NSA aff and neg wave 3 - umich 2015 - hjpv

Tech Leadership Advantage
1ac – asteroids impact
Cloud computing is also critical to space situational awareness – solves asteroids and debris
Johnston et al 9 [Steven, PhD in computer engineering and MEng degree in software engineering,
specializes in cloud-based architecture, Kenji Takeda, Solutions Architect and Technical Manager for the
Microsoft Research Connections EMEA team, has extensive experience in Cloud Computing, Hugh Lewis,
professor at University of Southampton, specialist in space situational awareness, Simon Cox, professor
of Computational Methods and Director of the Microsoft Institute for High Performance Computing at
University of Southampton, Graham Swinerd, professor at University of Southampton, specializes in
space situational awareness, “Cloud Computing for Planetary Defense”,
http://eprints.soton.ac.uk/71883/1/John_09.pdf, October 2009, 3/31/15]
Abstract¶ In this paper we demonstrate how a cloud-based computing architecture can be used for planetary defense
and space situational awareness (SSA ). We show how utility compute can facilitate both a financially
economical and highly scalable solution for space debris and near-earth object impact analysis. As we
improve our ability to track smaller space objects, and satellite collisions occur, the volume of objects being tracked
vastly increases, increasing computational demands. Propagating trajectories and calculating conjunctions becomes increasingly time
critical, thus requiring an architecture which can scale with demand. The extension of this to tackle the problem of a future nearearth object impact is discussed, and how cloud computing can play a key role in this civilisation-threatening scenario.¶ Introduction¶ Space situational awareness
includes scientific and operational aspects of space weather, near-earth objects and space debris. This project is part of an international effort to provide a global
response strategy to the threat of a Near Earth Object (NEO) impacting the earth, led by the United Nations Committee for the Peaceful Use of Space (UN-COPUOS).
The impact of a NEO – an asteroid or comet – is a severe natural hazard but is unique in that technology exists to
predict and to prevent it, given sufficient warning. As such, the International Spaceguard survey has identified nearly 1,000 potentially
hazardous asteroids >1km in size although NEOs smaller than one kilometre remain predominantly undetected, exist in far greater numbers and impact the Earth
more frequently1. Impacts
by objects larger than 100 m (twice the size of the asteroid that caused the Barringer crater in Arizona) could
occur with little or no warning , with the energy of hundreds of nuclear weapons, and are “devastating
at potentially unimaginable levels”2 (Figure 1). The tracking and prediction of potential NEO impacts is of
international importance, particularly with regard to disaster management. Space debris poses a serious
risk to satellites and space missions. Currently Space Track3 publishes the locations of about 10,000 objects that are publicly available. These include
satellites, operational and defunct, space debris from missions and space junk. It is believed that there are about 19,000 objects with a diameter over 10cm. Even
the smallest space junk travelling at about 17,000 miles per hour can cause serious damage; the Space Shuttle has undergone 92
window changes due to debris impact, resulting in concerns that a more serious accident is imminent4, and the International Space Station has to execute evasion
manoeuvres to avoid debris. There
are over 300,000 objects over 1cm in diameter and there is a desire to track most , if not all of these. By
improving ground sensors and introducing sensors on satellites the Space Track database will increase in size.
By tracking and predicting space debris behaviour in more detail we can reduce collisions as the orbital
environment becomes ever more crowded.¶ Cloud computing provides the ability to trade computation
time against costs. It also favours an architecture which inherently scales, providing burst capability. By treating compute as a utility, compute cycles are
only paid for when they are used. Here we present a cloud application framework to tackle space debris tracking and analysis, that is being extended for NEO impact
analysis. Notably, in this application propagation and conjunction analysis results in peak compute loads for only 20% of the day, with burst capability required in
the event of a collision when the number of objects increases dramatically; the Iridium-33 Cosmos-2251 collision in 2009 resulted in an additional 1,131 trackable
objects (Figure 2). Utility computation can quickly adapt to these situations consuming more compute, incurring a monetary cost but keeping computation wall
clock time to a constant . In the event of a conjunction event being predicted, satellite operators would have to be quickly alerted so they could decide what
mitigating action to take.¶ In this work we have migrated a series of discrete manual computing processes to the Azure cloud platform to improve capability and
scalability. It is the initial prototype for a broader space situational awareness platform. The workflow involves the following steps: obtain satellite position data,
validate data, run propagation simulation, store results, perform conjunction analysis, query satellite object, and visualise.¶ Satellite locations are published twice a
day by Space Track, resulting in bi-daily high workloads. Every time the locations are published, all previous propagation calculations are halted, and the propagator
starts recalculating the expected future orbits. Every
orbit can be different, albeit only slightly from a previous estimate, but this means that
all conjunction analysis has to be recomputed . The quicker this workflow is completed the quicker
possible conjunction alerts can be triggered, providing more time for mitigation .¶ The concept project uses Windows
Azure as a cloud provider and is architected as a data-driven workflow consuming satellite locations and resulting in conjunction alerts, as shown in Figure 3.
Satellite locations are published in a standard format know as a Two-Line Element (TLE) that fully describes a spacecraft and its orbit. Any TLE publisher can be
consumed, in this case the Space Track website, but also ground observation station data. The list of TLEs are first separated into individual TLE Objects, validated
and inserted into a queue. TLE queue objects are consumed by comparator workers which check to see if the TLE exists; new TLEs are added to an Azure Table and
an update notification added to the Update Queue.¶ TLEs in the update notification queue are new and each requires propagation; this is an embarrassingly parallel
computation that scales well across the cloud. Any propagator can be used. We currently support NORAD SGP4 propagator and a custom Southampton simulation
(C++) code. Each propagated object has to be compared with all other propagations to see if there is a conjunction (predicted close approach). Any conjunction
source or code can be used, currently only SGP4 is implemented; plans are to incorporate more complicated filtering and conjunction analysis routines as they
become available. Conjunctions result in alerts which are visible in the Azure Satellite tracker client. The client uses Virtual Earth to display the orbits. Ongoing work
includes expanding the Virtual Earth client as well as adding support for custom clients by exposing the data through a REST interface. This pluggable architecture
ensures that additional propagators and conjunction codes can be incorporated, and as part of ongoing work we intend to expand the available analysis codes.¶ The
framework demonstrated here is being extended as a generic space situational service bus to include NEO impact predictions. This
will exploit the pluggable
simulation code architecture and the cloud’s burst computing capability in order to allow refinement of predictions for disaster
management simulations and potential emergency scenarios anywhere on the globe.¶ Summary¶ We have shown
how a new architecture can be applied to space situational awareness to provide a scalable robust data-driven architecture which can enhance the ability of existing
disparate analysis codes by integrating them together in a common framework. By automating the ability to alert satellite owners to potential conjunction scenarios
we reduce the potential of conjunction oversight and decrease the response time, thus making space safer. This framework is being extended to NEO trajectory and
impact analysis to help improve planetary defencs capability for all.
Asteroid strikes are likely and cause extinction
Casey, 6/30/15 – environmental, scientific, and technological reporter for CBS News (Michael, “On
Asteroid Day, raising awareness that Earth could get hit again”, CBS News,
http://www.cbsnews.com/news/asteroid-day-raising-awareness-earth-could-be-hit-by-asteroids/, //11)
"Asteroids are the only natural disaster we know how to prevent and protecting our planet, families and
communities is the goal of Asteroid Day," said Grigorij Richters, producer of the asteroid-themed movie
"51 Degrees North" and co-founder of Asteroid Day. "Asteroids teach us about the origins of life, but
they also can impact the future of our species and life on Earth ."
Most of what people know about asteroids comes from movies like "Deep Impact" or "Armageddon," or
because they've heard that an asteroid triggered global disasters that led to the extinction of the
dinosaurs 65 million years ago.
But asteroids are not just the stuff of science fiction or ancient history. In January, a huge asteroid
passed close to Earth - within 745,000 miles (1.2 million kilometers) of our planet. NASA said it was the
closest any space rock is expected to come to Earth until asteroid 1999 AN10 flies past in 2027, but
there could be other close calls scientists aren't expecting .
In 2013, an asteroid exploded over Chelyabinsk, Russia - creating a fireball brighter than the sun and an
explosion that was as powerful as about 40 Hiroshima-type bombs .
NASA seems to concur that the threat has to be taken seriously.
Earlier this month, NASA signed a deal with the National Nuclear Security Administration to look into the
nuclear option should they discover that an asteroid was on a collision course with Earth. The space
agency currently only tracks about 10 percent of the 1 million asteroids in our solar system with the
potential to strike Earth, according to Asteroid Day.org.
The European Space Agency, meanwhile, convened a meeting Tuesday with emergency response
officers from Switzerland, Germany, Luxembourg, Romania, Sweden and the United Kingdom to discuss
how to respond to the asteroid threat.
"Planets can't hit us, while comet debris doesn't survive to strike our surface. But asteroids -- chunks of
stone or metal -- arrive by the thousands every day, and are responsible for nearly all of the 50,000
catalogued meteorites," Slooh astronomer Bob Berman said. "The largest asteroids are fascinating to
observe, while the hazardous ones need to be watched while defenses are being conceived."
In December, astrophysicist Dr. Brian May (who was also a founding member and lead guitarist of the
rock band Queen) joined Lord Martin Rees, UK Astronomer Royal; Bill Nye, the Science Guy; and
astronauts Rusty Schweickart, Ed Lu and Tom Jones to launch Asteroid Day. In their mission statement,
they said their goal was nothing short of ensuring the survival of future generations.
