Privacy and Surveillance

Although the American government has been spying on its citizens since the time of J. Edgar Hoover — copying telegrams through a secret arrangement with the telegram companies, listening in on phone conversations and even bugging politicians and so-called enemies of the state, including Dr. Martin Luther King Jr, nothing compares with the kind of surveillance happening today.

American citizens are used to being spied on. It’s been happening consistently since the VietNam protests in the 1960s and 70s and perhaps even before. Through a program called COINTELPRO, later named Operation CHAOS, anti-war activists were discredited and neutralized.

Aware of the overreach of the intelligence services, the Foreign Intelligence Surveillance Act (FISA), of 1978, “sought to provide congressional and judicial oversight of foreign intelligence surveillance activities” and established the “procedures for physical and electronic surveillance and collection of foreign intelligence information.” Unfortunately, this oversight failed to properly control the growing surveillance industry.

Although FISA was intended to control surveillance, President Reagan’s Executive Order 12333 of 1981, later amended by President George W. Bush in 2008, quietly expanded the powers of the intelligence community and directed all federal agencies to cooperate with the CIA. The Order’s “priority objective” was the “collection, retention and dissemination” of information obtained through foreign intelligence, to “be pursued in a vigorous, innovative and responsible manner” in ways which may, in effect, have violated several levels of law. The methods used to capture and store data by intelligence officers has been nebulous at best. The focus of the Executive Order 12333 and FISA has been on the accessing of information and its use, not its capture.

After September 11, 2001, the intelligence community’s goal became to gather as much information as possible about “potential” terrorists and criminals — in other words, everyone. The Defense Advanced Research Projects Agency led an effort to create Total Information Awareness (TIA) to capture “information signatures” of people who may be involved in “low-intensity/low-density” forms of warfare and crime. Computer algorithms were developed to detect “potential” activity and to preempt future action.

The ultimate goal was to create a “virtual, centralized, grand database” through the use of “revolutionary technology for ultra-large all-source information repositories.” Financial records, medical records, communication records and travel records all can be fed into this intelligence database. TIA is developing data-mining or knowledge discovery tools to sort through the massive amount of information and to discover patterns and associations.

Edward Snowden’s revolutionary revelations in 2013, about the clandestine ways that the National Security Agency (NSA) tracks information, alerted the public to the growing and present threat. Phones were being tapped, text messages intercepted and citizens’ locations tracked all over the world.

The U.S. government is capable of identifying all IP addresses (whether static or dynamic), and MAC addresses. It can capture and store transactional information (“a kind of metadata”), and often even the content of a communication. Programs are capable of “seeing” emails if they are not encrypted — in a mobile device or desktop computer. Sometimes this may be possible even if the device is encrypted, or even at rest, as long as the device is hooked up to a power source and connected to a network.

The federal government has often worked in concert with the communications industry to bake surveillance, collection and storage into the network, at every layer and in multiple places.

The entire communications infrastructure, from bottom to top, has been exquisitely architected to identify, locate and track users, then capture and store virtually all user-related information while it is in motion (transit) and when it is at rest (stored). Is it possible Big Brother is attempting to take full control over every aspect of human life through monitoring “digital” transactions such as banking and shopping?

It appears that the entire information infrastructure — every part that is used to process, transmit and store any kind of data — has been configured to locate and identify people and control them through harvesting personal facts. Starting with cables and wires, through each of the 7 Open Systems Interconnection (OSI) abstraction layers (or, the 4 TCP/IP model layers) to the applications and devices that users employ — to the Internet and 5G — nothing is private.

Radio frequencies (RF) — the basic frequencies used to support carrier waves — are actually capable of “seeing” people through walls. RF’s can follow people around their homes, through imaging, regardless of whether they have a device on them. The subject does not need to be connected or even have any kind of electronic device. Anyone with the proper equipment (which can be carried or fixed) can use RF to “see” people through walls by observing a living body’s blocking or attenuation of the RF field in all three dimensions.

