When I was a boy, I thought that the English were the most noble of all people. I was Irish Catholic and of Scottish decent; I still thought they were heroes. They had great propaganda. They won every movie that I ever saw. Generations later comes Mel Gibson and they started to lose their luster.
One of the great Saxon heroes was Robert of Locksley, AKA "Robin Hood." Talk about good PR. He was played by every popular leading man from Errol Flynn to Kevin Costner, Russell Crowe, and Sir Sean Connery. His legend was that "he stole from the rich and gave to the poor." Who does that sound like? In any case, he did it by force. He was a thug, a hoodlum, a terrorist, a vigilante, and a bully.
Today we have a competition as to who is going to be the biggest bully on the block called the Internet. We have lots of candidates from criminals to nation states.
First we have the publishing industry personified by the RIAA and the MPAA. They missed the message from Steve Jobs about how to become rich in a world of diminishing reproduction cost; "Lower your prices and make it up on volume." a message as old as the Gutenberg press. Instead they are attempting to use their money to co-opt the coercive power of government to force everyone else, particularly all Internet service providers and users, to bear the cost of a losing battle to enforce their obsolete business model.
One of their attempts to do this is CISPA, the so-called Cyber Intelligence Sharing and Protection Act, but there is no shortage of bills in congress that favor them at the expense of the ordinary law-abiding Internet user. This obnoxious law all but eviscerates the Fourth Amendment, by granting immunity from both criminal and civil liability to both government and industry for sharing and using personal data for any intelligence gathering, investigation or prosecution purpose. About all it requires is that a perpetrator assert that they had a "good faith" belief that they were on the side of the angels. One effect is to shift the burden of proof from the perpetrator to the victim. Lots of luck with that.
Then there is our avenging vigilante, Anonymous. Admittedly, Anonymous tends to "afflict the powerful" but otherwise seems to be arbitrary in its selection of targets. While one may sometimes be sympathetic with their choice, one is often outraged. Moreover, almost any two people will disagree over their choices.
Microsoft has recently embarked upon a program to disable bot-nets by taking down their command and control nodes. While Microsoft is transparent, accountable, and subjects their action to prior approval of a court, this is still an exercise of power. Not just anyone could do this. Google and FaceBook are similarly powerful. They have information about us that dwarfs the imagination. It is the power that we fear. We fear Google, who assures us that they would 'do no evil.' no less than FaceBook, that admits to, not to say brags about, being amoral.
In a recent report to Congress, the DoD asserted that the People's Republic of China is engaged in a massive electronic espionage program targeting our industry. Troubling if true, but suspect because government lies and is amoral. On the other hand, the PRC is clearly a target of the world's largest and most capable intelligence apparatus, the National Security Agency.
Our government would have us believe that China's efforts are different from ours at least to the extent that they target our industry and share the product with their businesses. I doubt that the Chinese appreciate this sophistry. Again there is the problem of trust in government, in general, and NSA in particular. By turning NSA on its citizens, in patent violation of the law, the government has destroyed a generation of trust and the trust of a generation.
Perhaps the biggest bully on our block is the United States Department of Defense. They used computer software and the Internet to conduct sabotage against another sovereign nation in peacetime. At the same time, they published rules of engagement that said that they could retaliate with armed force against any other nation that did the same to them. Sounds like school yard ethics to me. Of course, the best behavior that we can expect of government is political, never ethical; we cannot even agree on the politics.
We have two defenses against these bullies. First, we can demand transparency and accountability. Second, we can insist upon the requirement for warrants.
Of course, the thugs, particularly the government, resist accountability and transparency. "Anonymous" tells you in their name that they do not intend to be transparent. In the case of Operation Fast and Furious, illegal on its face, the Department of Justice, has resisted all attempts to hold anyone accountable. Indeed, the refusal of the Obama administration to produce evidence is now seen as more important than the original egregious offense.
The government has all kinds of excuses for resisting any investigation of its crimes. These range all the way from protecting ongoing investigations, sources and methods, to executive privilege. Indeed in the case of Fast and Furious, the government appears to have initiated an investigation of itself in order to create a shield against congressional oversight. We are told that our need to hold government accountable must yield to the needs of the government rather than the other way around.
The government resists the use of warrants even when there is probable cause and issuance would be all but automatic. For example, instead of getting a warrant to install a tracking device on the vehicle of a citizen suspected of trafficking in scheduled drugs, the administration installed the device and asserted that a warrant was not required. Could it be that they spent all of that time, money, and effort defending the absence of a warrant just so the citizen would fear "unreasonable searches and seizures," the Fourth Amendment notwithstanding.
CISPA is another case where the government seeks to overcome the Constitutional requirement for a warrant. CISPA simply creates a legislative exception to the Constitutional requirement. One would hope that the courts will hold such a law unconstitutional. Indeed, one would hope that a courageous Congress would never pass such a law.
The Rule of Law stands in perpetual peril, here and around the world. While the bullies do, and should, provoke fear, they are also justified and protected by fear. Our fear of retaliation, the judgment of our peers, firing, civil suits, rejection by primary electorates, criminal indictments, terrorists, competition from China, misuse and abuse of personal data, financial fraud, denial of service, and leakage or loss of data are being used by the bullies to justify their power. Little wonder that we feel like mice in a world of giants. While some of the fear is natural and perhaps even justified, the consequences of yielding to it, and acting from it, are to be feared far more.
In my school yard there was a hero who stood up to the bullies. His name was Sammy Ina and I wanted to be just like him, a hero. I stand in awe of the three hundred fireman who died on 9/11 because "it was their job."
As law enforcement and information assurance professionals it is our job to resist the bullies, to insist upon transparency and accountability for ourselves and all others, to act only with warrants based upon probable cause, to protect the citizen, and to go into harms way. It is our job to be, not just professionals and earn the big bucks, but to be heroes.