As part of that, they also announced the 100X Declaration, which calls for a 100-fold increase in
detection and monitoring of asteroids.
"The more we learn about asteroid impacts, the clearer it becomes that the human race has been living
on borrowed time," May said. "Asteroid Day and the 100X Declaration are ways for the public to
contribute to bring about an awareness that we can get hit anytime . A city could be wiped out any time
because we just don't know enough about what's out there."
2ac – detection needed
At least 10% are undetected
Robson, 7/3/15 – reporter for National Post (John, National Post, “Fear the asteroid, humanity’s
greatest threat!”, http://news.nationalpost.com/full-comment/john-robson-fear-the-asteroidhumanitys-greatest-threat, //11)
How big is the danger? NBC’s story on Asteroid Day noted with curious complacency that “based on a
statistical analysis, NASA says it’s found more than 90 percent of the estimated 981 asteroids” a
kilometre or more wide capable of annihilating civilization . So that missing nearly 10 per cent leaves,
um, almost 100 lurking undetected, right guys? Plus NASA hasn’t found 90 per cent of those over 140
meters wide, let alone the “hundreds of thousands” of smaller ones still capable of smashing a city. I’d
grade this “incomplete” at best.
If you’re not worried yet, consider that the goal of Asteroid Day is to increase the number of near-Earth
objects found from 1,000 to 100,000 a year. A year? Man, they’ll have to queue up to dive onto us.
2ac – tech discussions key
Technical discussions about asteroids are crucial to educating the public
Morrison et al 2 – Morrison: NASA Astrobiology Institute; Harris: NASA Jet Propulsion Laboratory;
Sommer: RAND Corporation; Chapman: Southwest Research Institute, Boulder; Carusi: IAS, Roma (David
Morrison, Alan W. Harris, Geoff Sommer, Clark R. Chapman, Andrea Carusi, “Dealing with the Impact
Hazard”, 6/8/02, http://www.disastersrus.org/emtools/spacewx/NEO_Chapter_1.pdf, //11)
While NEO research embodies classic scientific objectives, studies of impact hazards form an applied
science that may be judged by different criteria. In determining an NEO hazard mitigation strategy, we
must consider the reaction of society . Such considerations are familiar to specialists in other fields of
natural hazard, such as meteorology (with respect to storm forecasts) and seismology. NEO hazard
specialists have the added difficulty of explaining a science that is arcane (orbital dynamics) and
beyond personal experience (no impact disaster within recorded history). As the NEO community has
begun to realize, it has a social responsibility to ensure that its message is not just heard but
comprehended by society at large. The adoption of the Torino Impact Scale (Binzel, 1997, 2000) was a
notable first step toward public communication, although the unique aspects of NEO detection and
warning (particularly the evolution of uncertainty) continue to cause communications difficulties
(Chapman, 2000).
2ac – at: no deflection
We have deflection capabilities, but detection is key
Wall, 13 – senior writer at space.com (Mike, Space.com, “How Humanity Could Deflect a Giant Killer
Asteroid”, 11/22/13, http://www.space.com/23530-killer-asteroid-deflection-saving-humanity.html,
Humanity has the skills and know-how to deflect a killer asteroid of virtually any size, as long as the
incoming space rock is spotted with enough lead time , experts say.
Our species could even nudge off course a 6-mile-wide (10 kilometers) behemoth like the one that
dispatched the dinosaurs 65 million years ago. We'd likely have to slam multiple spacecraft into a
gigantic asteroid over a period of several decades to do the job, but the high stakes would motivate such
a strong and sustained response, researchers say.
"If you can hit it with a kinetic impactor, you can hit it with 10 or 100 of them," former NASA astronaut
Ed Lu, chairman and CEO of the nonprofit B612 Foundation, which is devoted to protecting Earth against
asteroid strikes, said during a news conference last month.
"And I would submit to you that if we were finding an asteroid that's going to wipe out all life on Earth,
or the majority of life on Earth, that funding is not an issue for launching 100 of them," Lu added.
Undiscovered asteroids
Lu and four other spaceflyers spoke Oct. 25 at the American Museum of Natural History in New York
City. A primary purpose of the event was to draw attention to the danger asteroids pose to human
civilization and life on Earth, and to discuss ways to mitigate the threat.
Earth has been pummeled by space rocks repeatedly over the eons and will continue to get hit, a reality
that was reinforced in February when a 55-foot-wide (17 meters) space rock exploded in the
atmosphere over the Russian city of Chelyabinsk, injuring more than 1,000 people.
The Russian meteor came out of nowhere, evading detection by the various instruments that are
scanning the heavens for potentially hazardous objects. And there are many more such space rocks out
there, gliding through deep space unknown and unnamed.
To date, scientists have discovered about 10,000 near-Earth objects , or NEOs — just 1 percent of the 1
million or so asteroids thought to come uncomfortably close to our planet at some point in their orbits.
So the top priority of any asteroid-defense effort should be a stepped-up detection campaign, Lu said.
"Our challenge is to find these asteroids first, before they find us," he said. " You cannot deflect an
asteroid you haven't yet found ."
2ac – at: psycho
Asteroids are real threats – psychoanalysis does not disprove our factual claims
Yudkowsky, 8 – Research Fellow and Director of the Singularity Institute for Artificial Intelligence,
principal contributor to the Oxford-sponsored Overcoming Biases (Eliezer, Machine Intelligence
Research Institute, “Cognitive Biases Potentially Affecting Judgment of Global Risks”,
https://intelligence.org/files/CognitiveBiases.pdf, //11)
Robert Pirsig said: “The world’s biggest fool can say the sun is shining, but that doesn’t make it dark
out.” If you believe someone is guilty of a psychological error, then demonstrate your competence by
first demolishing their consequential factual errors. If there are no factual errors, then what matters
the psychology? The temptation of psychology is that, knowing a little psychology, we can meddle in
arguments where we have no technical expertise—instead sagely analyzing the psychology of the
If someone wrote a novel about an asteroid strike destroying modern civilization, then someone might
criticize that novel as extreme, dystopian, apocalyptic; symptomatic of the author’s naive inability to
deal with a complex technological society. We should recognize this as a literary criticism, not a scientific
one; it is about good or bad novels, not good or bad hypotheses. To quantify the annual probability of an
asteroid strike in real life, one must study astronomy and the historical record : no amount of literary
criticism can put a number on it. Garreau (2005) seems to hold that a scenario of a mind slowly
increasing in capability, is more mature and sophisticated than a scenario of extremely rapid intelligence
increase. But that’s a technical question, not a matter of taste; no amount of psychologizing can tell you
the exact slope of that curve.
It’s harder to abuse heuristics and biases than psychoanalysis. Accusing someone of conjunction fallacy
leads naturally into listing the specific details that you think are burdensome and drive down the joint
probability. Even so, do not lose track of the real-world facts of primary interest; do not let the
argument become about psychology.
Despite all dangers and temptations, it is better to know about psychological biases than to not know.
Otherwise we will walk directly into the whirling helicopter blades of life. But be very careful not to have
too much fun accusing others of biases. That is the road that leads to becoming a sophisticated arguer—
someone who, faced with any discomforting argument, finds at once a bias in it. The one whom you
must watch above all is yourself.
Jerry Cleaver said: “What does you in is not failure to apply some high-level, intricate, complicated
technique. It’s overlooking the basics. Not keeping your eye on the ball.”
Analyses should finally center on testable real-world assertions . Do not take your eye off the ball.
Safe Harbor Advantage
1ac – internal link
Surveillance programs/leaks crush/change the Safe-Harbor agreement
Donohue 15 – Professor of Law, Georgetown Law and Director, Center on National
Security and the Law, Georgetown Law (Lauren, HIGH TECHNOLOGY, CONSUMER
PRIVACY, AND U.S. NATIONAL SECURITY, Symposium Articles, 4 Am. U. Bus. L. Rev. 11
p.45-46, 2015, Hein Online)//JJ
3. Safe Harbor Considerations
In the wake of the Snowden revelations , the EU Commission issued a report recommending the
retention of Safe Harbor, but recommending significant changes, including required disclosure of cloud
computing and other service provider contracts used by Safe Harbor members.16' The Safe Harbor
provisions, developed from 1999 to 2000 by the U.S. Commerce Department, the Article 31 Committee
on Data Privacy, and the European Union, created a narrow bridge between the United States and EU.
At the time, the European Parliament, which did not bind the European Commission, rejected the Safe
Harbor provisions by a vote of 279 to 259, with twenty-two abstentions. Chief amongst European
concerns was the failure of the agreement to provide adequate protections . In light of the massive
data breaches over the past five years in the United States, the practices of a largely unregulated high
technology industry, and the ubiquitous nature of NSA surveillance , Europeans are now even less
supportive of the Safe Harbor provisions .' They amount to a self-regulated scheme in which the U.S.
Federal Trade Commission looks at whether a company, which has voluntarily opted-in to the program,
fails to do what it has stated it will do, within the bounds of its own privacy policy. Stronger measures
are necessary to restore European confidence in U.S. high technology companies.
