data is retained by the NSA, which is one of the remaining unanswered questions. Europe has much more stringent privacy laws and this excellently written essay explains it in exquisite detail.

Why should anyone care that the outcome would have been so different under European privacy law? One reason for the comparison with Europe is that it enables us to understand better current developments in American law. It is striking how similar American and European data privacy law was in the early 1970s, how different it is today. The first European database privacy statutes of the 1970s drew on the U.S. Privacy Act of 1974. Alan Westin’s Privacy and Freedom, published in 1967, was read widely by both American and European policymakers. There are many reasons for the divergent paths of the two systems. This latest example of difference highlights one set of reasons: the President’s new constitutional powers in fighting terrorism, post-September 11. Congress, the courts, and the public might very well accept that the NSA program is legal, based on the President’s inherent authority as commander-in-chief. In Europe, that would not be possible.

After reading the entire article I am left wondering just how this is all going to play out in the United States. Sure makes you wonder who our elected officials truly believe they represent.

The Ultimate Net Monitoring Tool

Sniffing an enterprise network is a pretty easy task to perform, especially with the right tools. However, just because a tool offers the capability to easily capture data does not mean that interpreting that collected information is easy. That is, unless you have access to the ultimate net monitoring tool, the tool that the NSA enlisted in their eavesdropping program that was recently uncovered.

“Anything that comes through (an internet protocol network), we can record,” says Steve Bannerman, marketing vice president of Narus, a Mountain View, California, company. “We can reconstruct all of their e-mails along with attachments, see what web pages they clicked on, we can reconstruct their (voice over internet protocol) calls.”

Narus’ product, the Semantic Traffic Analyzer, is a software application that runs on standard IBM or Dell servers using the Linux operating system. It’s renowned within certain circles for its ability to inspect traffic in real time on high-bandwidth pipes, identifying packets of interest as they race by at up to 10 Gbps.

Sounds like a well designed product, especially if it is capable of keeping up with traffic flowing at a rate of 10Gbps. When you get that high you generally see software of this nature start to drop packets because of the amount of data being pumped through the pipes.

If you are truly concerned about the NSA reading your email, and opening up sensitive attachments, then encrypting your email is the best thing you can do. Grab PGP and be on your way to ensuring what you write is only read by the intended recipients, not some NSA lackey.