Saturday, November 22, 2008

Congress Reports on Targeted Foreign Surveillance of US Email

According to separate reports this week, the Chinese are spying on US email and Barack Obama is having his Blackberry taken away.

New York Times reporter Jeff Zeleny writes in his recent article entitled, “Give up his Blackberrry? Yes he can. Maybe” :

“Presidents were not advised to use e-mail because of security risks and fear that messages could be intercepted,” according to Diana Owen, who heads the American Studies program at Georgetown University. "They could come up with some bulletproof way of protecting his e-mail and digital correspondence, but anything can be hacked,' said Ms. Owen, who has studied how presidents communicate in the Internet era."

Although, in partial answer to Ms. Owen, it’s also true that not everything is hacked and not everything is stolen. Some things are more stolen than others. Some communiqués are less read.

Thomas Claburn writes this week in Information Week:

"China is targeting U.S. government and commercial computers for espionage," says the U.S.-China Economic and Security Review Commission's (USCC) 2008 Annual Report to Congress.

"Alan Paller from the SANS Institute, an Internet security company, believes that in 2007 the 10 most prominent U.S. defense contractors, including Raytheon, Lockheed Martin, Boeing, and Northrop Grumman, were victims of cyberespionage through penetrations of their unclassified networks."

Claburn goes on to write:

“In June, U.S. Rep. Frank Wolf, R-Va., said that four computers in his office had been compromised in 2006 and that computers used by other members of Congress and by the House Foreign Affairs Committee had also been hacked.”

Claburn quotes Wolf as saying, “These cyberattacks permitted the source to probe our computers to evaluate our system's defenses, and to view and copy information. My suspicion is that I was targeted by Chinese sources because of my long history of speaking out about China's abysmal human rights record."

To run full circle on presidential email, according to Demetri Sevastopulo writing for the Financial Times on Novemeber 7th:

“Chinese hackers have penetrated the White House computer network on multiple occasions, and obtained e-mails between government officials, a senior US official told the Financial Times.
The cyber attackers managed to penetrate the White House system for brief periods that allowed them to steal information before US government experts each time patched the system.
The specialists suspect the attacks were sponsored by the Chinese government, although they cannot say for definite.”

Meanwhile the Associated Press writes today, November 22nd:

“BEIJING (AP) — China has denounced a U.S. congressional panel that issued a report accusing it of stepping up computer espionage attacks on the American government, its defense contractors and businesses.”

Regardless of foreign involvement, the wider issue here may be whether email continues to offer a reasonable expectation of privacy. Even before the courts do, it’s a question the American Bar Association may soon need to revisit. Without legal consensus of email’s reasonable expectation of privacy, businesses and government, and the law firms that serve them may need to treat their communiqué’s more like they should have treated money.

There are, in fact, some ways to easily send email without spilling the beans to moneyed, foreign, or governmental interests. My own firm continues to look at ways at keeping email easy without opening it to anyone with an incentive to pry. It’s one of the reasons why the Los Angeles Bar brought our firm in to help secure email for its 22,000 members in California and the Pacific Rim.

I’m including here the following link into the LA Bar's free offer of our service. They’ve made it available for a limited time. I’m also including a link into a legal education class I taught on email privacy at the Los Angeles County Bar with former CIA staffer, Fred Klapetzky, now a disaster recover expert with Marsh Consulting.

No comments: