1nc – cloud computing - Millennial Speech & Debate
advertisement
1nc – cloud computing NSA surveillance doesn’t undermine cloud computing Henderson, 4/9/15 (Nicole, “Impact of NSA Surveillance on US Cloud Providers Not as Bad as We Thought: Forrester” 4/9, http://www.thewhir.com/web-hosting-news/impact-nsasurveillance-us-cloud-providers-not-bad-thought-forrester It’s been two years since Edward Snowden leaked details of the NSA’s PRISM surveillance program, and although analysts predicted an exodus from US-based cloud and hosting services in response to the revelations, it hasn’t exactly worked out that way, a new report finds. Forrester released a new report last week that suggests concerns around international customers severing ties with US-based hosting and cloud companies “were overblown.” “Lost revenue from spending on cloud services and platforms comes to just over $500 million between 2014 and 2016. While significant, these impacts are far less than speculated, as more companies reported taking control of security and encryption instead of walking away from US providers,” Forrester’s principal analyst serving security and risk professionals Edward Ferrara said in a blog post. Snowden recently told a crowd of cloud and hosting providers that use of encryption is growing, and encrypted traffic has doubled since 2013. In 2013, Forrester predicted that US cloud providers cloud lose up to $180 billion in business by 2016 due to concerns around the scope of NSA’s PRISM program. According to NextGov, Forrester finds that 26 percent of enterprises based in Asia Pacific, Canada, Europe and Latin America have stopped or reduced their spending with US-based firms for Internet-based services. Thirty-four percent said these concerns were related to fears of US surveillance, while others said they want to support businesses in their own country, or data sovereignty rules prevent them from storing data abroad. Forrester surveyed more than 3,000 businesses between June and July 2014. More than half of respondents said that they did not trust US-based outsourcers to handle sensitive information, with only 8 percent reporting to trust their company’s intellectual property with a US-based outsourced company. Ninety-percent of decision-makers have taken steps to encrypt their data, according to the report. Cloud computing not feasible – security hurdles Xiao and Chen 15 – *professor at the Department of Software Engineering at Hainan Software Profession Institute AND **Assistant Professor in Operations Management at New York University, PhD (Ziqian and Jingyou, Cloud Computing Security Issues and Countermeasures, Proceedings of the 4th International Conference on Computer Engineering and Networks p. 731-737, 2015, http://link.springer.com/chapter/10.1007/978-3-319-11104-9_85)//JJ Cloud Computing Security Challenges New Risks Brought by Virtual Technologies Virtualization brings new risks mainly in the virtual machine being abused , the virtual machine escape , and multi-tenant isolation between the failures of security policy migration of virtual machines. Shared Data Security Environment Under the cloud service model, users are very worried about whether the data stored in the service provider will be compromised , tampered , or lost . Man-made threats facing the user data mainly come from service providers , hackers , malicious neighboring tenants , and subsequent tenants. Cloud Platform Application Security There are some application security problems existing in Cloud Computing Services, no matter Saas, Paas or Iaas, mainly including three categories. The first one is the malicious program review . The second one is the application interface security . The third one is code and test safety . Authentication and Access Control in the Cloud Service Model Under the cloud service model, user authentication and access control face new challenges, for example, the authentication and authorization of massive users, the rational division of access rights, and the management of accounts, passwords, and keys. In dealing with massive users’ changeable business and their identification, the cloud service providers need to fully automate users’ authentication and access management. Cloud computing improvements now – new tech and legal measures Rubinstein and Hoboken 14 – *Senior Fellow at the Information Law Institute (ILI) and NYU School of Law, AND **Microsoft Research Fellow in the Information Law Institute at New York University, PhD from the University of Amsterdam (Ira and Joris Van, PRIVACY AND SECURITY IN THE CLOUD: SOME REALISM ABOUT TECHNICAL SOLUTIONS TO TRANSNATIONAL SURVEILLANCE IN THE POST- SNOWDEN ERA, 66 Maine L. Rev. 488, September 2014, http://ssrn.com/abstract=2443604)//JJ High-security demanding customers such as government agencies and corporate and organizational users with particularly strict demands for information security are likely to drive these market responses.214 Customers will insist upon better guarantees of security and confidentiality and may refuse to do business with popular, U.S.-based cloud services subject to far-reaching government surveillance powers. Indeed, they may be barred from doing so under new proposals in Europe and elsewhere requiring their citizens to rely on local cloud services.215 In the market for individual users of cloud resources, there may generally be an increasing demand for better security and privacy safeguards as a result of the widely discussed examples of mass surveillance of online interactions and communication. In addition, law and regulation may increasingly require that certain types of disproportionate lawful access to cloud data be excluded if cloud providers want unrestricted access to the market. Are these measures likely to be effective against intelligence agencies with the skills and resources of NSA or GCHQ? The answer depends on a variety of factors, which will be discussed further in this Section. One thing is clear: the range of technical solutions described in Part III is not binary, and recent announcements of ‘NSA-proof’ services seem highly oversimplified. A better way of framing this topic is to ask a series of more nuanced questions as follows: First, can technological and organizational design of services help to protect against backdoor access of data in the cloud? Second, and related, can the cloud industry help to prevent bulk and dragnet access to the data of their customers? Third, to what extent can the technical and organizational design of cloud services help to shape lawful access dynamics, such as where and how lawful access takes place (i.e., which entity and in which geographical location)? And, finally, to what extent can government agencies armed with surveillance orders counter the design choices of industry players when new technologies undermine lawful access to data in the cloud the government is seeking? Based on the analysis outlined herein, the first question should be answered positively. As cloud services roll out new security and encryption measures with the goal of preventing bulk data collection by surreptitious means, this will undoubtedly interfere with large scale intelligence gathering, such as the interception of client-server and server-server data streams . Firms like Google, Microsoft, Yahoo, and Facebook have already