Each electronic device, or “UE” short for “user equipment,” interacts with a network and the information residing in the device. Each UE has one or more unique identifiers. A cell phone has an IMSI (International Mobile Subscriber Identity). Ethernet, Wi-Fi, Bluetooth and other interfaces like near-field communications (NFC) each have a MAC (Media Access Control) address. Each computer has a device ID, and if there are multiple authenticated users on a single device each will have a username. All of this can be put together and discerned from the outside.

Information gleaned from a device’s interaction with the communications network at each layer can be used to infer many things about what a user is doing and where the user is. The data is captured, stored and used for many purposes — by businesses for marketing, the government for surveillance and others for malicious purposes such as identity theft and blackmail.

Permissions” regarding how someone interacts with the network are all subject to provider control and thus also government control. The provider (on its own or subject to government pressure) can “cancel” someone — effectively rendering them a digital non-person, with the flip of a few switches that are embedded in a network. For example, the 5G standard specifies a “policy control function” and the LTE standard includes a “policy and charging rules function” that specifies what “resources” each user is allowed to access.

A network provider can simply turn someone off through its “policy” engine, or it can limit what someone can do with their service. Even basic wired Internet access has the same “function” capability baked in if the provider has employed “IP Multimedia Subsystems” — a network system that uses Deep Packet Inspection to monitor all header and content information, and it can be programmed to grant or deny resources based on the nature of the desired transaction, the application being used, the source or destination or the content itself.

When digital passports and Central Bank Digital Currencies are rolled out, they will be able to “unperson” someone in the physical world. People may not be able to buy food, fuel or commodities, or to go anywhere or do anything unless they have permission from the network — in other words, from their government and the corporate elites.

Deep Packet Inspection (DPI) is a network-level appliance that captures traffic on network ingress and egress. It examines packet header information and payload (content). It can identify the content and/or application being used, and the network operator can then give handling instructions based on the ascertained content and/or application. The network then invokes IP Multimedia Subsystems (IMS) functions.

IMS can allow the provider to grant access and use permissions, assign prioritization and deliver targeted advertising or messages. The network operator can filter or block “unacceptable” content or uses and allocate or deny resources (e.g., bandwidth priority or communications through other networks) based on these and other provider-selected criteria. It can be used to “flag” certain content for specific treatment — including delivery to long-term storage for later retrieval.

The 5G network standards were assembled so providers could deliver a large menu of advanced features, functions and capabilities, with minimum latency, high-speeds and improved network security. But it also, by necessity, had to intensely track and log each “transaction” because the industry wanted to be able to implement fine-grained per-transaction charging to their users if the market allowed.

Service delivery also entails interconnection, interoperation and traffic exchange with the other service providers so that, for example, an AT&T wireless user can talk to Verizon customers. They could also send and receive Short Message Service (SMS), a system that enables cell phone users to send and receive text messages, and Multimedia Messaging System (MMS), a system that enables cell phones to send and receive picture and sound clips as well as text messages, to/from T-Mobile customers. They could also, of course, use the Internet to communicate with billions of other endpoints. The industry has always maintained various forms of inter-provider compensation arrangements for the necessary network-to-network interconnection and traffic exchange.

Thus, the “5G” network core also has “functions” associated with the ability to ultimately bill users and other providers, and this in turn means there must be robust data-capture capability to feed the billing system. Data capture requires logging each transaction, and some of that can only be accomplished by looking at more than just IP headers. In order to truly engage in fine-grained billing, the network must also be able to “see” (and sometimes even record) some, if not all, of the actual content through deep packet inspection. They have it, so they monetize it by selling to third parties and share or sell it to the government as well.

The government has direct access to each major provider’s 5G cloud resources and physical connections to each major network that can and does make a copy of all information associated with every transaction. The U.S. government has tried to keep knowledge of its access to information secret, but some details are publicly known as a result of whistleblowers or litigation. The government can access your microphone and camera. “Virtual assistants” like Alexa, Google Assistant and Cortana are always awaiting an oral prompt to go into action, and therefore listening in to everything — all the time. Information gathered through virtual assistants is stored, analyzed and used for different purposes, whether it be “service improvement” or monetization through sale to third parties, including the government.

