[Air-l] RE: FW: [chineseinternetresearch] National Science Foundation to help CIA spy on IRC chatrooms

[Allan A Friedman]

I am curious what the major issue of concern is here.

Is it that the CIA is involved clandestinely?  While I agree that is
somehat troublesome, the NSF has many portfolios in which the security
community might (and probably does) take an active interest.  Are we
surprised that there is some sort of "reverse technology transfer"?
Should we be upset by this?

Alternatively, we could be upset at the monitoring of chat rooms.  I have
little experience in this sort of research, but Camtempe, Krishnamoorthy
and Yener[1] describe an interesting system that finds clusters of social
activity.  But this  occurs on an *open* system.  There are
countless ways to use Privacy Enhancing Technologies for group
communication.  IRC is not only unencrypted, but the protocol was
designed to enable lurking.  It's not even covert lurking though: the
authors make no attempt to modify their IRC bot so that channel users are
cannot see the surveilling bot.

What is the privacy zone we should expect in open communication forums?
If there is information to be gained by monitoring this sort of thing, why
should any interested actor not exploit it?  Companies like Intelliseek
are already moving to capture and quantify consumer buzz.  Whether they
can successfully turn data into useful information is an interesting
research and business strategy problem, but I am not sure that it is cause
for concern.

Using info gleaned from chat rooms for warrants, or intentionally
mapping from an online identity to a legal identity--these seem like Bad
Ideas.  But is there a strong case for protecting an open system from
passive surveillance?


/\llan

Allan Friedman
Doctoral Student, Public Policy
Kennedy School of Government


[1] http://www.cs.rpi.edu/~yener/PAPERS/35.pdf