begun to implement wellestablished techniques such as TLS/SSL and perfect forward secrecy, just as various security organizations have begun to review how they develop cryptographic standards.216 At the end of the day, the protection against backdoor access is also a matter of resources, however. Certain technological solutions may prevent effective bulk collection through specific intelligence programs, but intelligence agencies could in turn deploy targeted intelligence operations to undo some of these protections implemented by cloud services. The second question, which concerns the possibility of cloud firms preventing dragnet surveillance, cannot generally be answered affirmatively. Technological design may have some impact on front-door collection but where surveillance regimes like Section 702 of the FAA authorize large scale transnational surveillance directed at cloud services, industry has limited options. It may oppose orders in court, or it may take a public stance to the effect that certain types of lawful access should not be legally permissible under current statutes and strive for legal reforms that would enhance the privacy interests of cloud customers.218 The third question must be answered positively also, at least in theory. Technological and organizational design of services can help to shape lawful access dynamics and could be used precisely to do so. While few cloud services have actively implemented privacy-preserving encryption protocols, there is reason to believe that this is changing . As discussed in the previous section, both the cloud industry and the Internet security engineering community have taken the first steps towards implementing technical and organizational measures to shape the lawful access dynamics induced by the use of their services and further innovations may be anticipated. The extent to which local jurisdictions may force multinational cloud service providers to comply with domestic laws notwithstanding these new security measures remains a particularly hotly debated issue. 2nc – surveillance not hurt cloud No significant impact on cloud computing Weise, 4/7/15 (Elizabeth, “PRISM revelations didn't hit U.S. cloud computing as hard as expected” 4/7, http://americasmarkets.usatoday.com/2015/04/07/prism-revelations-didnt-hitu-s-cloud-computing-as-hard-as-expected/ When Edward Snowden revealed the extent of the U.S. National Security Agency’s PRISM spying program, there were concerns that American cloud, hosting and outsourcing businesses would lose customers running to non-U.S.-based companies safe from NSA’s prying eyes. “The assertion was that this would be a death blow to U.S. firms trying to operating in Europe and Asia,” said Forrester Research analyst Ed Ferrara. But two recent reports from Forrester find it was less catastrophic than expected. That’s good news for companies like Box (BOX), DropBox and others that make their money by selling U.S.-based data storage. Forrester had originally predicted U.S. companies could lose as much as $180 billion in sales. Instead, just 29% of technology decision-makers in Asia, Canada, Europe and Latin America halted or reduced spending with U.S.-based firms offering Internet-based services due to the PRISM scandal, Forrester’s Business Technographics Global Infrastructure Survey for 2014 found “It’s a relatively small amount of data,” Ferrara said. That’s because most of the companies didn’t need to move all their data, much of which was stored in-house. Instead, only 33% of the data held by that 29% of companies was at a thirdparty data center or in a cloud system. Forrester believes the overall loss to U.S. cloud providers for 2015 will be about $15 billion and in 2016, $12 billion, a far cry from projections that were ten times that a year ago. Forrester also found that companies are looking at other ways to protect the integrity of their data, not just from the NSA but also from surveillance by other nations. Chief among them was encryption. Eighty-four percent of the companies said they’re using various encryption methods to protect sensitive material. The survey’s definition of cloud providers is broad, and includes both platform as a service, infrastructure as a service and software as a service companies, said Ferrara. 2nc - cloud not feasible Tons of alt. causes to cloud computing – Castro and McQuinn 15 – * Vice President of the Information Technology and Innovation Foundation and Director of the Center for Data Innovation, B.S. in Foreign Service from Georgetown University and an M.S. in Information Security Technology and Management from Carnegie Mellon University, AND ** Research Assistant with the Information Technology and Innovation Foundation, B.S. in Public Relations and Political Communications from the University of Texas (Daniel and Alan, Beyond the USA Freedom Act: How U.S. Surveillance Still Subverts U.S. Competitiveness, Information Technology and Innovation Foundation, June 2015, http://www2.itif.org/2015-beyond-usa-freedomact.pdf?_ga=1.33178294.940386433.1435342104)//JJ In the short term, U.S. companies lose out on contracts, and over the long term, other countries create protectionist policies that lock U.S. businesses out of foreign markets. This not only hurt s U.S. technology companies, but costs American jobs and weakens the U.S. trade balance. To reverse this trend, ITIF surveillance activities both at home an security by opposing any government efforts to introduce backdoors in software or Strengthen U.S. mutual legal assistance treaties Work to establish international legal standards for gover Complete trade agreements like the Trans Pacific Partnership that ban digital protectionism, and pressure nations that seek to erect protectionist barriers to abandon those efforts . Cloud computing not feasible – security hurdles Xiao and Chen 15 – *professor at the Department of Software Engineering at Hainan Software Profession Institute AND **Assistant Professor in Operations Management at New York University, PhD (Ziqian and Jingyou, Cloud Computing Security Issues and Countermeasures, Proceedings of the 4th International Conference on Computer Engineering and Networks p. 731-737, 2015, http://link.springer.com/chapter/10.1007/978-3-319-11104-9_85)//JJ Cloud Computing Security Challenges New Risks Brought by Virtual Technologies Virtualization brings new risks mainly in the virtual machine being abused , the virtual machine escape , and multi-tenant isolation between the failures of security policy migration of virtual machines. Shared Data Security Environment Under the cloud service model, users are very worried about whether the data stored in the service provider will be compromised , tampered , or lost . Man-made threats facing the user data mainly come from service providers , hackers , malicious neighboring tenants , and subsequent tenants. Cloud Platform Application Security There are some application security problems existing in Cloud Computing Services, no matter Saas, Paas or Iaas, mainly including three categories. The first one is the malicious program review . The second one is the application interface security . The third one is code and test safety . Authentication and Access Control in the Cloud Service Model Under the cloud service model, user authentication and access control face new challenges, for example, the authentication and authorization of massive users, the rational division of access rights, and the management of accounts, passwords, and keys. In dealing with massive users’ changeable business and their identification, the cloud service providers need to fully automate users’ authentication and access management. 