Data and Goliath Quotes

“Innocents and criminals alike use cell phones, e-mail, and Dropbox. It rains on the just and the unjust.”
― Bruce Schneier, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

“How did he know that?” we ask. How did I lose control of who knows about my traumatic childhood, my penchant for tasteless humor, or my vacation to the Dominican Republic? You may know this feeling: you felt it when your mother friended you on Facebook, or on any other social networking site that used to be just you and your friends. Privacy violations are intrusions.”
― Bruce Schneier, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

“Ubiquitous surveillance means that anyone could be convicted of lawbreaking, once the police set their minds to it. It is incredibly dangerous to live in a world where everything you do can be stored and brought forward as evidence against you at some later date. There is significant danger in allowing the police to dig into these large data sets and find “evidence” of wrongdoing, especially in a country like the US with so many vague and punitive laws, which give prosecutors discretion over whom to charge with what, and with overly broad material witness laws. This is especially true given the expansion of the legally loaded terms “terrorism,” to include conventional criminals, and “weapons of mass destruction,” to include almost anything, including a sawed-off shotgun. The US terminology is so broad that someone who donates $10 to Hamas’s humanitarian arm could be considered a terrorist.”
― Bruce Schneier, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

“This is why regulation based on the concept of “personally identifying information” doesn’t work. PII is usually defined as a name, unique account number, and so on, and special rules apply to it. But PII is also about the amount of data; the more information someone has about you, even anonymous information, the easier it is for her to identify you.”
― Bruce Schneier, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

“For if we are observed in all matters, we are constantly under threat of correction, judgment, criticism, even plagiarism of our own uniqueness. We become children, fettered under watchful eyes, constantly fearful that-either now or in the uncertain future-patterns we leave behind will be brought back to implicate us, by whatever authority has now become focused upon our once-private and innocent acts. We lose our individuality, because everything we do is observable and recordable.”
― Bruce Schneier, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

“Governments almost never admit to hacking each other’s computers. Researchers generally infer the country of origin from the target list.”
― Bruce Schneier, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

“Surveillance is the business model of the Internet for two primary reasons: people like free, and people like convenient. The truth is, though, that people aren’t given much of a choice. It’s either surveillance or nothing, and the surveillance is conveniently invisible so you don’t have to think about it. And it’s all possible because US law has failed to keep up with changes in business practices. Before 1993, the Internet was entirely noncommercial, and free became the online norm. When commercial services first hit the Internet, there was a lot of talk about how to charge for them. It quickly became clear that, except for a few isolated circumstances like investment and porn websites, people weren’t willing to pay even a small amount for access. Much like the business model for television, advertising was the only revenue model that made sense, and surveillance has made that advertising more profitable.”
― Bruce Schneier, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

“Free” is a special price, and there has been all sorts of psychological research showing that people don’t act rationally around it. We overestimate the value of free. We consume more of something than we should when it’s free. We pressure others to consume it. Free warps our normal sense of cost vs. benefit, and people end up trading their personal data for less than its worth.”
― Bruce Schneier, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

“Keeping the fear stoked is big business. Those in the intelligence community know it’s the basis of their influence and power. And government contractors know it’s where the money for their contracts comes from. Writer”
― Bruce Schneier, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

“It's not just politicians to blame for this. The media are culpable, too. By fixating on rare and spectacular events, they condition us to behave as if terrorism were much more common than it is and to fear it far out of proportion to its actual incidence. And we are also at fault, if we buy the propaganda the media are selling.”
― Bruce Schneier, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

“Writer and internet activist Clay Shirky has noted that "institutions will try to preserve the problem to which they are the solution." Fear is the problem.

It's a fear that's stoked by the day's news. As soon as there's a horrific crime or a terrorist attack that supposedly could have been prevented if only the FBI or DHS had had access to some data stored by Facebook or encrypted in an iPhone, people will demand to know why the FBI or DHS didn't have access to that data-why they were prevent from "connecting the dots." And then the laws will change to give them even more authority. Jack Goldsmith again: "The government will increase its powers to meet the national security threat fully (because the People demand it)."