Current US surveillance threatens to undermine US-EU Safe Harbor provisions—
applying PPD-28 to US corporations is key to restoring trust in US corporations and
passing TTIP
Hancock 14 – Managing Editor at Inside U.S. Trade, contributor at CSM and the Yonhap News Agency
(Ben Hancock, 6/13/14, “U.S.-EU 'Safe Harbor' Talks Snag Over National Security Exception Limits,”
Inside US Trade 32.24, ProQuest)//twemchen
The top U.S. and European Union officials in charge of negotiating reforms to the "Safe Harbor" framework governing
trans-Atlantic data transfers on June 10 signaled their talks are hung up over an EU demand for new U.S. assurances that it
will invoke the arrangement's national security exception only in limited circumstances . Paul Nemitz, director
for fundamental rights and citizenship at the European Commission's Directorate-General for Justice, said securing U.S. commitments on this
issue is at least "50 percent" of what the EU hopes to achieve overall through the negotiations to renew Safe Harbor. Deputy Assistant
Secretary for Commerce Ted Dean, Nemitz's U.S. counterpart, hinted the U.S. believes it has already having given sufficient assurances
to the EU in this regard -- albeit indirectly -- through a speech made by President Obama on Jan. 17 and corresponding Presidential Policy
Directive, known as
"PPD-28," issued after revelations about National Security Agency (NSA) surveillance. The ability of both sides to
bridge their differences on how to update Safe Harbor will have a direct bearing on the ability of the European Commission in
the Transatlantic Trade and Investment Partnership
to agree to U.S. demands for provisions permitting the
free flow of
data across the Atlantic. The U.S.-EU Safe Harbor framework provides a legal basis for companies to conduct
transfers of EU personal data to the U.S. that would otherwise breach EU law , provided they adhere to certain safeguards
for privacy protections. Both Nemitz and Dean spoke at an event hosted by the Center for Strategic and International Studies (CSIS). Nemitz said
the national
security issue is the "elephant in the room" in the talks, which are being held this week in Washington on June
11-12. This is the case even though a November report by the European Commission identifies the national security exception as
only one of 13 total recommendations to strengthen Safe Harbor, he added. Late last week, EU Justice Commissioner Viviane
Reding said the Safe Harbor negotiations have progressed well on all EU recommendations with the exception of the demand that the national
security exception foreseen by the Safe Harbor decision is used "only to an extent that is strictly necessary or proportionate." "And for me it is
very clear: I have made it clear to my counterparts that the 13th point
must be clarified for the European Commission to
say that Safe Harbor is 'safe, '" Reding said on June 6. Dean said his office is working to address EU fears that U.S. authorities
use the exception to conduct bulk surveillance. But he also noted the Department of Commerce has no authority by itself to offer any
assurances with regard to the scope of U.S. law enforcement or intelligence-gathering activities. That authority rests with the Justice
Department and U.S. intelligence agencies. Dean noted that the U.S. made immediate changes to some its policies after the revelations of NSA
surveillance. "Since the commission's report, PPD-28
made announcements about particular things that changed immediately, and
set in place several processes that continue now," Dean said. " We still have work to do ," he added, "but É the broader context is I
think changed" by what the White House has issued. He did not point to any specific provisions in PPD-28 to back up his claims. But Section 4 of
that document establishes -- among other things -- that the intelligence community "shall establish policies and procedures reasonably
designed to minimize the dissemination and retention of personal information." It also states generally that: "All persons should be treated
with dignity and respect, regardless of their nationality or wherever they might reside, and all persons have legitimate privacy interests in the
handling of their personal information." Nemitz signaled the European Commission
that. "People
wants a more concrete commitment than
expect to have certainty that the exemption, which is that privacy principles under Safe Harbor can be
ignored, they can be set aside, for purposes of national security,
does not become the rule ," he said in an interview after the CSIS
panel. "And on that, we need assurances that only if necessary and proportional for national security these rules can be set aside. This has to be
[made concrete]. How it is done remains to be seen," Nemitz added. He held open the possibility that this
could be done through new
U.S. legislation limiting bulk collection of company data -- something that observers say is a distant prospect. But the EU
official was unequivocal in saying that, whatever the U.S. puts forward, it
has to be able to pass muster before the European
Parliament and the general public. "One thing is clear: we need commitments and certainty in this respect, because otherwise the
basic purpose of the Safe Harbor, which is to ensure a higher level of protection of Europeans, is undermined by generalized
bulk collection, and
that's not going to stand the test before the European Parliament in particular." Safe Harbor was originally
negotiated between Commerce and the European Commission in 2000. It provides a way for firms operating in Europe to legally transfer data
on EU citizens back to the jurisdiction of the U.S., despite the commission's determination that the U.S. legal regime does not provide
"adequate" protections for consumer privacy. Over 3,000 companies participate in the program, including technology giants like Google, but
other types of firms also use the framework to be able to transfer human resources data and similar information. Since former NSA contractor
Edward Snowden leaked information about the agency's activities last year, however, the agreement has come under fire from Reding and
members of the European Parliament as providing a loophole through which U.S. authorities could gather data on EU citizens via online services
providers like Google and Skype. One other recommendation having to do with access by U.S. authorities to Safe Harbor participants'
data in the commission's report was
that companies "should include information on the extent to which U.S. law
allows public authorities to collect and process data transferred under the Safe Harbor." Reding's comments on June 6
suggest this has not been a sticking point. The other 11 recommendations put forward by the EU primarily relate to
transparency , redress , and enforcement of the Safe Harbor mechanism. Dean said in May remarks at the U.S. Chamber of
Commerce that many
of the suggestions -- especially those related to transparency -- are uncontroversial
for the U.S. (Inside
U.S. Trade, May 23). Dean reiterated his earlier point, made in May, that for other recommendations that may be difficult for the U.S.
government and industry to accept, Commerce is trying to find alternate ways to address the underlying worries of the EU. One suggestion that
has caused U.S. companies alarm would require Safe Harbor participants to "publish privacy conditions of any contracts they conclude with
subcontractors," such as those providing cloud-computing services. Industry experts have said that companies -- especially large firms with
dozens of vendors -- would likely be wary of disclosing the terms of private contracts for varying commercial reasons. Nemitz stressed that
making sure that subcontractors are not outside the scope of the Safe Harbor obligations is a critical EU demand, but seemed to signal flexibility
in terms of how this is implemented. "We have to make sure that [subcontractors] cannot be used ... to evade the Safe Harbor principles. We're
talking in that context about an obligation to make things visible, so that people can see that the basic principles are not evaded," he said. "I'm
pretty sure that everybody understands this, and we will find a solution on this."
2ac – xt: surveillance kills safe harbor
Continued NSA surveillance ruptures EU-US trust
Wright and Kreissl, 13 – American writer, holds a B.A. from Carleton College and an M.F.A from the MFA
Program for Poets & Writers; sociologist, co-editor of “Surveillance in Europe”, authored several articles
on social control, public security, and welfare state theory (David and Reinhard, “European responses to
the Snowden revelations: A discussion paper”,Increasing Resilience in Surveillance Societies, December,
2013, http://irissproject.eu/wp-content/uploads/2013/12/IRISS_European-responses-to-the-Snowdenrevelations_18-Dec-2013_Final.pdf)//TT
When people became aware of how massive the surveillance of virtually everyone had become, among
the reactions was not only outrage and fury, but also of an “enormous loss of trust”, as Elmar Brok, the
chairman of the Foreign Affairs Committee at the European Parliament, put it.36 The theme of trust was
repeated by many others. For example, German federal data protection commissioner Peter Schaar was
quoted as saying that “If we want to return to a relationship based on trust, it will require serious
effort… Officially the Americans said that they respected German law. Now we know that was not the
The breakdown of trust is often accompanied by embarrassment, but the embarrassment was not just in
Washington. The revelations also caused embarrassment in Europe. In the summer of 2013, German
Chancellor Angela Merkel defended the US, when it became known that the NSA had the whole of the
German population as a target of mass surveillance. But when Merkel discovered that the US had been
listening in on even her mobile calls, she rose to anger. However, she also found herself, somewhat
embarrassingly, having to fend off criticism within her country that she had failed to react vigorously to
the initial disclosures of extensive American eavesdropping on millions of Germans, and really became
engaged only after her own personal privacy was violated.38
Merkel demanded that Washington reach a “no-spying” agreement with Berlin and Paris by the end of
2013, even though more than 90 per cent of Germans think that the Americans would breach a nospying agreement anyway and continue their surveillance activities, according to a survey by public
broadcaster ARD and Die Welt. 39
US federal regulators have recognised that the NSA revelations have been damaging to USEurope
relations: Federal Trade Commissioner Julie Brill said (in October 2013): “There is no doubt that the
revelations about the National Security Agency’s surveillance programs have severely tested the close
friendship between the United States and many of our European colleagues.”40
US circumvention in EU-US Safe Harbor agreement undermines EU privacy regime
Wright and Kreissl, 13 – American writer, holds a B.A. from Carleton College and an M.F.A from the MFA
Program for Poets & Writers; sociologist, co-editor of “Surveillance in Europe”, authored several articles
on social control, public security, and welfare state theory (David and Reinhard, “European responses to
the Snowden revelations: A discussion paper”,Increasing Resilience in Surveillance Societies, December,
2013, http://irissproject.eu/wp-content/uploads/2013/12/IRISS_European-responses-to-the-Snowdenrevelations_18-Dec-2013_Final.pdf)//TT
The Snowden revelations have put the proposed Safe Harbor agreement in trouble – again. The Safe
Harbor agreement between the US and EU came into operation in 2000 after the EU determined that US
standards were “inadequate” in meeting the data protection principles of the EU’s Data Protection
Directive of 1995. The agreement allows US companies that want to handle or store European citizens’
data to self-certify annually with the Department of Commerce that they will abide by the standards.