2nc – Squo solves New protection standards and tech solve Rubinstein and Hoboken 14 – *Senior Fellow at the Information Law Institute (ILI) and NYU School of Law, AND **Microsoft Research Fellow in the Information Law Institute at New York University, PhD from the University of Amsterdam (Ira and Joris Van, PRIVACY AND SECURITY IN THE CLOUD: SOME REALISM ABOUT TECHNICAL SOLUTIONS TO TRANSNATIONAL SURVEILLANCE IN THE POST- SNOWDEN ERA, 66 Maine L. Rev. 488, September 2014, http://ssrn.com/abstract=2443604)//JJ V. CONCLUSION This Article describes and places in a legal perspective the cloud industry’s technological responses to the revelations about ongoing transnational surveillance. By focusing on industry responses and exploring the ways in which the technological design of cloud services could further address surveillance concerns, we provide insights into the prospects of these services shaping lawful government access to the cloud. This intersection of service design, on the one hand, and government demands for access to data, on the other hand, signals a dynamic new chapter in the ongoing debate between industry and governments about the possibility and conditions of secure and privacy-friendly information and communications technologies (ICTs) for global markets. In particular, we have shown that it is helpful to distinguish between front-door and backdoor access to data in the cloud. Our analysis of industry responses has shown the cloud industry is moving quickly to address interception of their customers’ data without their knowledge or involvement by adopting technological solutions that limit lawful access (as far as possible) to legal processes directed at the cloud service itself and/or its customers. Many of these measures could have been implemented much earlier on. They are now becoming industry norms . Industry standards like SSL/TLS and HTTPS, together with a new generation of PETs offering “end-to-end” protection, can be effective tools in preventing bulk acquisition through the targeting of the worldwide communications infrastructure. In short, technologies can help the industry shape lawful access even though they do not change the legal framework, nor do they overcome the lack of progress in reforming existing legal authorities ( such as Section 702 of the FAA ) to confine lawful access to the front-door of service providers. We expect that this lack of progress—with respect to transnational legal guarantees of privacy and information security, not only in the U.S. but also elsewhere—will be a strong driver for the wider adoption of more robust and comprehensive privacy technologies in the cloud service context. And we argue that under current conditions, the U.S. cloud industry will increasingly rely on technologies to ‘regulate’ government data access in an effort to enhance the privacy and information security protections of their foreign customers. This raises the pertinent question of how the U.S. government may respond to increased resilience of cloud services against lawful surveillance. While FISA and ECPA allow government agencies to obtain orders that ensure the cooperation of providers notwithstanding strong technological protections, existing law does not allow for unlimited bargaining room. Most of the services in question are not subject to CALEA obligations and an extension of CALEA seems neither warranted nor politically feasible under present conditions. Moreover, most of these services have responded to the Snowden revelations by implementing stronger privacy protections (and even some advanced cryptographic protocols). No doubt they await the outcome of the ongoing litigation in the Lavabit case, which may clarify the government’s power to compel a service to break its security model in response to a valid surveillance order. However, the Lavabit case does not yet present a scenario in which a service’s use of advanced cryptography makes it impossible to comply with a surveillance order by furnishing unencrypted data. 2014] PRIVACY AND SECURITY IN THE CLOUD 533 A U.S. government win in the Lavabit case may therefore be little more than a pyrrhic victory, for it could simply further incentivize industry to adopt even stronger technological solutions against surveillance, including both actively implemented and client-side encryption protocols preserving privacy in the cloud . Encryption solves – major companies prove Rubinstein and Hoboken 14 – *Senior Fellow at the Information Law Institute (ILI) and NYU School of Law, AND **Microsoft Research Fellow in the Information Law Institute at New York University, PhD from the University of Amsterdam (Ira and Joris Van, PRIVACY AND SECURITY IN THE CLOUD: SOME REALISM ABOUT TECHNICAL SOLUTIONS TO TRANSNATIONAL SURVEILLANCE IN THE POST- SNOWDEN ERA, 66 Maine L. Rev. 488, September 2014, http://ssrn.com/abstract=2443604)//JJ It is hardly surprising, then, that cloud firms like Microsoft have started taking steps to ensure that governments use legal process rather than “technological brute force to access customer data.” engineering effort to strengthen the encryption of customer data across [its] networks and services.”159 This matches similar activity of Google, which had started to encrypt data more comprehensively even before the specific revelations about the MUSCULAR program.160 As a Google security engineer explained shortly after these revelations, “the traffic shown in the [MUSCULAR] slides below is now all encrypted and the work the NSA/GCHQ (U.K. Government Communications Headquarters) staff did on understanding it, ruined .”161 Finally, Yahoo has announced it will “[e]ncrypt all information that moves between [its] data centers by the end of Q1 2014.” The encryption measures discussed above could help the cloud industry to counteract programs like MUSCULAR and UPSTREAM, which rely on the bulk collection of data by targeting communication links and the telecommunications infrastructure. Of course, this assumes that the NSA does not seek to undermine these protections by relying on security weaknesses in the implementation or use of SSL or the underlying encryption 158 Microsoft recently announced “a comprehensive algorithms. 