Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Privacy

Petraeus Case Fuels Fresh Debate on Online Privacy

WASHINGTON – The investigation that toppled CIA chief David Petraeus has sparked fresh debate over online privacy and the government’s ability to snoop into private email accounts.

“When the CIA director cannot hide his activities online, what hope is there for the rest of us?” said Chris Soghoian of the American Civil Liberties Union’s Privacy and Technology Project

WASHINGTON – The investigation that toppled CIA chief David Petraeus has sparked fresh debate over online privacy and the government’s ability to snoop into private email accounts.

“When the CIA director cannot hide his activities online, what hope is there for the rest of us?” said Chris Soghoian of the American Civil Liberties Union’s Privacy and Technology Project

“This should also serve as a warning, by demonstrating the extent to which the government can pierce the veil of communications anonymity without ever having to obtain a search warrant or other court order from a neutral judge.”

Petraeus resigned last week when it became clear that his affair with 40-year-old military reservist Paula Broadwell, his biographer, would become public.

FBI agents stumbled on the liaison after a complaint from Jill Kelley — a close friend of both Petraeus and Allen — who told a federal agent that she had received threatening emails, which investigators later traced to Broadwell.

“It is troubling because we don’t know what permissions were granted,” said James Lewis, head of the Technology and Public Policy Program at the Center for Strategic and International Studies.

Lewis said it was unclear if Broadwell was made aware of her rights, before agreeing to allow FBI agents to access her emails.

He said even spy agencies such as the National Security Agency, when hunting for terrorists, must meet “very precise legal conditions” before obtaining email access.

Advertisement. Scroll to continue reading.

“We need to be clear on the rules for looking at emails without a warrant. The basic rule should be no court approval, no investigation,” Lewis said.

It was not immediately clear what methods the FBI used in the probe. Some reports suggest agents may have obtained a court order which allowed access to Broadwell’s Gmail account.

Google said this week in its semiannual Transparency Report that the number of government requests to hand over data from users was on the rise.

In the first half of 2012, Google received 20,938 requests for data from government entities around the world, including 7,969 from the United States. Google complied in 90 percent of those cases.

The mushrooming scandal is expected to give new impetus to proposals in Congress, including a bill from Senator Patrick Leahy, to require a court warrant based on probably cause in order to get email contents from Internet firms.

Republican Senator Charles Grassley said this week that the case should be a reminder that email communications may not be private.

“Anything that I put on my iPhone or Blackberry, I guess I just figure it’s all going public,” Grassley told Radio Iowa.

“I wouldn’t be surprised but what the FBI’s listening in to this phone call. Whether they have a legal right to do it or not, I don’t know. I presume they wouldn’t be doing anything that’s not legal.”

The ACLU’s Soghoian said the Petraeus case underscores the need for stricter legislation.

“It’s a reminder that the legal protections for email fall far short of what they should be,” he said in a blog post.

“We need to modernize our privacy laws — for example by passing the proposal that is now before the Senate Judiciary Committee — and we need protections that cover metadata of the kind that was apparently so central in this scandal.”

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...

Privacy

Many in the United States see TikTok, the highly popular video-sharing app owned by Beijing-based ByteDance, as a threat to national security.The following is...

Privacy

Employees of Chinese tech giant ByteDance improperly accessed data from social media platform TikTok to track journalists in a bid to identify the source...

Application Security

Open banking can be described as a perfect storm for cybersecurity. At one end, small startups with financial acumen but little or no security...

Mobile & Wireless

As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for...

Government

The proposed UK Online Safety Bill is the enactment of two long held government desires: the removal of harmful internet content, and visibility into...

Cloud Security

AWS has announced that server-side encryption (SSE-S3) is now enabled by default for all Simple Storage Service (S3) buckets.