The FTC is tasked with enforcing breaches of that agreement. European regulators became more vocal
in their criticism of the framework following the first Snowden revelations, pointing out that Safe Harbor
specifically provides for exemptions “to the extent necessary to meet national security, public interest
or lawenforcement requirements”. However, such exemptions are a kind of Trojan horse which allow
questionable activity not always in the public interest, even though security agencies say it is. Who is
going to challenge them if such activities are not subject to public scrutiny or effective oversight?
Some EU officials, alarmed by reports of the NSA’s access to Internet companies, say Safe Harbor gives
US companies a way to evade the EU’s more stringent privacy regime.66 European Parliament member
Jan Philipp Albrecht told US officials in October 2013 that the agreement allows U.S companies to
“circumvent” democratically established law. Albrecht said Europe “shouldn’t allow our standards to be
undermined by certain loopholes”, which he said the Safe Harbor agreement facilitates.67
German federal data protection commissioner Peter Schaar called the Safe Harbor agreement a
“fiction,” given how much technology and the flow of information have changed in the past decade and
how many new regulations Washington has drawn up since the treaty was signed. “Consequently, I do
not think it is right that we continue to facilitate the transfer of data into the USA,” Schaar said. The
agreements “must be renegotiated, and must include reasonable protections against eavesdropping by
state and secret services.”68
In addition to their critique of Safe Harbor’s lack of stringency, European regulators and others have
attacked the agreement on the grounds that it is poorly enforced. EU officials released two reports
critical of the program’s enforcement in 2002 and 2004. Australian consulting firm Galexia reported
hundreds of Safe Harbor violations in a 2008 report that criticised both the EU and the US for not taking
enforcement more seriously. Indeed, the FTC did not bring its first enforcement under Safe Harbor rules
until 2009, and its batch of seven enforcement actions that year targeted companies for falsely
advertising their Safe Harbor certification, not for any failures to protect Europeans’ data. Since then,
the FTC has brought three Safe Harbor enforcement actions against Facebook, Google and MySpace.69
Other testimony to the LIBE committee contends that “The Safe Harbor does not (and cannot) cover
major categories of data that appear to be the subject of surveillance, including financial records, travel
records, and significant portions of voice and data traffic carried by US telecommunications
In late November 2013, the European Commission released a Communication which was critical of the
Safe Harbor Agreement, but did not completely sink it.71 The Communication concludes that
Due to deficiencies in transparency and enforcement of the arrangement, specific problems still persist
and should be addressed: a) transparency of privacy policies of Safe Harbour members, b) effective
application of Privacy Principles by companies in the US, and c) effectiveness of the enforcement.
Furthermore, the large scale access by intelligence agencies to data transferred to the US by Safe
Harbour certified companies raises additional serious questions regarding the continuity of data
protection rights of Europeans when their data in transferred to the US.
2ac – safe harbor solves privacy
Safe Harbor is key to privacy protection
Greer 11 – Safe Harbor Program, US administration (Damon, “Safe Harbor—a framework that works”,
International Data Privacy Law, 5/26/11,
Critics also fail to understand the key role the Safe Harbor has played in raising awareness and
acceptance of privacy protection in the USA. At the time Safe Harbor was enacted, many such
companies in the USA were deeply sceptical that legal regulation of privacy would actually be workable
in an increasingly globalized and fast-paced business environment. As the current discussion concerning
privacy regulation in the USA demonstrates, many US companies have completely changed their
positions, and now accept the need for some regulation as a way to build consumer confidence and deal
with cases that self-regulation cannot. In addition, privacy compliance has become widely accepted
among globalized US companies as essential to protect personal data and avoid legal liability.
Discussions with the chief privacy officers of US companies and anecdotal evidence leave no doubt that
the experience of having to implement privacy protections under the Safe Harbor was crucial in leading
to greater acceptance of privacy compliance and protection among the US business community over the
past ten years. It has instilled into corporations the importance of safeguarding personal data and has
contributed to the development, growth, and adoption of strategic information business practices that
integrate the corporation’s principal divisions up to the executive level in devising comprehensive codes
of conduct to protect personal data. Examples of the commitment to apply Safe Harbor privacy
principles to corporate policies include the following observations from executives in the privacy arena:
1ar – xt: safe harbor solves privacy
Safe Harbor effectively protects privacy
Greer 11 – Safe Harbor Program, US administration (Damon, “Safe Harbor—a framework that works”,
International Data Privacy Law, 5/26/11,
The Safe Harbor Framework’s structure is founded on a self-regulatory regime based on a sector-specific
approach and linked with federal enforcement primarily based on the FTC’s section 5 authority under
the FTC Act of 1914 governing deceptive and unfair trade practices (enforcement is undertaken instead
by the US Department of Transportation in the case of Safe Harbor members who are subject to its
jurisdiction rather than that of the FTC). Organizations are under no compulsion to join Safe Harbor and
their commitment to adhere to the principles and the fifteen FAQs is voluntary. Furthermore, the FTC
has committed to give priority attention to complaints referred to it by the EU data protection
authorities’ dispute resolution panel on behalf of EU citizens. In recent years, FTC enforcement has
become increasingly involved in privacy disputes, including those involving Safe Harbor (see above), and
its enforcement power is much feared among US companies.
In the early years of Safe Harbor’s existence, few self- certifications were received from the business
community. Perhaps influenced by the lack of predictability of EU member states’ enforcement of
national data protection laws, or lack of awareness of the data privacy legal framework in the European
Union, Safe Harbor as a tool to promote compliance was underutilized. However, since then the Safe
Harbor has continually evolved, and its use is much more sophisticated than it was ten years ago.
Companies now routinely spend considerable amounts of money and time complying with the Safe
Harbor principles, so that compliance goes much farther than simply ‘checking the box’, a point with
critics of Safe Harbor fail to realize.
2ac – at: companies ignore safe harbor
Companies have incentives to adhere to Safe Harbor—economics and trust
Greer 11 – Safe Harbor Program, US administration (Damon, “Safe Harbor—a framework that works”,
International Data Privacy Law, 5/26/11,
Critics of Safe Harbor also fail to take into account the costs of complying with it, and those of failing to
comply with the law. In February 2011, the Ponemon Institute issued a study entitled ‘Cost of
Compliance: Benchmark Study of Multinational Organizations’ (the text of the study is available at
,http://www.tripwire. com/ponemon-cost-of-compliance/pressKit/
True_Cost_of_Compliance_Report.pdf . , accessed 27 April 2011; see also ,http://www.ponemon.org.).
The study examined the compliance practices of 46 multinational organizations and sought to quantify
the costs associated with both compliance and non-compliance with selected data protection and
privacy regulatory requirements (compliance with the EU Directive was covered in the study). The
findings indicated that average compliance costs were US$3.5 million, and the costs for non-compliance
with laws was nearly three times higher ($9.4 million), with a range from $1.4 million to $28 million.
The per capita compliance cost was $222 per employee, and the per capita non-compliance cost was
$820 per employee. Clearly, it is in the interest of the organization to comply with data protection laws
wherever they may be encountered.
In addition, the harm done to trust and reputation by failing to comply with data protection regimes
(as noted by UK Information Commissioner Christopher Graham in his presentation at the ‘23rd Annual
Inter- national Conference 2010 Privacy Practices on Trial’ conference in Cambridge, UK) is, in many
ways, incalculable and ultimately erodes an organization’s presence in the global marketplace and
imperils its competitiveness. Today, any organization that builds a solid compliance regime irrespective
of the legal framework under which it functions will gain a competitive edge as new technologies,
applications, and processes emerge. To do otherwise would, as the Ponemon study clearly points out,
cause the business greater, long-term harm.
2ac – safe harbor solves terror
Resolving NSA-based Safe Harbor disputes is crucial to combatting terrorism – opens
global data flows
Archick, 14 – specialist in European affairs (Kristin, Congressional Research Service, “U.S.-EU
Cooperation Against Terrorism”, 12/1/14, https://www.fas.org/sgp/crs/row/RS22030.pdf, //11)
Although the United States and the EU both recognize the importance of sharing information in an
effort to track and disrupt terrorist activity, data privacy has been and continues to be a key U.S.-EU
sticking point. As noted previously, the EU considers the privacy of personal data a basic right; EU data
privacy regulations set out common rules for public and private entities in the EU that hold or transmit
personal data, and prohibit the transfer of such data to countries where legal protections are not
deemed “adequate.” In the negotiation of several U.S.-EU information sharing agreements, some EU
officials have been concerned about whether the United States could guarantee a sufficient level of
protection for European citizens’ personal data. In particular, some Members of the European
Parliament (MEPs) and many European civil liberty groups have long argued that elements of U.S.-EU
information-sharing agreements violate the privacy rights of EU citizens.
The unauthorized disclosures since June 2013 of U.S. National Security Agency ( NSA) surveillance
programs and the spate of subsequent allegations of U.S. collection activities in Europe (including
reports that U.S. intelligence agencies have monitored EU diplomatic offices and computer networks, as
well as German Chancellor Angela Merkel’s mobile phone) have strained transatlantic trust and
exacerbated EU worries about U.S. data protection safeguards.
surv hurts trade agreements
Crushes global trade agreements – TTIP and TPP
Donohue 15 – Professor of Law, Georgetown Law and Director, Center on National
Security and the Law, Georgetown Law (Lauren, HIGH TECHNOLOGY, CONSUMER
PRIVACY, AND U.S. NATIONAL SECURITY, Symposium Articles, 4 Am. U. Bus. L. Rev. 11
p.18-20, 2015, Hein Online)//JJ
B. Trade Agreements
The NSA programs, and media coverage of them, have further impacted bi- and multi-lateral trade
negotiations , undermining U.S. economic security. Consider two of the most important talks currently
underway: the Transatlantic Trade and Investment Partnership ( TTIP ) and the Trans- Pacific Partnership
( TPP ).