2nc – at: https encryption HTTPS encryption protocols fail – Rubinstein and Hoboken 14 – *Senior Fellow at the Information Law Institute (ILI) and NYU School of Law, AND **Microsoft Research Fellow in the Information Law Institute at New York University, PhD from the University of Amsterdam (Ira and Joris Van, PRIVACY AND SECURITY IN THE CLOUD: SOME REALISM ABOUT TECHNICAL SOLUTIONS TO TRANSNATIONAL SURVEILLANCE IN THE POST- SNOWDEN ERA, 66 Maine L. Rev. 488, September 2014, http://ssrn.com/abstract=2443604)//JJ In terms of securing web-based communications, however, the HTTPS system is no panacea against government surveillance. First, the protocol must be properly implemented .147 Second, there are known attacks on the use of encrypted web communications through SSL.148 Third, intelligence agencies may work around the protections and attempt to secretly install software on the computers of targeted users, thereby allowing them to capture their communications before they are transmitted across an encrypted connection.149 Finally, and most importantly, HTTPS is not designed to protect data at rest . Even if a cloud provider properly implements this protocol, this does nothing to prevent a government agency from obtaining the data it seeks by means of a compulsory order requiring the service provider to furnish this data. Indeed, as Professor Peter Swire argues, the trend towards encrypting data in transit between users and cloud services may well result in governments shifting their attention from attacking the communication infrastructure to demanding that cloud service providers hand over stored data after it has been securely transmitted.150 The Snowden revelations already provide some evidence of this shift and the measures detailed in this Section could accelerate this trend. To counter this trend, governments confronted with encrypted communication channels could try to compel cloud providers to hand over their encryption keys, enabling the continued effective interception over telecommunications infrastructure (an option discussed further in Part IV). 2nc – at: pets PETs fail – not technologically or economically feasible Rubinstein and Hoboken 14 – *Senior Fellow at the Information Law Institute (ILI) and NYU School of Law, AND **Microsoft Research Fellow in the Information Law Institute at New York University, PhD from the University of Amsterdam (Ira and Joris Van, PRIVACY AND SECURITY IN THE CLOUD: SOME REALISM ABOUT TECHNICAL SOLUTIONS TO TRANSNATIONAL SURVEILLANCE IN THE POST- SNOWDEN ERA, 66 Maine L. Rev. 488, September 2014, http://ssrn.com/abstract=2443604)//JJ It is important to emphasize that adoption of the solutions discussed remains low even though some of them are ready for use. There are a number of reasons for this. First, some of these solutions, such as FHE, are at the very early stages of development.188 If service provision is limited to the mere storage of data in the cloud, it may be technically feasible for the service provider to anticipate and organize for encryption under the control of cloud users. However, if the cloud provider also has to perform processing operations on the encrypted data stored by its customers, the implementation of privacypreserving PETs in the cloud context is far more challenging and may even be impossible for complex operations. 189 Second, many cloud providers lack the incentive to adopt and further develop PETs based on advanced cryptographic solutions that would prevent them from having access to user data. The reasons are obvious: many business models in the cloud industry depend on generating revenue based on access to customers’ data (e.g., profiling users for purposes of serving them targeted ads).190 Thus, for many cloud service providers, the costs of implementing these PETs (loss of profits) outweigh the potential benefits (improved security and privacy guarantees for their customers).191 Arguably, the new emphasis on security and privacy in the cloud in response to the Snowden revelations might incentivize industry to consider developing and adopting similar measures. Notwithstanding the current lack of adoption, the point this Article seeks to emphasize is that if service providers were to deploy such measures, it would interfere with lawful access requests to cloud providers in some obvious ways. For example, a provider might simply be unable to share unencrypted customer data with law enforcement or intelligence agencies notwithstanding a lawful request for such access.192 Too many hurdles to client-side PETs – their ev. is theoretical Rubinstein and Hoboken 14 – *Senior Fellow at the Information Law Institute (ILI) and NYU School of Law, AND **Microsoft Research Fellow in the Information Law Institute at New York University, PhD from the University of Amsterdam (Ira and Joris Van, PRIVACY AND SECURITY IN THE CLOUD: SOME REALISM ABOUT TECHNICAL SOLUTIONS TO TRANSNATIONAL SURVEILLANCE IN THE POST- SNOWDEN ERA, 66 Maine L. Rev. 488, September 2014, http://ssrn.com/abstract=2443604)//JJ What happens if the government serves a lawful request for the content of communications on a service provider whose customers utilize a client-side PET for encrypted email or chat? At best, the service providers may hand over encrypted data but these PETs prevent it from furnishing unencrypted data. On the other hand, the provider may fully comply with requests for traffic data unless the user combines a client-side PET with a collaborative PET like Tor.197 Cloud providers’ attitudes to these client-side PETs are likely to remain ambivalent. On the one hand, they may decide to block their use because they interfere with their business model and desired uses of the service ;198 on the other hand, they may embrace PETs as proof of their good faith efforts to ensure customer privacy in the cloud. By pointing out the possibility to adopt end-to-end encryption solutions, companies could reassure users who are rightly worried about the surveillance of their communications.199 Although the availability of encryption solutions may seem attractive for users, they come with some well-documented downsides in terms of usability .200 As a result, only dedicated or expert users tend to take advantage of them. In fact this is another oft-cited reason for industry to shy away from promoting client-side encryption solutions. In addition, the client-side approach to security tends to rely on the free or open source software model, in which developers release their source code, thereby allowing the security community to review the code and determine that the software is indeed secure. From an ordinary user’s perspective, this substitutes trust in a group of security experts in lieu of trusting the third-party services. Finally, it is true that the implementation of end-to-end encryption may help to protect against third party access to raw data through the service provider. From the perspective of managing information security more generally, however, many organizations and individuals may prefer trusting a dedicated service provider over having to rely on their own expertise. Of course, the Snowden revelations may boost the adoption of end-to-end encryption as a way of limiting the widely publicized systematic monitoring of global Internet communications. Certainly, the NSA’s targeting of major cloud service providers through programs like PRISM has spiked interest in end-to-end encryption solutions, at least according to all the hoopla in the popular press .201 For the moment, however, there seems to be only a small niche market for services that cater to the demand for properly implemented end-to-end security, as evidenced by services such as Lavabit,202 Hushmail,203 Silent Circle,204 and Heml.is.205 2nc – at: hushmail/lavabit Our ev accounts for Hushmail and Lavabit – s-quo progression of corporate encryption solves Rubinstein and Hoboken 14 – *Senior Fellow at the Information Law Institute (ILI) and NYU School of Law, AND **Microsoft Research Fellow in the Information Law Institute at New York University, PhD from the University of Amsterdam (Ira and Joris Van, PRIVACY AND SECURITY IN THE CLOUD: SOME REALISM ABOUT TECHNICAL SOLUTIONS TO TRANSNATIONAL SURVEILLANCE IN THE POST- SNOWDEN ERA, 66 Maine L. Rev. 488, September 2014, http://ssrn.com/abstract=2443604)//JJ This may (or may not) be an accurate description of what happened in the Hushmail case.273 Hushmail secure email service offers its customers two options: a high-security option, which requires that users install and run a Javabased encryption applet and encrypts and decrypts email only on the customer’s computer; and a low-security (non-Java) option, which is more convenient but less secure because it handles encryption and decryption on Hushmail’s web server.274 As a result, Hushmail retains the ability to decrypt user’s emails when they select the low-security option (via an “insider attack” like that against Lavabit) but no ability to do so when the customer selects the high-security option.275 Of course, Hushmail’s design does not prevent the company from modifying the Java applet so that it captures the user’s passphrase and sends it to Hushmail, thereby enabling the company to decrypt the email and share it with a third-party including the government. But it seems unlikely that the company would destroy its own business by subverting its software in this way and subject itself to a likely deceptive practice enforcement action under Section 5 of the FTC Act.276 Unlike Lavabit, none of the sealed documents in the Hushmail case have been leaked, so less information is available. Also, it is not clear whether the 2007 court order pertained to a high-security or a low-security user; or if Hushmail modified its Java encryption engine; or if, in the interests of full disclosure, it merely pointed out the possibility of doing so.277 In short, the Hushmail case exemplifies the dilemmas that the government may begin to face if service providers take the next logical step of adding government agencies to their threat models and designing systems that protect against valid court orders. And while the government has prevailed in its efforts to force niche players like Lavabit and Hushmail to capitulate, it may face a much greater challenge if major Internet firms like Microsoft, Google, and Facebook go down this path in response to the Snowden revelations. AT: Space debris impact Status quo solves space debris- NASA and NOAA prove Haar and Leslie 14, Audrey Haar works at NASA's Goddard Space Flight Center and John Lesilie works at the NOAA Office of Communications and External Affairs, (10/22/14, NASANOAA Suomi NPP Satellite Team Ward Off Recent Space Debris Threat, https://www.nasa.gov/content/goddard/nasa-noaa-suomi-npp-satellite-team-ward-off-recentspace-debris-threat)//AK While space debris was the uncontrolled adversary in the award-winning space thriller film "Gravity," space debris, also known as "space junk," is an ongoing real-life concern for teams managing satellites orbiting Earth, including NOAA-NASA's Suomi National Polar-orbiting Partnership, or Suomi NPP, satellite. It is not unusual for satellites that have the capability of maneuvering to be repositioned to avoid debris or to maintain the proper orbit. On an otherwise quiet Sunday on September 28, the Suomi NPP mission team was monitoring a possible close approach of a debris object. By early evening, the risk was assessed to be high enough to start planning a spacecraft maneuver to put the satellite into a safer zone, out of the path of the object classified in a size range of 4 inches up to 3.3 feet. It was determined that the object (travelling at almost 17,000 mph) was approaching at a nearly "head on" angle, and could potentially only miss the Suomi NPP satellite by approximately 300 feet on Tuesday, September 30, if no action was taken. With that knowledge, the decision was made at 1:30 p.m. on Monday, September 29, for NOAA's Satellite Operations Facility, or NSOF, in Suitland, Maryland, to reposition Suomi NPP. Operational control as well as planning and execution of all Suomi NPP maneuvers take place at NSOF. "Because Suomi NPP moves at a similar speed as the debris object, if there had been an impact, it would have occurred at a combined speed of nearly 35,000 mph. This would have been catastrophic not only to the satellite, but would result in thousands of pieces of new debris," said Harry Solomon, Mission Manager for Suomi NPP at NASA's Goddard Space Flight Center. Space around Earth is littered with numerous man-made objects that could potentially collide with operating spacecraft and each other (creating more debris). There are more than 20,000 objects being monitored by the U.S. Department of Defense for satellite managers around the world. Only about 1,000 of those 20,000 objects are operating spacecraft. The rest of the monitored space debris ranges in size from the size of a softball, to massive rocket bodies, all orbiting uncontrolled at relative speeds averaging about 22,300 mph in low-Earth orbit, where the majority of the objects reside. Yet it is the unknown, often smaller, untracked objects that pose the biggest threat. "If a spacecraft is lost due to being hit by debris, the odds are the satellite will be hit by something the trackers can't see," said Nicholas Johnson, NASA chief scientist (retired) for orbital debris at Johnson Space Center in Houston. That is exactly the scenario Solomon and his counterpart, Martin England, mission operations engineering lead at NSOF hope will never happen. Risk Team Monitors Unmanned Missions Threats for NOAA and NASA While NASA's Johnson Space Center manages monitored debris threats for spacecraft related to U.S. manned missions such as the International Space Station, the responsibility for unmanned missions managed by NASA falls to the Conjunction Assessment Risk Analysis, or CARA, team operating out of NASA Goddard. About seven days before a potential threat, information from the Department of Defense is analyzed by the CARA team to evaluate predicted close approaches. CARA monitors and provides updated information about potential threats to satellite mission managers who then make a decision about the need to reposition their satellites in a procedure known as a Risk Mitigation Maneuver. Since Suomi NPP's launch in October 2011, this recent reposition was the fourth Risk Mitigation Maneuver to avoid space debris. In this case, the object was a section of a Thorad-Agena launch vehicle used between 1966 and1972 primarily for Corona U.S. reconnaisssance satellites. A previous Suomi NPP risk mitigation maneuver in January 2014 avoided a discarded booster from a Delta 1 launch vehicle, a type of rocket made in the United States for a variety of space missions from 1960 to 1990. There is also a significant amount of debris in Suomi NPP's orbit from the Chinese Fengyun-1C, a meteorological satellite China destroyed in January 2007 in a test of an anti-satellite missile. Another threat near Suomi NPP's orbit is the debris resulting from a 2009 collision of a functioning commercial communications satellite and a defunct Russian satellite. Suomi NPP's job is to collect environmental observations of atmosphere, ocean and land for both NOAA's weather and oceanography operational missions and NASA's research mission to continue the long-term climate record to better understand the Earth's climate and long-term trends. To accomplish those goals, the satellite maintains a position on orbit such that the desired path across the ground does not vary by more than 20 km (12 miles) on each side. This orbit is adjusted with regular planned maneuvers to maintain the proper orbit and angles for best information collection. But if a Risk Mitigation Maneuver to avoid space debris were to necessitate moving out of that desired collection zone, then yet another maneuver would be necessary to return to the optimum orbit position. These unplanned maneuvers tap into the finite amount of fuel on satellites and could potentially shorten mission life of a spacecraft if fuel is used more quickly than anticipated. The amount of space debris is not constant. It generally increases every year, sometimes generated from debris collisions, which can potentially create additional debris fragments. But there are also debris reductions. One tracked object generally falls back to Earth daily, sometimes burning up to nothing upon re-entry, or falling into water or the large areas of low population density. In addition, there are also natural events that help control debris. The sun is currently going through a period known as solar maximum, the term for a high period of solar activity. The increased number of sunspots and solar storms during solar maximum takes place approximately every 11 years. During this period, the extent of Earth's atmosphere increases due to solar heat generated by the increased amount of solar activity. As the atmosphere extends to higher altitudes, debris at these altitudes are then subjected to increased friction, known as drag, and as a result, space debris typically fall to Earth at a higher rate during solar maximum. The Suomi NPP mission is a bridge between NOAA and NASA legacy Earth observing missions and NOAA's next-generation Joint Polar Satellite System, or JPSS. The next satellite, JPSS-1, is targeted for launch in early 2017. Status quo mechanisms being strengthened now to solves space debris threats Bonard 14, expert on the ISS and a space analyst, (Michael, 11/10/14, Commentary | Space Debris Mitigation: A New Hope for a Realistic Solution?, http://spacenews.com/42511space-debris-mitigation-a-new-hope-for-arealistic-solution/)//AK On Jan. 11, 2007, a Chinese antisatellite missile test completely fragmented a Chinese target satellite into millions of pieces of debris — nearly 800 debris fragments 10 centimeters or larger, nearly 40,000 debris fragments between 1 and 10 centimeters, and some 2 million fragments of 1 millimeter or larger. On Feb. 10, 2009, the operational Iridium 33 and decommissioned Kosmos-2251 satellites collided at a speed of 42,120 kilometers per hour, destroying both satellites. In July 2011, more than 2,000 large debris fragments resulting from this collision were detected. The international space station is routinely dodging debris that are tracked by ground-based radars. Space debris constitutes a continuously growing threat to satellites and manned spacecraft. Very small debris creates potentially nonthreatening damage. Large debris can be detected by ground-based radars and avoided by spacecraft maneuvers. However, small- to medium-sized debris in low or medium Earth orbits constitutes the biggest threat. These orbits have the largest density of debris and the highest relative speeds, while the atmospheric drag is small enough that it may take centuries to have the debris re-enter the atmosphere. In 1978, NASA scientist Donald J. Kessler showed that if the density of space debris in low Earth orbit is high enough, each collision generating space debris would increase the likelihood of further collisions. One serious implication is that the multiplication of debris in orbit will render space exploration, and even the use of satellites, increasingly dangerous and costly for many generations. Multiple solutions to remove space debris have been explored and published. One of these solutions involves physical contact between debris and the spacecraft: Shielding of in-orbit spacecraft has been considered. However, the satellite community has recognized that the sheer weight of any reasonably efficient shielding would make launch not economically viable. Furthermore, the speeds involved in physical contacts would generate a cloud of additional debris. “Catcher” spacecraft have also been proposed. Conceptually, highly mobile and agile spacecraft equipped with a “catching device” like a net or a robotic arm could be launched from Earth to intercept and catch debris. However, unless the catcher spacecraft are able to precisely match the speed and direction of the debris, any high-speed physical contact between a component of the catcher spacecraft and space debris will result in a collision, multiplying the debris. The cost of designing, developing, testing and launching such a spacecraft, with sufficient fuel onboard to repeatedly intercept multiple debris fragments at different speeds, orbits and altitudes, does not seem to be economically viable. Other solutions would use high-power lasers that could vaporize the surface of the debris in space, deflecting it and possibly changing its orbit to intersect the atmosphere. These solutions have the advantage of not requiring physical contact with the debris. Space-based laser systems require designing, building, launching and operating a spacecraft equipped with a very high-power laser system. Such a design is utterly complex and expensive and very likely will not be economically viable. Airborne laser systems are facing the same obstacles: The Boeing YAL-1 Airborne Laser Test Bed program, which was designed as a missile defense system to destroy tactical ballistic missiles, was terminated because of cost. Ground-based laser systems are handicapped by the very long propagation distance, atmospheric absorption and distortion of the laser beam. Such parameters make this solution also not economically viable. Furthermore, being located in a single country, a ground-based laser system would raise serious political issues within the international community because of its implied antisatellite capability. In summary, the cost/benefit ratio of the above solutions appears to be the main reason none has been implemented to date to proactively mitigate the most dangerous debris. A more affordable approach for cleaning low and medium Earth orbits of small- to mediumsized orbital debris may be achievable. This approach would use the principle of deflecting an electrically charged, moving object in a magnetic field. The old television tube is probably the most common example of this principle, where electrical charges (electrons) are deflected by the magnetic fields generated by the tube deflection coils. The application of this principle would use a space-based electron gun to generate an electron beam directed at the orbital debris. The beam would remotely impart an electric charge to the debris. Earth’s magnetic field would exert a force on the electric charge of such debris crossing the magnetic field at high speed, modifying its orbit. Over time, the orbit would become highly elliptical and would intersect the upper atmosphere, where the debris would vaporize or fall to Earth. Preliminary calculations have shown that this