We need a better way to handle our emotional responses to terrorism than by giving our government carte blanche to violate our freedoms, in some desperate attempt to feel safe again. If we don't find one, then, as they say, the terrorists will truly have won. One goal of government is to provide security for its people, but in democracies, we need to take risks. A society that refuses risk-in crime, terrorism, or elsewhere-is by definition a police state. And a police state brings with it its own dangers.”
― Bruce Schneier, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

“Most people don't seem to care whether their intimate details are collected and used by corporations; they think that surveillance by governments they trust is a necessary prerequisite to keeping them safe. Most people are still overly scared of terrorism. They don't understand the extent of the surveillance capabilities available to both governments and private parties. They underestimate the amount of surveillance that's going on and don't realize that mass government surveillance doesn't do much to keep us safe. Most people are happy to exchange sensitive personal information for free e-mail, web search, or a platform on which to chat with their friends.”
― Bruce Schneier, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

“There is strength in numbers, and if the public outcry grows, governments and corporations will be forced to respond. We are trying to prevent an authoritarian government like the one portrayed in Orwell's Nineteen Eighty-Four, and a corporate-ruled state like the ones portrayed in countless dystopian cyberpunk science fiction novels. We are nowhere near either of those endpoints, but the train is moving in both those directions, and we need to apply the brakes.”
― Bruce Schneier, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

“Verizon, for example, reports that it received 320,000 "law enforcement demands" for data in 2013. We know that every three months Verizon is served with a single National Security Letter that requires it to turn over the metadata of all 290 million of its customers, so what does that 320,000.”
― Bruce Schneier, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

“For starters, websites should be required to disclose what third parties are tracking their visitors, and smartphone apps should disclose what information they are recording about their users. There are too many places where surveillance is hidden; we need to make it salient as well.”
― Bruce Schneier, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

“PROTECT WHISTLEBLOWERS

Columbia law professor David Pozen contends that democracies need to be leaky-leaks and whistleblowing are themselves security mechanisms against an overreaching government. In his view, leaks serve as a counterpoint to the trend of overclassification and, ultimately as a way for governments to win back the trust lost through excessive secrecy.

Ethnographer danah boyd has called whistleblowing the civil disobedience of the information age; it enables individuals to fight back against abuse by the powerful. The NGO Human Rights Watch wrote that "those who disclose official wrongdoing...perform an important service in a democratic society...."

In this way of thinking, whistleblowers provide another oversight mechanism. You can think of them as a random surprise inspection. Just as we have laws to protect corporate whistleblowers, we need laws to protect government whistleblowers. Once they are in place, we could create a framework and rules for whistleblowing legally.”
― Bruce Schneier, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

“In the 1970s, the Church Committee investigated intelligence gathering by the NSA, CIA, and FBI. It was able to reform these agencies only after extensive research and discovery. We need a similar committee now. We need to convince President Obama to adopt the recommendations of his own NSA review group. And we need to give the Privacy and Civil Liberties Oversight Board real investigative powers.”
― Bruce Schneier, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

“More members of Congress must commit to meaningful NSA reform. We need comprehensive strategic oversight by independent government agencies, based on full transparency. We need meaningful rules for minimizing data gathered and stored about Americans, rules that require NSA to delete data to which it should not have access.”
― Bruce Schneier, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

“Again, there's nothing in Section 702 that authorizes mass surveillance. The NSA justifies the use by abusing the word "incidental." Everything is intercepted, both metadata and content, and automatically searched for items of interest. The NSA claims that only the things it wants to save count as searching. Everything else is incidental, and as long as its intended "target" is outside the US, it's all okay. A useful analogy would be allowing police officers to search every house in the city without any probable cause or warrant, looking for a guy who normally lives in Bulgaria. They would save evidence of any crimes they happened to find, and then argue that none of the other searches counted because they hadn't found anything, and what they found was admissable as evidence because it was "incidental" to the search for the Bulgarian. The Fourth Amendment specifically prohibits that sort of search as unreasonable, and for good reason.”
― Bruce Schneier, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