TTIP is a trade and investment negotiation that is being conducted between the European Commission
and the United States. The purpose of the agreement is to create better trade relations between the
two region, enabling companies on both sides of the Atlantic to thrive. The revelations about NSA
activities have had a profound impact on the negotiations. In March 2014 the European Parliament
passed a resolution noting "the impact of mass surveillance." It stated, "the revelations based on
documents leaked by former NSA contractor Edward Snowden put political leaders under the obligation
to address the challenges of overseeing and controlling intelligence agencies in surveillance activities
and assessing the impact of their activities on fundamental rights and the rule of law in a democratic
society.'' It recognized that the programs had undermined "trust between the EU and the US as
transatlantic partners ." Not least were concerns that the information could be used for "economic and
industrial espionage"-and not merely for the purpose of heading off potentially violent threats.
Parliament strongly emphasized, "given the importance of the digital economy in the relationship and in
the cause of rebuilding EU- US trust," that its "consent to the final TTIP agreement could be endangered
as long as the blanket mass surveillance activities and the interception of communications in EU
institutions and diplomatic representations are not completely abandoned and an adequate solution is
found for the data privacy rights of EU citizens." The resolution underscored that any agreement to TTIP
would hinge on the protection of the data privacy rights as reflected in the protection of fundamental
rights in the EU Charter.
Even if the surveillance programs do not entirely derail TTIP, they have the potential to significantly
retard negotiations. Much is at stake. The Center for Economic Policy Research in London, for instance,
estimates that a successful TTIP could improve U.S. workers' wages, provide new jobs, and increase the
country's GDP by $100 billion per year. Another study, conducted by the Bertelsmann Foundation,
suggests that TTIP "could increase GDP per capita in the United States by 13 percent over the long term.
To the extent that the programs weaken the U.S. position in the negotiations, the impact could be
significant .
Although the United States Trade Representative is trying to counter the political fallout from the NSA
debacle by putting local data protection initiatives on the table in the TTIP negotiations, the EU has
steadfastly resisted any expansion into this realm. TPP, in turn, is a trade agreement that the United
States is negotiating with 11 countries in the Asia-Pacific region (Australia, Brunei Darussalam,Canada,
Chile, Japan, Malaysia, Mexico, New Zealand, Peru, Singapore, and Vietnam). TPP (with participation of
Japan), accounts for nearly 40% of global GDP, about 1/3 of world trade. Two of the United States'
objectives in these negotiations are directly implicated by the Snowden releases : e-commerce /
telecommunications, and intellectual property rights.
The NSA programs relate to a number of categories under e- commerce -such as rules preventing
discrimination based on the country of origin, and efforts to construct a single, global Internet.
Nevertheless, as discussed below, some of the countries involved in TPP have already adopted data
localization laws. The NSA programs have thus weakened the United States' negotiation position in
these discussions, by making it more difficult to reach agreement in key areas.
In addition to e-commerce considerations, as part of the TPP negotiations, the United States has
prioritized intellectual property rights. Some 40 million American jobs are directly or indirectly tied to
"IP- intensive" industries. These jobs tend to be high-paying and stimulate approximately 60% of U.S.
merchandise exports, as well as a significant portion of services. Efforts to make progress in TPP by
developing stronger protections for patents, trademarks copyrights, and trade secrets- including
safeguards against cyber theft of trade secrets-is made more perilous by the existence of the NSA
programs .
2ac – ttip kt us-eu relations
TTIP is key to US-EU relations
Hamilton and Quinlan 15 - Director and Senior Fellow, respectively, at the Johns Hopkins University
Center for Transatlantic Relations, and co-authors of The Transatlantic Economy 2015 (Daniel and
Joseph, “More than trade, TTIP leads to confident Atlanticism”, EurActiv.com, 3/18/15,
The US-EU Transatlantic Trade and Investment Partnership (TTIP) is generating more heat than light
when it comes to most European debates, which tend to cast TTIP as yet another free trade agreement.
Yet TTIP is about more than trade. It is about creating a more strategic, dynamic and holistic US-EU
relationship that is more confident, more effective at engaging third countries and addressing regional
and global challenges, and better able to strengthen the ground rules of the international order.
To the extent that TTIP can help generate jobs, spark growth and reinvigorate the US and European
economies, it promises to renew confidence among publics and elites and ameliorate some of the
political dysfunction afflicting many Western societies. Greater confidence and economic vigor at home,
in turn, has the potential to increase the magnetic pull of Western values elsewhere, underwrites US
and EU diplomatic capacity, and enhances possibilities for strategic outreach.
TTIP can also reassure each side of the Atlantic about each other. Europeans are more likely to have
greater faith in America's security commitments if they are anchored by strong trade and investment
links . TTIP would be an important US validation of EU legitimacy, while reassuring Americans that the
EU is looking outward rather than inward.
2ac – ttip kt deter rising powers
TTIP is key to deter rising powers from challenging the global order—specifically,
China and Russia
Hamilton and Quinlan 15 - Director and Senior Fellow, respectively, at the Johns Hopkins University
Center for Transatlantic Relations, and co-authors of The Transatlantic Economy 2015 (Daniel and
Joseph, “More than trade, TTIP leads to confident Atlanticism”, EurActiv.com, 3/18/15,
Second, TTIP is important in terms of how the transatlantic partners together might best relate to rising
powers . Whether those powers choose to challenge the current international order and its rules or
promote themselves within it depends significantly on how the US and Europe engage, not only with
them but also with each other. The stronger the bonds among core democratic market economies, the
better their chances of being able to engage rising partners as responsible stakeholders in the
international system. The looser or weaker those bonds are, the greater the likelihood that rising
powers will challenge this order .
TTIP has particular meaning for US and EU relations with China . TTIP is lazily portrayed as an effort to
confront and isolate China. Yet is less about containing China than about the terms and principles
guiding China's integration and participation in the global order. China's burgeoning trade with both the
United States and Europe attests to US and EU interest in engaging China, not isolating it. Yet Beijing has
yet to embrace some basic tenets of the international rules-based order. TTIP, TPP and related initiatives
are important instruments to help frame Beijing's choices -- by underscoring China's own interests in an
open, stable international system as well as the types of norms and standards necessary for such a
system to be sustained.
TTIP is also important with regard to US and EU relations with Russia and Eurasia . TTIP is a valuesbased, rules-based initiative that is likely to strengthen Western economic and social cohesion ,
reinforce US commitment to Europe , strengthen transatlantic energy ties , and contribute to greater
attractiveness of the Western model . TTIP would also bolster the resilience of central and east
European economies, stimulate US investment and enable such countries to more easily resist Russian
encroachment . These changes are likely to resonate across Wider Europe, especially Ukraine, Moldova,
Georgia and even Belarus.
This is anathema to the current leadership in the Kremlin. TTIP presents a huge challenge to the
Kremlin's efforts to divide Europeans from Americans. It offers something that the Kremlin cannot
match: a transparent, mutually beneficial agreement that creates a rules-based framework for
international cooperation . A reinvigorated transatlantic marketplace among highly-connected, highlycompetitive democracies, whose people enjoy greater economic growth and rising standards of living,
would challenge the Kremlin's version of ''managed democracy'' and render Russia’s own onedimensional natural-resource-based economic model unattractive. Greater US-EU energy cooperation
would blunt Russia's monopolistic approach to European energy markets. And if such benefits extended
to non-EU neighbors, particularly Ukraine, Russians themselves are likely to ask why their own country
can't be better run.
2ac – ttip kt international order
TTIP is key to sustain the international rules-based order
Hamilton and Quinlan 15 - Director and Senior Fellow, respectively, at the Johns Hopkins University
Center for Transatlantic Relations, and co-authors of The Transatlantic Economy 2015 (Daniel and
Joseph, “More than trade, TTIP leads to confident Atlanticism”, EurActiv.com, 3/18/15,
Third, TTIP can help strengthen the international rules-based order. Europeans and Americans share an
interest in extending prosperity through multilateral trade liberalization. But the Doha Round is stuck
and the WTO system is under challenge. EU and US officials are using TTIP to unblock the WTO Doha
negotiations, jumpstart multilateral negotiations, and extend the multilateral system it to new areas.
TTIP could result in clearer, transparent rules of origin that could facilitate global trade and serve as a
common public good. It could pioneer new ways to ensure high standards for consumers, workers,
companies and the environment while sustaining the benefits of an open global economy. Without
TTIP, Americans and Europeans could become standard-takers rather than standard-makers.
2ac – eu-us rels impact filter
A strong US-European alliance serves as a global stabilizing power
NSS, 15 – National Security Strategy (White House, “National Security Strategy”, February 2015,
https://www.whitehouse.gov/sites/default/files/docs/2015_national_security_strategy.pdf, //11)
Strengthen Our Enduring Alliance with Europe
The United States maintains a profound commitment to a Europe that is free, whole, and at peace. A
strong Europe is our indispensable partner, including for tackling global security challenges ,
promoting prosperity , and upholding international norms . Our work with Europe leverages our strong
and historic bilateral relationships throughout the continent. We will steadfastly support the aspirations
of countries in the Balkans and Eastern Europe toward European and Euro-Atlantic integration, continue
to transform our relationship with Turkey, and enhance ties with countries in the Caucasus while
encouraging resolution of regional conflict.
