Pierluigi Paganini January 30, 2012

Exercise or not exercise the control, that is the question that divides major governments on the social networks surveillance and social media, at the center of heated debates. Always consider myself an avid supporter of freedom of expression and free access to the network, but what I want to do in this post is to analyze the problem from a different perspective, that of a government that intends to monitor through surveillance mechanisms the social media access. Let’s start first by a unannounced consideration, the fact that social media are a powerful medium that engages large audiences of users reached instantaneously and that today catalyze almost all activities on the Internet, so they are a single point of access, a digital gate, through passes an endless amount of information.

This consideration should already be sufficient to motivate a government to support digital surveillance activities, then the possibility of being able to spy on all of “digital conversations” in a centralizer, an activity that is unthinkable years ago, that is involved today in a growing number of major operations intelligence. Check Social media allows us to study and anticipate operations against the governments themselves, whether carried out by both hostile governments or by groups of hacktivists.
In addition to this consideration must be analyzed a second and equally worrying phenomenon intrinsically linked to the use of social media, the impressive growth of computer crime. The social network platforms are the primary drivers for the realization of any kind of fraud usually perpetrated with distribution of malware capable of stealing sensitive information to unsuspecting users. The threat is subtle and is not limited only to the distribution of viruses and the like but also uses advanced social engineering techniques that make use of these powerful tools.

Malware sample used for this purpose the history is full, the first that comes to mind is Koobface, for example because of the noise obtained in these days.
Prevention of cyber crime and the possibility of intercepted information in time inherent in subversive and terrorist purposes are undoubtedly a strong motivation and final colliding against the desire for freedom of Internet users.

How are working in this delicated field the principal agencies all over the world?
The Federal Bureau of Investigation (FBI) has announced that it’s planning the development of a specific application that can track the public user’s activities on the main social media platforms (e.g. Facebook, Twitter and other social networks) to predict and reacts to criminal operations like public disorder and terrorism.

The application must alert FBI agents if the searches come up with evidence of “breaking events, incidents, and emerging threats”.

FBI has publicly requested information to the cost of a similar application and the feature that could be implemented to help the work of its agents. The idea is to build an open platform the will collect any suspect evidence on social media and it’s able to correlate it with other events apparently unrelated locating them on the spatial and temporal axis of analysis.

Agents would have the ability to display any information on a map, and they could then add other layers of information, including past incidents and locations of important buildings like embassies and military installations. The document notes that agents need to “locate bad actors and analyse their movements, vulnerabilities, limitations, and possible adverse actions”.

The main directive of governments and agencies is to strictly monitor Mobile and social media platforms to dominate cyber threats in incoming year.
The 2012 forecasts predict to see innovative and powerfull attacks with the use of social media platforms and mobile technologies with a consistant increasing of threats for also non Windows based products.

If we consider the potential damage from cyber threats, whatever their origins, it is normal to rely on the control of governments to implement preventive measures to guarantee national security. However, measures of surveillance and control, are accused of meddling and they can undermine the concept of privacy the citizens.
Needless to poke fun at himself, it is impossible to have a free network if we need to ensure the security of users. Internet is evolving and if left unchecked, according to some it may become unusable due to the same threats. The main problem is the transparency of surveillance actions and they do not lead to preventive actions that violate the medieval freedom of thought. The crusades of the SOPA and ACTA are a real threat to freedom of expression, although at least in purpose they have been proposed with noble intentions. As always, the solution will be represented by the compromise between security and freedom of access to information.
The concept of surveillance must be clearly distinguished from that of control, the interaction with social media by governments should be more transparent, the very fact that there is surveillance could be a deterrent to criminal use of social media resource.

The position of the CIA is not far from FBI one, social media are classified as “” open source “and as such can and should be subject to a fine-grained control as a source of inside information. The CIA has an internal structure dedicated to the analysis of the media called “Open Source Center“, Doug Naquin is the its director.
Analysts of the center are responsible for monitoring everything that comes out of a specific country, and they’re also tracking political movements and terrorist groups spending time to look terrorist-related websites and monitoring Twitter feeds and Facebook pages that raise red flags.

We can go on to quote the main agencies and services of the world, so that we can see how crucial it has become the control of social media and how much Governments are investing in this matter. Unfortunately, as repeatedly stressed the unfair use of control systems can result in the process of reprehensible censorship and can not always be helpful to the cause. We move into the minefield of new technologies, and as we refine the technology to control and surveillance on the other hand evolve control techniques to circumvent them. Last year I have defined the term “social network poisoning” on wikipedia to describe the possibility of circumventing the control implemented through social networks, the term was banned from the English wiki but it is still available on the Italian Wikipedia. Obviously I was not the only one to think about the problem.

I leave you with an interesting read “Easier: Encryption-based Access Control in Social Networks with Efficient Revocation”
A promising approach to mitigate the privacy risks in the Online Social Networks (OSNs) shifting from the access control enforcement OSN provider to the user by means-of encryption.

Pierluigi Paganini