The “Hi Tech” Corporate Police State: “Reengineering” the Internet … for Persistent Surveillance

Within that dusky haze, obscured by claims of national security or proprietary business information, take your pick, would you bet your life that the wizards of misdirection and deception care a whit that you really are more than a disembodied data point?

Lost in the debate surrounding privacy invasion and data mining however, is the key role that internet service providers (ISPs) play as intermediaries and gatekeepers. From their perch, ISPs peer deeply into and collect and analyze the online communications of tens of millions of users simultaneously, in real-time.

Concerted efforts to eliminate online anonymity, in managed democracies and authoritarian regimes alike, are greatly enhanced by the deployment of deep packet inspection (DPI) sensors and software on virtually all networks.

As Canadian privacy watchdogs DeepPacketInspection.ca tell us, DPI offer ISPs “unparalleled levels of intelligence into subscribers’ online activities.”

“To unpack this a little” they aver, “all data traffic that courses across the ‘net is contained in individual packets that have header (i.e. addressing) information and payload (i.e. content) information. We can think of this as the address on a postcard and the written and visual content of a postcard.”

All of which is there for the taking, “criminal evidence, ready for use in a trial,” Cryptohippie chillingly informs.

Still the illusion persists that communication technologies are somehow “neutral.” Neither good nor bad but rather, much like a smart phone loaded with geolocation tracking chips or the surveillance-ready internet itself, simply there for all to use.

Reality as is its wont, bites with ever-sharper teeth.

As with other recent advances touted as breakthroughs–from the biomedical and pharmaceutical research that spawned factory farming and genetically-modified crops to something as seemingly banal as the highway system that ushered in exurban sprawl–from the workplace to the car-pool lane to idle hours spent trolling the web, our techno-toys function rather handily as instruments of social control.

Simply put, DPI hand our minders an unprecedented means to examine and catalogue our online communications. From blog posts to web searches to the content of email and video files, we’re delivered up every day, figuratively and literally, to advertising pimps or law enforcers, a faceless army of gatekeepers guarding an indefensible system in perpetual crisis.

Subtly guiding internet traffic into fast and slow lanes, based on the size and content of a particular file, or examining said file for malicious or illegal content, DPI has been deployed as a means of conserving bandwidth and as a defense against viral attacks.

Leaving aside the critical issue of net neutrality, linked to moves to further monetize the internet and hold communications hostage to the ability to pay for quicker network speeds, there is no question that ISPs and individual users should have a keen interest in defending themselves against the depredations of organized gangs of identity thieves and predators.

If DPI were solely a tool to weed out malicious hacks or channel traffic in more equitable ways, thereby ensuring the broadest possible access to all, it could provide concrete benefits to users and contribute to a safer and more secure communications’ environment.

This hasn’t happened. Instead, securocrats and corporatists alike are working feverishly to “reengineer the internet”–for the delivery of targeted ads and as a surveillance platform–and both view DPI’s ability to read individual messages, the “deep packet” as it were, as a singular means to do just that.

Last year, Antifascist Calling reported on moves by surveillance mavens to deploy deep packet sniffing Einstein 3 software developed by the National Security Agency on the nation’s telecommunications infrastructure.

As with the agency’s pervasive driftnet spying on Americans, as AT&T whistleblower Mark Klein revealed in his release of internal company documents, DPI and the hardware that powers it is the “secret sauce” animating these illegal programs.

Earlier this year, Klein told Wired Magazine that the documents suggest that NSA’s warrantless wiretapping “was just the tip of an eavesdropping iceberg,” evidence of “an untargeted, massive vacuum cleaner sweeping up millions of peoples’ communications every second automatically.”

Ostensibly designed for detecting and thwarting malicious attacks aimed at government networks, The Wall Street Journal revealed that the packet sniffing Einstein 3 program, developed under the code name TUTELAGE, can screen computer traffic flowing into state portals from private sector networks, including those connecting people to the internet.

“Its filtering technology,” journalist Siobhan Gorman wrote, “can read the content of email and other communications.”

Einstein 3 is considered so toxic to privacy that AT&T sought “legal assurance that it will not be sued for participating in the pilot program,” The Washington Post reported. Although they were given assurances by Bush’s former Attorney General, Michael B. Mukasey, that the firm “would bear no liability,” AT&T deferred until the Obama administration granted the waiver in 2009. So far, the federal government has expended some $2 billion on the program.

Jacob Appelbaum, a security researcher with the Tor Anonymity Project told CNET News in March that expanding Einstein 3 to private networks “would amount to a partial outsourcing of security” to unaccountable corporations.

But it will do much, much more. Appelbaum averred that the project represents “a clear loss of control [for the public]. And anyone with access to that monitoring system, legitimate or otherwise, would be able to monitor amazing amounts of traffic.”

A year later, a related program under development by NSA and defense giant Raytheon, “Perfect Citizen,” relies on a suite of sensors deployed in computer networks that will persistently monitor whichever system they are plugged into. While little has been revealed about how Perfect Citizen will work, it was called by a corporate insider the cyber equivalent of “Big Brother,” according to an email obtained by The Wall Street Journal.

I have pointed out many times that under the rubric of cybersecurity (the latest profit-generating “War on Terror” front), the secret state, America’s telecoms and internet service providers are conjoined at the hip in what are blandly called “public-private partnerships.”

Indeed, the secrecy-shredding web site Public Intelligence, posted a confidential document that provided details on the inner workings of one such initiative, Project 12.

Ultimately, the goal of the secretive enterprise, Public Intelligence averred, “is not simply to increase the flow of ‘threat information’ from government agencies to private industry, but to facilitate greater ‘information sharing’ between those companies and the federal government.”

This will be accomplished once “real-time cyber situational awareness” is achieved across all eighteen critical infrastructure and key resources (CIKR) sectors identified in the report.

Simply put, NSA’s warrantless wiretapping program and a constellation of top secret cybersecurity projects will come to nought if filtering software that examines–and catalogues–the content, or deep packets, of those spied upon aren’t deployed across all networks, public and private.