NATO is the strongest alliance the world has ever known and is the hub of an expanding global security
network. Our Article 5 commitment to the collective defense of all NATO Members is ironclad, as is our
commitment to ensuring the Alliance remains ready and capable for crisis response and cooperative
security. We will continue to deepen our relationship with the European Union (EU), which has helped
to promote peace and prosperity across the region, and deepen NATO-EU ties to enhance transatlantic
security. To build on the millions of jobs supported by transatlantic trade, we support a pro-growth
agenda in Europe to strengthen and broaden the region’s recovery, and we seek an ambitious T-TIP to
boost exports, support jobs, and raise global standards for trade.
Russia’s aggression in Ukraine makes clear that European security and the international rules and norms
against territorial aggression cannot be taken for granted. In response, we have led an international
effort to support the Ukrainian people as they choose their own future and develop their democracy
and economy. We are reassuring our allies by backing our security commitments and increasing
responsiveness through training and exercises, as well as a dynamic presence in Central and Eastern
Europe to deter further Russian aggression. This will include working with Europe to improve its energy
security in both the short and long term. We will support partners such as Georgia, Moldova, and
Ukraine so they can better work alongside the United States and NATO, as well as provide for their own
And we will continue to impose significant costs on Russia through sanctions and other means while
countering Moscow’s deceptive propaganda with the unvarnished truth. We will deter Russian
aggression , remain alert to its strategic capabilities, and help our allies and partners resist Russian
coercion over the long term, if necessary. At the same time, we will keep the door open to greater
collaboration with Russia in areas of common interests, should it choose a different path—a path of
peaceful cooperation that respects the sovereignty and democratic development of neighboring states.
2ac – at: safe harbor bad
Safe Harbor is good to go – their authors have a flawed understanding of the program
FPF, 13 – Future of Privacy Forum (“The US-EU Safe Harbor: An Analysis of the Framework’s
Effectiveness in Protecting Personal Privacy”, December 2013, http://www.futureofprivacy.org/wpcontent/uploads/FPF-Safe-Harbor-Report.pdf, //11)
As this report will show, these criticisms of the Safe Harbor program are largely unfounded .40 While
the Safe Harbor program surely could be strengthened, as is the case with nearly every privacy regime, a
close look at the experience that companies have had with the Safe Harbor reveals that the program has
been largely successful in achieving its stated twin goals of protecting privacy while promoting
international data transfer.41 The success of the Safe Harbor can be seen in three distinct areas. First,
the program has grown significantly since its inception, underlying the importance of trans-Atlantic data
flows. Second, US companies have increased privacy protections for individuals by making modifications
to their privacy practices in order to comply with the Safe Harbor’s requirements. Third, there are
strong enforcement mechanisms in place – in the form of both the FTC and third-party dispute
resolution providers – to ensure that when individuals complain that a Safe Harbor participant is failing
to live up to its obligations, such complaints are satisfactorily addressed.
Many critics have unfairly attacked the Safe Harbor based on a misunderstanding of the program and
its goals, and many of the recent criticisms reflect a misunderstanding of the relationship between the
program and the NSA’s surveillance practices. In fact, suspending the Safe Harbor’s protections would
negatively impact both the personal privacy of EU citizens and international trade. The Future of Privacy
Forum (FPF) therefore suggests that rather than dismantling the Safe Harbor, the US and EU make
specific reforms to the program to increase transparency and enhance efforts on both sides of the
Atlantic to police compliance.
Cybersecurity Advantage
1ac – cybersecurity
Cyber attacks on the horizon- threaten international escalation
Heyward 5/20, cyberterror analyst and contributor at BreitBart, (John,
Many experts reckon the first cyberwar is already well under way. It’s not exactly a “cold war,” as the
previous generation understood the term, because serious damage valued in millions of dollars has been
done, and there’s nothing masked about the hostile intent of state-sponsored hackers. What has been
masked is the sponsorship.
Every strike has been plausibly deniable, including whitehat operations such as the nasty little Stuxnet
bug Iran’s nuclear weapons program contracted a few years back. Cyberwar aggressors like Russia and
China officially claim to be interested in peace and security.
The cyberwar could get much hotter soon, in the estimation of former CIA counter-intelligence director
Barry Royden, a 40-year intel veteran, who told Business Insider the threat of cyberterrorism is
pervasive, evasive, and so damned invasive that, sooner or later, someone will give into temptation, pull
the trigger, and unleash chaos.
Effective security against a massive attack by militarized hackers is “extremely difficult – in fact, it’s
impossible,” according to Royden. “Everyone is connected to everyone, and as long as you’re connected
you’re vulnerable. And there are firewalls, but every firewall is potentially defeatable, so it’s a nightmare
in my mind. You have to think that other governments have the capability to bring down the main
computer systems in this country, power grids, hospitals, or banking systems – things that could cause
great economic upheaval and paralyze the country.”
There are, in fact, excellent reasons to believe hostile governments have the capability Royden
describes. Even top-level systems at the State Department and White House have been penetrated by
hackers, in what appear to be exploratory operations. North Korea, a relatively small cyberwar player,
did a horrific amount of damage to Sony Pictures, possibly with the help of insiders. We don’t know how
many “insiders” there are. Not only is hacker warfare fought on an entirely new battleground, but it
adds new dimensions to old-school espionage.
Some non-governmental hacking incidents could be a result of military hacking units polishing their
skills. Last week, Penn State University announced it was hit by “two sophisticated hacking attacks, one
of which cyber-security experts say originated in China,” according to NBC News. The personal
information of some 18,000 students and university employees was jeopardized. The university had to
disconnect its systems completely from the Internet to deal with the threat.
Unplugging from the Internet won’t be an option if systems across the nation, including vital
infrastructure systems, are hit simultaneously by a massive attack.
Penn State University President Eric J. Barron put the problem in perspective by vowing to “take
additional steps to protect ourselves, our identities and our information from a new global wave of
cybercrime and cyberespionage.”
The extent of the risk to our nation’s physical infrastructure was highlighted when security researcher
Chris Roberts was removed from a United Airlines plane last month, because he was passing his time on
the tarmac tweeting about the plane’s security vulnerabilities.
Popular Science notes that the Government Accountability Office recently published a report
“highlighting the potential dangers posed by hackers using commercial airlines’ onboard wireless
communications networks, including Wi-Fi, as a possible attack vector.”
Roberts previously claimed to have hacked the International Space Station and taken control of its
thermostat, and he thought he might have a shot at hacking the Mars rover.
Economic infrastructure is equally at risk. The Federal Reserve Bank of St. Louis confirmed on Tuesday
that its systems were breached by hackers, “redirecting users of its online research services to fake
websites set up by the attackers,” as reported by the New York Times.
Cyberterrorism is the most likely impact – will have catastrophic ramifications
Bucci 09 - Dr. Steven P. Bucci is IBM's Issue Lead for Cyber Security Programs and a part of the Global
Leadership Initiative, the in-house think tank for IBM's public-sector practice. He most recently served as
Deputy Assistant Secretary of Defense, Homeland Defense and Defense Support to Civil Authorities.
(Steven, “The Confluence of Cyber Crime and Terrorism”, The Heritage Foundation, June 12, 2009,
Terrorists will recognize the opportunity the cyber world offers sooner or later. They will also recognize
that they need help to properly exploit it. It is unlikely they will have the patience to develop their own
completely independent capabilities. At the same time, the highly developed, highly capable cyber
criminal networks want money and care little about the source.
This is a marriage made in Hell. The threat of a full nation-state attack, either cyber or cyber-enabled
kinetic, is our most dangerous threat. We pray deterrence will continue to hold, and we should take all
measures to shore up that deterrence.
Terrorists will never be deterred in this way. They will continue to seek ways to successfully harm us,
and they will join hands with criminal elements to do so. A terrorist attack enabled by cyber crime
capabilities will now be an eighth group of cyber threats, and it will be the most likely major event we
will need to confront.
Some would say that cyber crime is a purely law enforcement issue, with no national security
component. That is a dubious "truth" today. This is not a static situation, and it will definitely be more
dangerously false in the future. Unless we get cyber crime under control, it will mutate into a very real,
very dangerous national security issue with potentially catastrophic ramifications . It would be far
better to address it now rather than in the midst of a terrorist incident or campaign of incidents against
one of our countries.
Terrorism enabled by cyber criminals is our most likely major cyber threat. It must be met with all our
Our evidence is backed by experts
Carney 14 – Jordain Carney is a defense reporter at National Journal. She previously worked as a staff
writer for the Hotline, covering congressional and gubernatorial elections in the South. Jordain
graduated from the University of Arkansas with a bachelor’s degree in English, political science, and
journalism. (Jordain, “Defense Leaders Say Cyber is Top Terror Threat”, National Journal, January 6,
2014, http://www.nationaljournal.com/defense/defense-leaders-say-cyber-is-top-terror-threat20140106//DM)
Defense officials see cyberattacks as the greatest threat to U.S. national security, according to a
survey released Monday.
Forty-five percent of respondents to the Defense News Leadership Poll named a cyberattack as the
single greatest threat—nearly 20 percentage points above terrorism, which ranked second.
