EFF-Austin on KOOP radio (Jun 17)

EFF-Austin’s Jon Lebkowsky and Gregory Foster were interviewed by Mark Boyden on KOOP Radio’s “Reflections of Community Outreach” program on June 17, 2013. The conversation ranged across the history of EFF-Austin, the 2013 Texas Legislature session, and NSA domestic spying.
http://www.koop.org/schedule/detail.php?ext=info&oa_id=42

https://soundcloud.com/gregoryfoster/effaustin-jun-17-koop-radio

Crowdsource PACER liberation in tribute to Aaron Swartz

United States Courts logo

In late January, Aaron Greenspan announced “Operation Asymptote” to the influential Liberation Technologies mailing list:

In case anyone is interested, I’ve built a tool to crowdsource the downloading of PACER materials. You can find details here:
http://www.aarongreenspan.com/writing/essay.html?id=85
http://www.plainsite.org/asymptote/index.html

I looked into Operation Asymptote, and recommend it as an effective and poetic tribute to Aaron Swartz‘s memory. Here’s some background on how it works.

“PACER” stands for Public Access to Court Electronic Records. It’s a network of servers hosting case and docket information from federal district, bankruptcy, and appellate courts.

As far as open government history is concerned, PACER was ahead of its time, initially providing terminal access in libraries and office buildings as early as 1988, then moving to the web in 2001.

Its network architecture and system design have not kept pace with the times. Neither has its fee structure, which was increased to $0.10 per page in September 2011. Charges are even applied to search results, where a page is defined as 4,320 bytes. I suppose one could argue it makes sense that the Administrative Office of the United States Courts should charge a nominal fee for documents which are in the public domain if you consider the cost of running and securing the service, maybe even upgrading it now and then. But that’s not what the fees are exclusively used for. In fact, PACER makes a sizable profit and some of those funds are used in a slushy way by the U.S. Courts, enabling at least one court to purchase flat screen LCDs and audio speakers installed in court benches.

What other options are out there for accessing federal case law? Open government pioneer Carl Malamud says commercial ventures such as Lexis-Nexis, West Law, and Bloomberg Law compete for a $6.5 billion market built around extracting rents from this public commons:

Countless government lawyers, public interest lawyers, and solo practitioners are quick to point out that they are priced out of the market and cannot afford access to the tools they need for their job. For the rest of us, the law truly has been locked up behind a cash register, affordable only to those who can pay the enormous price. We are a nation of laws, but the laws are not publicly available. This is a fundamental issue for democracy, for if we are a nation of laws, we must be able to consult the cases and codes of our government.

This brings to mind something important Jacob Appelbaum said the other day:

The old phrase “Ignorance of the law is no excuse” really rings hollow in an era of secret law.

The PACER system excludes a segment of the public as well as law practitioners who cannot afford access to the case law, which enforces its own form of ignorance. When Aaron Swartz met Steve Schultze in 2008 and learned about the PACER system, it seems he recognized an injustice and decided to do something about it. And as seems emblematic of what I have learned of Aaron Swartz’s ways, he outsmarted an institution with the assistance of technology. Here’s Steve Schultze’s description of meeting Aaron Swartz, the idea for a “Thumb Drive Corps” to liberate PACER documents from 16 public libraries temporarily granted free access, and Aaron Swartz’s automation of that process so he could download 2.7 million files in two days.

Steve’s post also describes the provenance of the technology underlying Aaron Greenspan’s proposed Operation Asymptote, the RECAP Firefox plugin.

I called up one of the authors [of the paper “Government Data and the Invisible Hand”], Ed Felten, and he told me to come down to Princeton to give a talk about PACER. Afterwards, two graduate students, Harlan Yu and Tim Lee, came up to me and made an interesting suggestion. They proposed a Firefox extension that anyone using PACER could install. As users paid for documents, those documents would automatically be uploaded to a public archive. As users browsed dockets, if any documents were available for free, the system would notify them of that, so that the users could avoid charges. It was a beautiful quid-pro-quo, and a way to crowdsource the PACER liberation effort in a way that would build on the existing document set.

