Yesterday the web site Medium posted that they got a surprise visit from the Joint Terrorism Task Force to talk about some Google searches they were doing about pressure cookers, back packs, and other interesting things to search for. The real story broke this morning that it was not Google turning information over, but rather the former employer of the husband in this story that turned over corporate proxy logs because the former employer was worried about what was being searched for. It is not uncommon (actually this happens all the time) for employers to monitor what an employee is doing on the internet. While it is rare for employers to actually do anything with the proxy logs (including porn sites visited), in this instance, the employer or HR probably freaked out and then turned the logs over to the police.
Really this is not uncommon.
What is uncommon is that the rumor mill yesterday including the automatic assumption from the writer at Medium.com was that this was part of the overall pervasive surveillance state that has grown up over the last dozen years since 9/11. It was not implausible, if anything it made sense that Google turned over their search records. Google took it in the short pants yesterday because everyone was willing to believe that Google was responsible for turning over data for something that might or might not be worrisome.
The scary part is this quote from the medium article:
They mentioned that they do this about 100 times a week. And that 99 of those visits turn out to be nothing. I don’t know what happens on the other 1% of visits and I’m not sure I want to know what my neighbors are up to.
Seriously, and the pundits agree, if they do this 100 times a week, people would have noticed, and someone would have posted even if just to Facebook that they got a polite visit from the JTTF. Not sure what the real truth is, but I have a sneaking suspicion that this might be true to an extent. But then there is always room for doubt. I sure would have posted about an encounter with the JTTF if they came by for a cup of tea and a lookie loo around the apartment.
I don’t think that the Medium lied at all; I think that with all interactions we have with officials at times it is hard to find out what is really happening.
The real problem is what the recent leaks about PRISM have really done to all of us, even those in the information security field.
It was absolutely plausible that Google was to blame, it had a ring of truth, we talked about it a lot, Google remained silent, and we were allowed to run with our plausible truth without anyone providing a check and balance to our thinking.
Blaming Google was believable and plausible
Bruce Schneier had an excellent post about trust to go along with this as well you should read about now.
The problem is that from end to end, we don’t as people really trust the companies we deal with on line anymore. We believe that they are evil; spying on us, in collusion with spy agencies, and that anything and everything we say and do online is being monitored by nameless faceless people somewhere in the world.
We believe the worst because of the recent revelations about PRISM and other systems. We are being watched, the problem with that is that I really don’t think that is what we want to have happen.
(Cross-posted @ TechwagTechwag)