In 5G, the User Plane Function (UPF) maps to the Unified Data Management (UDM) and Policy Control Function (PCF), that can then invoke processes within the Access and Management Function (AMF) and the Authentication Server Function (AUSF). These, in turn, allow, disallow or otherwise control what the user can do, including the network resources that are made available to the user. It also supplements the ability to identify billing events. User activity is logged and stored for later access by the billing system.

Cable companies who authorize communications — whether wireless or wired — can and are — using these tools to track information for their own purposes or for sale to third parties. They share it with the government in multiple ways, usually without a warrant.

Sometimes information is obtained through National Security Letters, administrative subpoenas or the provider may willingly allow the government to tap into their network and collect the information for itself, as AT&T did in a well-known case filed by the Electronic Frontier Foundation. They can directly access a device and read the data at rest. Simply put, everything digital that is connected to any network is subject to appropriation.

Man in the Middle (MITM) attacks are incidents where an infiltrator inserts themselves into a cell phone conversation to either listen in or pose as one of the recipients of communication. Many think they can escape MITM surveillance by using a Virtual Private Network (VPN) — but VPNs do not completely obscure identity, location or use. Network information outside the VPN can still be used to infer what applications are being used inside an encrypted VPN “tunnel” merely by observing data flows. For example, video has a fairly easily discernible data flow.

Technicians or intelligence officers can often tell whether the application is using Transmission Control Protocol (TCP) or something like Real Time Protocol (RTP) at the transport layer, and that may allow inferences, as well. A network can also easily deny permission to set up a VPN session by preventing completion of the “STARTTLS” command that VPN applications use to invoke the “transport layer security” that is necessary for a VPN session to begin. The Internet access provider also has the ability to take down the VPN session and put user information back in the clear until the application initiates a new session.

VPNs are useful because they make MITM observation more difficult, but a VPN only protects information while in transit, and only up to a VPN provider’s ingress/egress router. Unless there is end-to-end encryption in cooperation with the other user or device there may be no protection involved. VPNs don’t protect information when it’s at rest inside a device or residing in a server or device on the other end.

To protect data a user must employ device storage encryption, but that, too, has limits. If an intruder has direct access inside a device — where the information is unencrypted when being used by some client application or the device decryption key is stored and can be discovered — they can see that information, even if the user has employed device storage encryption.

It is now virtually impossible to truly hide the location of user equipment (UE) like a smartphone, tablet or personal computer. Locations can be discerned several ways, including through the wireless network node location and often the UE through Cell Site Location tools available to the provider or the government through devices like cell-site simulators and in what the UE communicates to the network server at higher layers. If someone has an Android handset or tablet, Google can pull their GPS anytime it wants, even if they have denied permissions. If they do not use a VPN their access provider assigned IP number may reveal an indication of location and network provider.

Even with a VPN, personal information like a device ID can be discerned once the communication exits the VPN provider’s egress router. Discovering this information is facile. In any opened email the full header information is readily available as well as the “received” stamps. These identify the sender and each server that was involved from beginning to end, similar to the information that can be gleaned from a Windows DOS “tracer” line command.

In our modern world, anyone who is “connected” to a network can never completely avoid surveillance, tracking and privacy invasions. Even if the user fully dispensed with all their communication network devices, they may still be vulnerable to tech-savvy invaders. Our communications network infrastructure has been set up to obtain a complete surveillance state capable of finding anyone anywhere.

The 4th Amendment’s warrant requirement offers little protection. FISA is inconsequential and merely purports to regulate when surveillance information is accessed by government actors and for what purposes. Its laws do not prevent data collection and they still allow exploitation by private corporations who may benefit from the data breaches.

Privacy is dead, and liberty and autonomy will be soon too unless this runaway surveillance train can be stopped.

Sign up for free news and updates from Children’s Health Defense. CHD focuses on legal strategies to defend the health of our children and obtain justice for those injured. We can't do it without your support