concept is sound. The benefits include: Cost: Lower cost is the major advantage of electromagnetic deflection. Feasibility: There is no new or speculative technology to develop. Used in particle accelerators and in millions of old-style television tubes, the electron gun technology is very mature. The energy used to generate the electron beam is orders of magnitude lower than high-power lasers. Risk: It would reduce the probability of creating additional debris by avoiding any physical contact. The electron gun device could be integrated in an add-on module to the international space station. The ISS is already in space, and there would be no new spacecraft to develop and launch. The ISS has a large power-generation capability, while the electron gun would require only intermittent and modest amounts of energy to operate. This solution would be more easily adopted by the international space community, since it does not have the capability to damage or destroy a spacecraft. This feature would be expected to encourage support and funding of the project by all the nations involved in space operations. The electromagnetic deflection concept would best be implemented as an international program, managed and coordinated by the space agencies of several countries. As with any new technology development, there are still open questions associated with the deployment of this concept. A formal study would have to be conducted by space specialists to validate and test the concept and determine the optimum design parameters. Areas that should be explored include: The ability to precisely direct the electron beam at the debris. Although electrons can be sent at near-light speed, they are also deflected by the very magnetic field that will act on the debris, requiring precise aiming of the electron gun. The ability of the target to store the electrons. The retention of the charge by the target. Due to the constant bombardment of the target by the solar wind that comprises ionized particles, it is expected that the charge of the target will dissipate over time. The dynamic response of the target trajectory under the influence of the deflecting force. In conclusion, civil and government satellites as well as manned missions are currently exposed to the growing risk of collisions with debris, which may result in costly incidents, or accidents that could take human lives. It is essential to have a solution implemented as soon as possible. As of today, the electromagnetic deflection approach seems to be one of the most cost effective, most realistically achievable and least risky. It deserves to be further evaluated and pursued. Space debris not a threat to humans Chun 11, space debris analyst and contributor at People’s Daily, (Yao, 9/28/11, Experts: No need to worry about falling space debris, http://en.people.cn/202936/7606918.html) //AK As more and more satellites are being launched into the space, will the debris of the failed satellites bring disaster to earth? The experts from the Center for Space Science and Applied Research (CSSAR) under the Chinese Academy of Sciences say: "Don't panic, space junk will not fall on your head." "Recently some reports may have caused certain panic in the public, who are worried that space debris will threaten people's survival. But, in fact we can rest assured that space debris will not hit people because the probability is minimal," said Gong Jiancun, deputy director of CSSAR. Space debris will not pose a threat to humans, he said. However, the real reason why scientists are concerned about space debris is because of its potential to harm or hinder spacecraft. Since 1957, when the first artificial satellite was launched into space, the amount of space debris has increased year by year. As of this week, there are more than 16,000 pieces of debris with a diameter of more than 10 centimeters in space, according to observation data from the United States. This debris is distributed in different earth orbits: low orbit, hundreds of kilometers away from the earth; moderate-altitude orbit, thousands of kilometers away, and high orbit, tens of thousands of kilometers away. Because of this, the debris is not concentrated in a dense region of space. Generally speaking, space debris is divided in three categories: large space debris, with a diameter of more than 10 centimeters; small space debris, with a diameter of less than 1 millimeter, and dangerous debris, with a diameter between large and small debris. "If the debris falls to the earth, most of it will be burned away by the high temperature of thousands of degrees produced by the high-speed friction with the atmosphere. Even if a large chunk of space debris penetrated the atmosphere and posed a threat to the earth, mankind should be capable of defending against it," Gong said. First, we can roughly estimate its orbit. With the estimation of its orbit, we can intercept it. Gong said that the U.S. has successfully intercepted a failed satellite using a missile. That satellite contained highly toxic substances. In order to prevent it from falling into the sea, the U.S. destroyed the satellite by a missile launched from a warship. China also has similar technologies and can disintegrate it in the space before it causes harm." "Scientists also have come up with many other methods to clear the space debris. For example, we can leave some fuel in satellites and control the satellite to fly out of the original track," Gong said. "Some countries have developed passive technologies, such as launching a spacecraft to catch space debris and take it away. Other countries are developing satellites with mechanical arms, which not only can repair satellites but also can pull the failed satellites out of the orbit." However, these technologies are not very mature. It is still uncertain when they will come into use, he said. China turn Chinese and U.S. tech industries are zero-sum – surveillance crowds out the U.S. market Castro and McQuinn 15 – * Vice President of the Information Technology and Innovation Foundation and Director of the Center for Data Innovation, B.S. in Foreign Service from Georgetown University and an M.S. in Information Security Technology and Management from Carnegie Mellon University, AND ** Research Assistant with the Information Technology and Innovation Foundation, B.S. in Public Relations and Political Communications from the University of Texas (Daniel and Alan, Beyond the USA Freedom Act: How U.S. Surveillance Still Subverts U.S. Competitiveness, Information Technology and Innovation Foundation, June 2015, http://www2.itif.org/2015-beyond-usafreedom-act.pdf?_ga=1.33178294.940386433.1435342104)//JJ Protectionist policies in China have further strained the U.S. tech industry . In January 2015, the Chinese government adopted new regulations that forced companies that sold equipment to Chinese banks to turn over secret source code, submit to aggressive audits, and build en cryption keys into their products. 38 While ostensibly an attempt to strengthen cybersecurity in critical Chinese industries, many western tech companies saw these policies as a shot across the bow trying to force them out of China’s markets . After all, the Chinese government ha d already launched a “de - IOE” movement — IOE stands for IBM, Oracle and EMC — to convince its state - owned banks to stop buying from these U.S. tech giants . 