As a result, we have the RECAP collection at The Internet Archive which as of this writing consists of 851,083 items.

Here’s the RECAP website where you can install the plugin, or browse the archive.

And here’s the next piece of the puzzle:

The Judicial Conference of the United States approved a measure in March 2010 stating that you will not owe a [PACER] fee unless your account accrues more than $10.00 of usage in a given quarter. In September 2011, this amount was increased to $15.00. If you accrue less than $15.00, your fees are waived for that quarter and your billing statement will have a zero balance. This policy change will be effective for the July 2012 statement.

So that means that any individual using PACER can download 150 pages every quarter for free. If you use the RECAP plugin while you are doing it, those pages are automatically uploaded to the Internet Archive where they become true public records without having to do anything except click on a link. Here’s the PACER registration page, where you will need a credit card to set up an account but don’t necessarily have to be charged fees.

Don’t know what to download? That’s where Aaron Greenspan’s Operation Asymptote and his public access law website PlainSite can help. As he explains in his post announcing the project, Aaron Greenspan wanted to find out all about Assistant United States Attorney Stephen P. Heymann, who played a role in prosecuting Aaron Swartz’s case. And he did. Here’s all of Heymann’s cases.

Now he wants to make “every U.S. Attorney and [Assistant U.S. Attorney]’s full career as a prosecutor available to the public to examine in its entirety.” So those are the links queued up in Operation Asymptote. Register with PACER, start Firefox w/ RECAP installed, navigate to the Operation Asymptote site, and begin clicking links till you reach $15 in charges, which you won’t be charged for.
http://www.plainsite.org/asymptote/index.html

That’s what you might call poetic justice.

Xi Jinping’s Visit Amidst a Rattling of Cyber Sabers

Photo by Matt McClain, The Washington Post/Getty Images
Soldier at the 9/11 Memorial at the Pentagon.
Photograph by Matt McClain, The Washington Post/Getty Images.
Image credit: National Geographic

Being a sequence of quotations from contemporary articles contextualizing the visit of the rising Vice President of China amidst a conspicuously timed introduction of unprecedented domestic cybersecurity legislation.

National Post Full Comment (Feb 14) – “From bitter gruel, Xi Jinping to ascend to China’s top job” by Peter Goodspeed
http://fullcomment.nationalpost.com/2012/02/14/xi-jinping/

He arrives in Washington Tuesday on the first stop of a week-long tour of the United States in one of the final diplomatic rituals he must undergo before becoming China’s next leader.

Now vice-premier, Mr. Xi is widely expected to replace President Hu Jintao as secretary-general of the Chinese Communist Party in October, when China will change 60% of the members of the party’s Central Committee and replace seven of the nine members on the ruling Standing Committee of the Politburo.

By spring 2013, he should replace Mr. Hu as president, then become chairman of the Central Military Commission.

Meanwhile…

Hillicon Valley (Feb 13) – “Senate cybersecurity bill would let firms appeal Homeland Security regulations” by Gautham Nagesh
http://thehill.com/blogs/hillicon-valley/technology/210349-senate-cybersecurity-bill-would-let-firms-appeal-regulations

The legislation would task the Department of Homeland Security with determining which sectors of the economy would be covered by new cybersecurity regulations, after risk assessments in consultation with the private sector, the intelligence community and others.

But designated sectors would have the right to appeal whether the regulations apply to them. Several groups representing portions of the private sector considered part of the critical infrastructure have expressed concern about the impact of the regulations on both security and the bottom line.

“Passing the bill is crucial for national security, but not if the provisions on critical infrastructure regulation are watered down. This will be a real test for this Congress,” said James Lewis, senior fellow and director at the Center for Strategic and International Studies.

James A. Lewis is one of the star witnesses for the Senate Homeland Security and Governmental Affairs Committee’s hearing this Thursday on what has been termed “comprehensive” cybersecurity legislation being unveiled by Majority Chair Joe Lieberman and co-sponsor Minority Chair Susan Collins. Senator John (Jay) Rockefeller IV is the other primary co-sponsor, and will be the first witness at Thursday’s hearing.

Examples of sectors considered likely to fall under the new regulations are utilities, water treatment plants and transportation providers. Some sectors, such as major financial institutions and telecom providers, may ask for exemptions based on a demonstrated ability to secure their systems.

After determining which firms are critical infrastructure, DHS would then, in consultation with the private sector, determine cybersecurity performance requirements for firms in the covered sectors.

“There would be a huge market incentive for designated sectors to meet the security standards. But if they don’t DHS and the AG would decide on penalties,” said the spokesman.

What about international cybersecurity standards and practices?

WSJ (Jan 27) – “China’s Cyber Thievery is National Policy—And Must Be Challenged” by former NSA Director Mike McConnell, former Secretary of DHS Michael Chertoff, and former Deputy Secretary of Defense William Lynn.
http://online.wsj.com/article/SB10001424052970203718504577178832338032176.html
This appears to be a copy liberated from between the lines of Rupert Murdoch’s curious digital divide:
http://defense-technologynews.blogspot.com/2012/02/dtn-news-defense-intelligence-news.html

The bottom line is this: China has a massive, inexpensive work force ravenous for economic growth. It is much more efficient for the Chinese to steal innovations and intellectual property—the source code of advanced economies—than to incur the cost and time of creating their own. They turn those stolen ideas directly into production, creating products faster and cheaper than the U.S. and others.

Cyberspace is an ideal medium for stealing intellectual capital. Hackers can easily penetrate systems that transfer large amounts of data, while corporations and governments have a very hard time identifying specific perpetrators.

Stewart A. Baker, another witness for Thursday’s hearing, on the metaphorical wall isolating domestic and foreign intelligence gathering: “I thought that the civil liberties dangers it was supposed to ward off were probably more theoretical than real.”
http://www.skatingonstilts.com/skating-on-stilts/tired-of-reading-chapters-backwards.html

Continuing with the perspectives expressed in the WSJ:

The report to Congress notes that the U.S. intelligence community has improved its collaboration to better address cyber espionage in the military and national-security areas. Yet today’s legislative framework severely restricts us from fully addressing domestic economic espionage. The intelligence community must gain a stronger role in collecting and analyzing this economic data and making it available to appropriate government and commercial entities.

Congress and the administration must also create the means to actively force more information-sharing. While organizations (both in government and in the private sector) claim to share information, the opposite is usually the case, and this must be actively fixed.

National Journal (Feb 13) – “Feinstein Introduces Information-Sharing Bill Ahead Of Senate Cybersecurity Debate” by Josh Smith
http://techdailydose.nationaljournal.com/2012/02/feinstein-introduces-informati.php

Feinstein’s proposal would require the government to designate an agency as a “cybersecurity exchange” to coordinate information sharing; allow the government to share classified cybersecurity information with certain private-sector organizations; and provide liability protection for companies that share information.

“Alongside terrorism, cybersecurity is perhaps the number one threat facing our nation today, but many obstacles exist that prevent the cooperation and coordination needed to deter this growing threat,” Feinstein said in a statement.

NextGov (Feb 13) – “DHS budget would double cyber spending to $769 million” by Aliya Sternstein
http://www.nextgov.com/nextgov/ng_20120213_7454.php

There is bipartisan support for improving computer network defenses, so the outlook may be positive for obtaining much of the proposed $769 million from Congress. The funding would go toward the National Cyber Security Division for protecting federal networks and coordinating with the private sector on safeguarding critical infrastructure systems such as utility grids.

For perspective:

U.S. Department of Defense (Feb 13) – “DOD Releases Military Intelligence Program Requested Top Line Budget for Fiscal 2013”
http://www.defense.gov/releases/release.aspx?releaseid=15058

The Department of Defense released today the military intelligence program (MIP) requested top line budget for fiscal 2013. The total request, which includes both the base budget and Overseas Contingency Operations appropriations, is $19.2 billion.

The department determined that releasing this top line figure does not jeopardize any classified activities within the MIP. No other MIP budget figures or program details will be released, as they remain classified for national security reasons.

What is the mood of the Senate, and the posture towards the private sector?