“Even Congressman Jim Sensenbrenner, the person who wrote the USA PATRIOT Act, was surprised when he learned that the NSA used it as a legal justification for collecting mass-surveillance data on Americans. "It's like scooping up the entire ocean to guarantee you catch a fish," he said.”
― Bruce Schneier, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

“Executive order 12333, the 1981 presidential document authorizing most of NSA's surveillance, is incredibly permissive. It is supposed to primarily allow the NSA to conduct surveillance outside the US, but it gives the agency broad authority to collect data on Americans. It provides minimal protections for Americans' data collected outside the US, and even less for the hundreds of millions of innocent non-Americans whose data is incidentally collected. Because this is a presidential directive and not a law, courts have no jurisdiction, and congressional oversight is minimal. Additionally, at least in 2007, the president believed he could modify or ignore it at will and in secret. As a result, we know very little about how Executive Order 12333 is being interpreted inside the NSA.”
― Bruce Schneier, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

“Because we all use the same products, technologies, protocols, and standards, we either make it easier for everyone to spy on everyone, or harder for anyone to spy on anyone.”
― Bruce Schneier, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

“In order for most societies to function, people must give others power over themselves. Ceding power is an inherently risky thing to do, and over the millenia we have developed a framework for protecting ourselves even as we do this: transparency, oversight, and accountability. If we know how people are using the power we give them, if we can assure ourselves that they're not abusing it, and if we can punish them if they do, then we can more safely entrust them with power. This is the fundamental social contract of a democracy.”
― Bruce Schneier, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

“Mass surveillance and data mining are much more suitable for tasks of population discrimination: finding people with certain political beliefs, people who are friends with certain individuals, people who are members of secret societies, and people who attend certain meetings and rallies. Those are all individuals of interest to a government intent on social control like China. The reason data mining works to find them is that, like credit card fraudsters, political dissidents are likely to share a well-defined profile. Additionally, under authoritarian rule the inevitable false alarms are less of a problem; charging innocent people with sedition instills fear in the populace.”
― Bruce Schneier, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

“Our privacy is under assault from constant surveillance. Understanding how this occurs is critical to understanding what's at stake.”
― Bruce Schneier, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

“Violations of privacy are not all equal. Context matters. There's a difference between a Transportation Security Administration (TSA) officer finding porn in your suitcase and your spouse finding it. There's a difference between the police learning about your drug use and your friends learning about it. And violations of privacy aren't all equally damaging. Those of us in marginal socioeconomic situations-and marginalized racial, political, ethnic, and religious groups-are affected more. Those of us in powerful positions who are subject to people's continued approval are affected more. The lives of some of us depend on privacy.”
― Bruce Schneier, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

“Psychologists, sociologists, philosophers, novelists, and technologists have all written about the effects of constant surveillance. Studies show that we are less healthy, both physically and emotionally. We have feelings of low self-esteem, depression, and anxiety. Surveillance strips us of our dignity. It threatens our very selves as individuals. It's a dehumanizing tactic employed in prisons and detention camps around the world.”
― Bruce Schneier, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

“There's a strong physiological basis for privacy. Biologist Peter Watts makes the point that a desire for privacy is innate: mammals in particular don't respond well to surveillance. We consider it a physical threat, because animals in the natural world are surveilled by predators. Surveillance makes us feel like prey, just as it makes the surveillors act like predators.”
― Bruce Schneier, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

“Privacy is an inherent human right, and a requirement for maintaining the human condition with dignity and respect. It is about choice, and having the power to control how you present yourself to the world.”
― Bruce Schneier, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World