39 To be sure, the Chinese government recently halted this policy under U.S. pressur e. 40 However, the halted policy can be seen as a part of a larger clash between China and the United States over trade and cybersecurity. Indeed, these proposed barriers were in part a quid pro quo from China , after the United States barred Huawei, a major Chinese computer maker, from selling its products in the United States due to the fear that this equipment had “back doors” for the Chinese government. 41 Since the Snowden revelations essentially gave them cover, Chinese lawmakers have openly called for the use of domestic tech products over foreign goods both to boost the Chinese economy and in response to U.S. surveillance tactics. This system of retaliation has not only led to a degradation of business interests for U.S. tech companies in China, but also disrupted the dialogue between the U.S. government and China on cybersecurity issues. 4 A2: Big Data/Cloud Computing Add-On Reject internet doomsaying – no chance of collapse or a ton of other stuff would cause it Bernal 14 (Lecturer in Information Technology, Intellectual Property and Media Law at the University of East Anglia Law School) (Paul, So who’s breaking the internet this time?, November 11, 2014, http://paulbernal.wordpress.com/2014/11/11/so-whos-breaking-the-internet-this-time/) I’m not sure how many times I’ve been told that the internet is under dire threat over the last few years. It sometimes seems as though there’s an apocalypse just around the corner pretty much all the time. Something’s going to ‘break’ the internet unless we do something about it right away. These last few weeks there seem to have been a particularly rich crop of apocalyptic warnings – Obama’s proposal about net neutrality yesterday being the most recent. The internet as we know it seems as though it’s always about to end. Net neutrality will destroy us all… If we are to believe the US cable companies, Obama’s proposals will pretty much break the internet, putting development back 20 years. How many of us remember what the internet was like in 1994? Conversely, many have been saying that if we don’t have net neutrality – and Obama’s proposals are pretty close to what most people I know would understand by net neutrality – then the cable companies will break the internet. It’s apocalypse one way, and apocalypse the other: no half measures here. The cable companies are raising the spectre of government control of the net, something that has been a terror of internet freedom activists for a very long time – in our internet law courses we start by looking at John Perry Barlow’s 1996 ‘Declaration of the Independence of Cyberspace’, with its memorable opening: “Governments of the Industrial World, you weary giants of flesh and steel, I come from Cyberspace, the new home of Mind. On behalf of the future, I ask you of the past to leave us alone. You are not welcome among us. You have no sovereignty where we gather.” the UN, through the International Telecommunication Union (ITU) was about to take over the internet, crushing our freedom and ending the Internet as we know it. Anyone with real experience of Another recent incarnation of this terror has been the formerly much hyped fear that the way that UN bodies work would have realised this particular apocalypse had next-to-no chance of every coming into fruition, and last week that must have become clear to most of even the more paranoid of internet freedom fighters, as the ITU effectively resolved not to even try… Not that apocalypse, at least not now. More dire warnings and apocalyptic worries have been circling about the notorious ‘ right to be forgotten’ – either in its data protection reform version or in the Google Spain ruling back in May. The right to be forgotten, we were told, is the biggest threat to freedom of speech in the coming decade, and will change the internet as we know it. Another thing that’s going to break the internet. And yet, even though it’s now effectively in force in one particular way, there’s not much sign that the internet is broken yet… The deep, dark, disturbing web… At times we’re also told that a lack of privacy will break the net – or that privacy itself will break the net. Online behavioural advertisers have said that if they’re not allowed to track us, we’ll break the economic model that sustains the net, so the net itself will break. We need to let ourselves be tracked, profiled and targeted or the net itself will collapse. The authorities seem to have a similar view – recent pronouncements by Metropolitan Police Commissioner Bernard Hogan-Howe and new head of GCHQ Robert Hannigan are decidedly apocalyptic, trying to terrify us with the nightmares of what they seemingly interchangeably call the ‘dark’ web or the ‘deep’ web. Dark or deep, it’s designed to disturb and frighten us – and warn us that if we keep on using encryption, claiming anonymity or pseudonymity or, in practice, any kind of privacy, we’ll turn the internet into a paradise only for paedophiles, murderers, terrorists and criminals. It’s the end of the internet as we know it, once more. And of course there’s the converse view – that mass surveillance and intrusion by the NSA, GCHQ etc, as revealed by Edward Snowden – is itself destroying the internet as we know it. Money, money, money Mind you, there are also dire threats from other directions. Internet freedom fighters have fought against things like SOPA, PIPA and ACTA – ways in which the ‘copyright lobby’ sought to gain even more control over the internet. Again, the arguments go both ways. The content industry suggest that uncontrolled piracy is breaking the net – while those who fought against SOPA etc think that the iron fist of copyright enforcement is doing the same. And for those that have read Zittrain’s ‘The Future of the Internet and How to Stop It’, it’s something else that’s breaking the net – ‘appliancization’ and ‘tethering’. To outrageously oversimplify, it’s the iPhone that’s breaking the net, turning it from a place of freedom and creativity into a place for consumerist sheep. It’s the end of the internet as we know it…..…or as we think we know it. We all have different visions of the internet, some historical, some pretty much entirely imaginary, mowith elements of history and elements of wishful thinking. It’s easy to become nostalgic about what we imagine was some golden age, and fearful about the future, without taking a The internet was never a ‘wild west’ – and even the ‘wild west’ itself was mostly mythical – and ‘freedom of speech’ has never been as absolute as its most ardent advocates seem to believe. We’ve always had some control and some freedom – but the thing about the internet is that, in reality, it’s pretty robust. We, step back and wondering whether we’re really right. as an internet community, are stronger and more wilful than some of those who wish to control it might think. Attempts to rein it in often fail – either they’re opposed or they’re sidestepped, or they’re just absorbed into the new shape of the internet, because the internet is always changing, and we need to understand that. The internet as we know it is always ending – and the internet as we don’t know it is always beginning.
