by Ondrej Krehel
The New York Times ran an interesting story recently on how law enforcement is capitalizing on the Electronic Communications Privacy Act of 1986.
The story stated that in the first half of 2010, Google received more than 4,200 requests from law enforcement agencies for information on customer usage. Facebook said it’s subpoenaed anywhere from 10 to 20 times a day, and, way back in 2007, Verizon said it was receiving more than 90,000 requests every year. We can only assume that number has increased.
The volume of requests shows just how valuable this information really is. Law enforcement mines the data to build cases. Some companies charge money for it. Google even built an interactive map of the number of law enforcement requests from around the globe.
Information is a commodity.
Twitter has also been subpoenaed in the WikiLeaks case. U.S. prosecutors are investigating the accounts of several people connected to the release of American diplomatic cables.
Beyond the legal, privacy and consumer issues raised, this rash of court cases and news stories demonstrates one crucial thing: Wherever we go online, someone or some site is recording our moves. In the old days of computer crime, a hacker or pornographer might have learned about a pending government investigation, and taken—literally—a hammer to his or her hard drive. The evidence was broken to pieces along with the drive. Not anymore.
Your search engine, your social networking sites, your bank and your cell phone are constantly monitoring where you are—or what you’re looking for. We are creating a digital footprint, our parallel digital self. And that information, stored on the business-side servers, is readily available to anyone with subpoena power.
The Internet has become the place where we all meet, where we socialize and do business—a town square, if you will, for all the world to visit. But, as these stories remind us, there are cameras in the trees.
Ondrej Krehel, Chief Information Security Officer, Identity Theft 911
Ondrej has more than a decade of network and computer security experience. His expertise extends to investigations of intellectual property theft, massive deletions, defragmentation, anti-money laundering and computer hacking. He led U.S. computer security projects at Stroz Friedberg and worked in IT security at Loews Corp.