United States Senate Democrats (Feb 9) – ‘[Senate Majority Leader Harry] Reid Outlines Process For Cybersecurity Legislation, Including “Fair and Open” Amendment Process [in letter to US Chamber of Commerce CEO Tom Donohue]’:
http://democrats.senate.gov/2012/02/09/reid-outlines-process-for-cybersecurity-legislation-including-%E2%80%9Cfair-and-open%E2%80%9D-amendment-process/

I was struck by the testimony of the leaders of our Intelligence Community at recent Intelligence Committee hearings. Director of National Intelligence James Clapper called cyber security “a profound threat to this country, to its future, its economy, and its very being.” And Robert Mueller, Director of the Federal Bureau of Investigation (FBI), stated that, “stopping terrorist attacks with the FBI is the present number one priority, but down the road, the cyberthreat, which cuts across all programs, will be the number one threat to the country.” Think about that: in the years to come, malicious cyber activity will pose a threat to our country greater than terrorism. We simply cannot afford to repeat the mistakes of the past by failing to prepare for the leading threats of the future.

Yet, addressing cyber security is not simply a matter of staving off a future threat; it demands that we stop the hemorrhaging of national security secrets, intellectual property, and jobs already underway. In a recent letter to Senate Republican Leader McConnell and myself, eight former high-ranking national security officials led by Secretary of Homeland Security Michael Chertoff and Secretary of Defense William Perry pointed out that, not only are critical infrastructure such as power plants and hospitals at risk; moreover, “foreign states are waging sustained campaigns to gather American intellectual property – the core assets of our innovation economy – through cyber-enabled espionage.” They counseled that the “constant barrage of cyber assaults has inflicted severe damage to our national and economic security, as well as to the privacy of individual citizens. The threat is only going to get worse. Inaction is not an acceptable option.”

At this point, all signs indicate informed consensus for this legislation to pass quickly through Committee into an opportunity for debate culminating in passage through the Senate.

In closing, witness Stewart A. Baker from his text Skating on Stilts: Why We Aren’t Stopping Tomorrow’s Terrorism, (Stanford, California: Hoover Institution Press, 2010), p. 5-6.
http://www.skatingonstilts.com/skating-on-stilts/tired-of-reading-chapters-backwards.html

In the 1990s, after a term as the National Security Agency’s top lawyer, I spoke out in favor of keeping a wall between spies and cops. The idea was simple enough. Agencies like the National Security Agency (NSA) gathered intelligence on a global scale, and they rarely observed the legal constraints that applied to domestic policemen. To protect the civil liberties of Americans, it only made sense to separate intelligence gathered in that way from evidence assembled in a criminal investigation. With a wall between the two, criminal investigators from agencies like the Federal Bureau of Investigation (FBI) would be forced to observe the legal restrictions that went with criminal investigative tools. They wouldn’t be tempted to take the shortcut of using intelligence that had been gathered with less attention to civil liberties.

That was the theory, anyway. In practice, the wall crippled our last, best chance to catch the hijackers before September 11, 2001. In August of that year, the wall kept the FBI from launching a fullscale criminal search for the hijackers—even though all of our security agencies were expecting an imminent al Qaeda attack, and even though both the FBI and the Central Intelligence Agency (CIA) knew that two dangerous al Qaeda operatives had entered the United States. The failure to track those operatives down wasn’t a matter of incompetence or a failure to communicate, at least not in the last weeks. FBI criminal investigators spent the last part of August begging for a chance to track the terrorists. They were shut down cold—by lawyers who told them the wall simply could not be breached.

I wasn’t the most enthusiastic proponent of the wall. I thought that the civil liberties dangers it was supposed to ward off were probably more theoretical than real. But I saw no harm in building in an extra margin of protection for civil liberties. If nothing else, the wall would reassure privacy advocates in the courts, in the newspapers, and on Capitol Hill that intelligence would not be misused. It was insurance, not just for civil liberties, but for the intelligence agencies themselves. For both reasons, I thought, it was best to keep the wall high.

It made eminent sense inside the Beltway.

Until the world outside the Beltway broke through, just a few yards from where I’m standing.

Will the world outside the Beltway be heard in the composition of these new laws and during the creation of these new authorities? Are the new cyber sabers already rattling?