The Defense News Leadership Poll, underwritten by United Technologies, surveyed 352 Defense News
subscribers, based on job seniority, between Nov. 14 and Nov. 28, 2013. The poll targeted senior
employees within the White House, Pentagon, Congress, and the defense industry.
"The magnitude of the cyber problem, combined with declining budgets, will challenge the nation for
years to come," said Vago Muradian, the editor of Defense News.
It's not the first time cyber has ranked at or near the top of a list of security concerns. Seventy percent
of Americans called a cyberattack from another country a major threat in a Pew Research Center survey
released last month.
Defense Department officials, for their part, have warned about the increasing threat. FBI Director
James Comey, Rand Beers, the then-acting secretary for the Homeland Security Department, and Gen.
Keith Alexander, director of the National Security Agency, each voiced their concerns before Congress
last year.
And House Intelligence Committee Chairman Mike Rogers, R-Mich., called it the "largest national
security threat to the face the U.S. that we are not even close to being prepared to handle as a country."
NSA overreach makes cyber-security impossible – 2 internal links
First is overreach – NSA surveillance of American companies undercuts cybersecurity –
creates vulnerabilities
Kehl 14 - Danielle Kehl is a Policy Analyst at New America’s Open Technology Institute (OTI) (Danielle, “Surveillance Costs: The NSA’s Impact
on the Economy, Internet Freedom & Cybersecurity”, New America’s Open Technology Institute,
In addition to influencing standards-setting bodies, the NSA also goes straight to American and
international tech companies to ensure that it can exploit vulnerabilities in their products. The NSA
spends $250 million a year—more than 20 times what it spends on the much-discussed PRISM
program—on a project to develop relationships with companies in order to weaken standards and
convince them to insert backdoors into their products. According to documents released by ProPublica,
the NSA’s SIGINT Enabling Project “actively engages the US and foreign IT industries to covertly influence
and/or overtly leverage their commercial products’ designs. These design changes make the systems in
question exploitable through SIGINT collection.”262 The Fiscal Year 2013 budget documents indicate
that the goals of the project include inserting vulnerabilities into commercial encryption systems, IT
networks, and communications devices as well as making it easier to exploit next generation encryption
used for 4G wireless networks. The documents reference “continued partnerships with major
telecommunications carriers to shape the global network to benefit other collection accesses” and other
relationships with commercial IT providers.263 One of the goals for that year is to “shape the worldwide
commercial cryptography marketplace to make it more tractable to advanced cryptanalytic capabilities
being developed by NSA/CSS [Central Security Service].”264 Programs like SIGINT Enabling are a central
piece of the NSA’s covert strategy to weaken commercial encryption, demonstrating how the agency
switched from a public approach for a government mandate in the 1990s to developing a set of private
partnerships with the tech industry over the past two decades. “Basically, the NSA asks companies to
subtly change their products in undetectable ways: making the random number generator less random,
leaking the key somehow, adding a common exponent to a public-key exchange protocol, and so on,”
explains Bruce Schneier. “If the back door is discovered, it’s explained away as a mistake. And as we now
know, the NSA has enjoyed enormous success from this program.”265
Beyond SIGINT Enabling, the NSA appears to have other programs aimed at leveraging private sector
relationships to insert and maintain vulnerabilities in commercial products as well. According to The
Guardian, the NSA’s Commercial Solutions center—the program which offers technology companies an
opportunity to have their security products assessed and presented to prospective government
buyers266—is also quietly used by the NSA to “leverage sensitive, co-operative relationships with
specific industry partners” to insert vulnerabilities into those security tools.267 Similarly, a general
classification guide details the relationships between industry partners and the NSA, as well as the
agency’s ability to modify commercial encryption software and devices to “make them exploitable” and
obtain otherwise proprietary information about the nature of company’s cryptographic systems.268
Even before SIGINT Enabling was disclosed, The Guardian reported that the NSA worked with Microsoft
directly to circumvent the encryption on popular services including Skype, Outlook, and SkyDrive,269
although Microsoft denies those allegations.270 New information has also come to light about
backdoors planted in foreign-bound network routers from companies like Cisco, apparently without the
knowledge of the companies that sell them.271 Cisco CEO John Chambers also spoke out after the May
2014 revelations that the NSA had inserted backdoors into network routers, writing a letter to the
Obama Administration asking it to curtail the NSA’s surveillance activities and institute reforms that rein
in its seemingly-unchecked power.272 In a blog post, Cisco’s Senior Vice President Mark Chandler wrote,
“We comply with US laws… we ought to be able to count on the government to then not interfere with
the lawful delivery of our products in the form in which we have manufactured them. To do otherwise,
and to violate legitimate privacy rights of individuals and institutions around the world, undermines
confidence in our industry.”273
The existence of these programs, in addition to undermining confidence in the Internet industry, creates
real security concerns. The SIGINT Enabling budget request suggests that the secrecy of the endeavor
acts as a safeguard against any security concerns about the manufactured vulnerabilities, including an
assurance that “to the consumer and other adversaries, however, the systems’ security remains
intact.”274 This assertion relies on the false assumption that if the program is not made public, then
others will never discover or exploit those vulnerabilities—and that the program’s benefits outweigh the
cost.275 Stephanie Pell, a non-resident fellow at the Center for Internet and Society at Stanford Law
School and a former prosecutor at the Department of Justice, explains in a recent paper that “building in
back door access…inevitably produces security vulnerabilities” because such back doors “create
additional ‘attack surfaces.’”276 And as security researcher Dr. Susan Landau noted in testimony to
Congress, “building wiretapping [capabilities] into communications infrastructure creates serious risk
that the communications system will be subverted either by trusted insiders or skilled outsiders,
including foreign governments, hackers, identity thieves and perpetrators of economic espionage.277
Furthermore, creating a back door in an encrypted communications service requires access to the
unencrypted data, which means that “if and when security flaws in the system are discovered and
exploited, the worst case scenario will be unauthorized access to users’ communications… [W]hen
compromised, an encrypted communications system with a lawful interception back door is far more
likely to result in the catastrophic loss of communications confidentiality than a system that never has
access to the unencrypted communications of its users.”278
The fact that only the NSA was supposed to know about these backdoors does not alleviate the
concerns. Matthew Green, a cryptography researcher at Johns Hopkins University, warned in The New
York Times that “the risk is that when you build a back door into systems, you’re not the only one to
exploit it,” since anyone else who discovers the weakness, including U.S. adversaries, can exploit it as
well.279 These risks are not theoretical; there are numerous examples where technologies intended to
facilitate lawful intercepts of communications have created additional vulnerabilities and security holes
that have been exploited by unauthorized actors.280 As the white paper from the Institute of Electrical
and Electronics Engineers concludes, “While the debate over how we should value both privacy and
security is important, it misses a critical point: The United States might have compromised both security
and privacy in a failed attempt to improve security.”281
That’s a threat magnifier – makes it easier for cyberterrorists to attack
Zhang 14 - Shu is pursuing her graduate degree at the Medill School of Journalism at Northwestern
University, specializing in business reporting and video journalism. Currently, she is a health care and
pharmaceutical industry reporter at Medill News Service in Chicago. (Shu, “Tech companies hurt by NSA
surveillance take actions to improve internet security”, Medill National Security Zone,
WASHINGTON — This month a four-month investigation by The Washington Post reported that nine out
of 10 people targeted by the National Security Agency’s surveillance program were normal Internet
users, most of whom were American citizens. While there seems to be no doubt how the NSA’s spying
into our daily lives violated the Fourth Amendment against unreasonable search and seizure, its harm to
cyber security and U.S.-based technology companies hasn’t been well recognized by the public because
of the issue’s complexity.
How does the NSA, whose mission is to protect American people and the government, create a more
dangerous domestic and international internet environment through surveillance? Earlier this month
experts gave the answer in a panel discussion titled “National Insecurity Agency: How the NSA’s
Surveillance Programs Undermine Internet Security” at the New America Foundation in Washington,
“The issue is that they are deliberately weakening the security of everyone else in the world in order to
make that spying easier,” said Bruce Schneier, a cryptology expert and author who contributed to The
Guardian’s coverage on former NSA contractor Edward Snowden’s leaks.
Instead of targeting specific “bad guys,” Schneier argued, the NSA was creating a more vulnerable cyber
network that exposed both the agency’s enemies and harmless regular people to greater outside
threats. While it was easier for the NSA to attack whoever it wanted, Internet terrorists could also do
the same thing to anyone else.
“That’s exactly what the NSA has become: the best hacker in the entire world,” said Joe Hall, chief
technologist at the Center for Democracy and Technology.
One way the NSA can make it easier for bad guys is by requiring U.S. tech companies to insert backdoors
into their commercial products so that the agency could hack in whenever it identified any targets.
However, the backdoors inevitably weaken the security of those products, leading to unpredictable
“Put a backdoor in,” Schneier said, “three years from now, criminals are using it.”
In addition, when the NSA found the weakness of a software or system, experts said, the agency
wouldn’t alert companies to fix the problem. Instead, the NSA would keep the secret to itself for
potential future actions.
Second is US-Chinese cooperation – NSA overreach makes cyber-surveillance
cooperation with China impossible
Donohue 15 – Professor of Law, Georgetown Law and Director, Center on National
Security and the Law, Georgetown Law (Lauren, HIGH TECHNOLOGY, CONSUMER
PRIVACY, AND U.S. NATIONAL SECURITY, Symposium Articles, 4 Am. U. Bus. L. Rev. 11
p.35-36, 2015, Hein Online)//JJ
Online warfare between China and the United States simmered in the background, until in early 2013
the Obama Administration began to make it center stage. In January 2013, the New York Times reported
that Chinese hackers had infiltrated its computers following a threat that if the paper insisted on
publishing a story about its prime minister, consequences would follow.17 The following month, a
security firm, Mandiant, revealed that the Chinese military unit 61398 had stolen data from U.S.
companies and agencies.118 In March 2013 President Obama's National Security Advisor publicly urged
China to reduce its surveillance efforts -after which classified documents leaked to the public
demonstrated the extent to which China had infiltrated U.S. government servers. Two months later, the
National Security Advisor flew to China to lay the groundwork for a summit, in which cyber surveillance
would prove center stage. Two days before the Obama-Xi meeting was scheduled to take place, The
Guardian ran the first story on the NSA programs. On June 7, when Obama raised the question of
Chinese espionage, Xi responded by quoting The Guardian and suggesting that the U.S. should not be
lecturing the Chinese about surveillance . Although differences may mark the two countries'
approaches (e.g., in one case for economic advantage, in the other for political or security advantage),
the broader translation for the global community has been one in which the United States has lost the
high ground to try to restrict cyber-surveillance.
A final point is worth noting in this context. To the extent that non-U.S. companies are picking up
customers and business overseas, the United States' ability to conduct surveillance may be further
harmed-thus going directly to the country's national security interests. In other words, it may be in the
country's best interests to keep traffic routed through U.S. companies, which would allow the national
security infrastructure, with appropriate legal process, to access the information in question. The
apparent overreach of the NSA , however, may end up driving much of the traffic elsewhere, making it
harder for the United States to obtain the information needed to protect the country against foreign
Loss of US cyber credibility strikes at the core of US- China technological collaborations
Li 13 – Director, John L. Thornton China Center, Senior Fellow, Foreign Policy (Cheng, “NSA Revelations
Have Irreparably Hurt U.S. Corporations in China”, Brookings, 12/12/13,
After the Sunnylands summit, the Chinese government turned to official media to launch a public campaign
against U.S. technology firms operating in China through its “de-Cisco” (qu Sike hua) movement. By targeting Cisco, the
U.S. networking company that had helped many local Chinese governments develop and improve their IT infrastructures beginning in the mid1990s, the
Chinese government struck at the very core of U.S.-China technological and economic
collaboration. The movement began with the publication of an issue of China Economic Weekly titled “He’s Watching
You” that singled out eight U.S. firms as “guardian warriors” who had infiltrated the Chinese market: Apple, Cisco,
Google, IBM, Intel, Microsoft, Oracle and Qualcomm. Cisco, however, was designated as the “most horrible” of these warriors because of its
pervasive reach into China’s financial and governmental sectors. For
these U.S. technology firms, China is a vital source of
business that represents a fast-growing slice of the global technology market. After the Chinese official media began
disparaging the “guardian warriors” in June, the sales of those companies have fallen precipitously. With the
release of its third quarter earnings in November, Cisco reported that orders from China fell 18 percent from the same period a
year earlier and projected that overall revenue would fall 8 to 10 percent as a result, according to Reuters. IBM reported
that its revenue from the Chinese market fell 22 percent, which resulted in a 4 percent drop in overall profit.
Similarly, Microsoft has said that China had become its weakest market. However, smaller U.S. technology firms working in China have not seen
the same slowdown in business. Juniper Networks, a networking rival to Cisco, and EMC Corp, a storage system maker, both saw increased
business in the third quarter. As the Chinese continue to shun the “guardian warriors,” they may turn to similar but smaller U.S. firms until
domestic Chinese firms are ready to assume their role. In the meantime, trying to completely “de-Cisco” would be too costly for China, as
Cisco’s network infrastructure has become too deeply embedded around the country.
Chinese cyber technology is going rogue - increase in cyber espionage and breaching of
intellectual property rights of American firms
Li 13 – Director, John L. Thornton China Center, Senior Fellow, Foreign Policy (Cheng, “NSA Revelations
Have Irreparably Hurt U.S. Corporations in China”, Brookings, 12/12/13,
Chinese technology firms have greatly benefited in the aftermath of the Snowden revelations. For example,
the share price of China National Software has increased 250 percent since June. In addition, the Chinese government continues
to push for faster development of its technology industry, in which it has invested since the early 1990s, by funding the
development of supercomputers and satellite navigation systems. Still, China’s current investment in cyber security cannot compare with that
of the United States. The U.S. government spends $6.5 billion annually on cyber security, whereas China spends $400 million, according to
NetentSec CEO Yuan Shengang. But that will not be the case for long. The
Chinese government’s investment in both cyber
espionage and cyber security will continue to increase, and that investment will overwhelmingly benefit Chinese technology
corporations. China’s reliance on the eight American “guardian warrior” corporations will diminish as its
domestic firms develop commensurate capabilities. Bolstering China’s cyber capabilities may emerge as
one of the goals of China’s National Security Committee, which was formed after the Third Plenary Meeting of the 18th
Party Congress in November. Modeled on the U.S. National Security Council and led by President Xi Jinping, the committee was established to
centralize coordination and quicken response time, although it is not yet clear how much of its efforts will be focused domestically or
internationally. The Third Plenum also brought further reform and opening of China’s economy, including encouraging more competition in the
private sector. The Chinese leadership continues to solicit foreign investment, as evidenced by in the newly established Shanghai Free Trade
Zone. However, there
is no doubt that investments by foreign technology companies are less welcome than
investments from other sectors because of the Snowden revelations. As 2013 comes to a close, it is now well documented
and well-known that both the United States and China engage in extensive espionage efforts for national
security interests. But China’s espionage efforts are different in one key respect: China conducts surveillance on U.S.
commercial entities, while the United States focuses on government targets. Although the U.S. government
classifies its surveillance and does not share business secrets with U.S. companies, Chinese spies readily hand over proprietary
information from U.S. firms to Chinese firms, breaching intellectual property rights and stealing the fruits
of research and development on which American companies have spent billions of dollars. To address these
concerns, the United States must clearly indicate that its primary concern is China’s commercial cyber espionage, and that its goal is to protect
future U.S. innovation. This is a goal to which both the U.S. and her allies can commit. By working to forge an agreement with China on the
enforcement of intellectual property rights protections, the U.S. will finally be able to move out of the shadow of Edward Snowden. Even then,
U.S. technology companies must prepare for their new reality—a greatly reduced share of the Chinese market wherein the enforcement of IPR
will only soften their downfall.
Chinese cyberattack is likely - will shut down US power grids and critical infrastructure
Lenzner 14 - Robert Lenzner is National Editor of Forbes magazine. He joined Forbes as a Senior Editor in
September 1992.Mr. Lenzner has a B.A. (cum laude) from Harvard University and an M.B.A. from
Columbia University. (Robert, “Chinese Cyber Attack Could Shut Down U.S. Electric Power Grid”, Forbes,
November 28, 2014, http://www.forbes.com/sites/robertlenzner/2014/11/28/chinese-cyber-attackcould-shut-down-u-s-electric-power-grid//DM)
Welcome to the increasingly dangerous world of cyber-warfare. The latest nightmare; a western
intelligence agency of unknown origin (according to the Financial Times of London) is infecting the
internet service providers and sovereign telecoms operations of Russia, Saudi Arabia, Iran, Mexico and
Ireland. To what end is not known, though the cyber security company Symantec calls the malware
extremely sophisticated.
Then, there are the criminal elements, who have been hacking into the credit card details of JP Morgan
Chase (76 million customers’ names), and retailers like Home Depot, Target and EBay. Or the attempts
going on by ne’er-do-well nations to break down the control of energy plants and factories, at times by
criminal elements that act like stalking horses for sovereign nations up to no good.
I wrote about this phenomenon a decade ago for Forbes magazine (“The Next Threat”) and raised the
problem of private industry, especially public utilities, needing to invest major capital into establishing
cyber defenses against the very real possibility that our enemies could break into the internet
connections of urban public utilities and cause chaos and massive economic injury by closing down the
public’s access to electricity. Threats existed as well against the operations of infrastructure projects like
dams, gas pipelines and transportation systems.
A DOD research facility in New Mexico plainly showed me how the nation’s public utility system could be
penetrated and closed down via their internet connection. Apparently, we have made little or no
progress in the past decade of defending our artificial light and energy.
It appears that our enemies (read competitors) have made exceedingly greater progress in their
sophisticated cyber-warfare techniques than we have achieved in defending ourselves. Now comes
Admiral Michael Rogers, the head of the National Security Agency and the U.S. Cyber Command, who
warned last week that China and perhaps two other unnamed nations had “the ability to launch a
cyber attack that could shut down the entire U.S. power grid and other critical infrastructure.”
Such a dire possibility should well have gotten a wider prominent play in the media. Yet Admiral Rogers
underscored that software detected in China could seriously damage our nation’s economic future by
interfering with the electric utility power companies that the citizens of New York, Dallas, Chicago,
Detroit and other urban centers require as the basic life blood of survival. This possibility is a great deal
more dangerous than stealing 76 million names from JP Morgan Chase.
This not a Sci-Fi fantasy being perpetrated as a hoax on the American public. The NSA head flatly
predicted that “it is only a matter of the when, not the if, that we are going to see something
traumatic.” He admitted NSA was watching multiple nations invest in this dangerous capability. He
called the danger a “coming trend,” where our vulnerability will be equivalent to a hole in our software
systems that are unseen by the multinational company, the public utility, the telecom giant, the defense
manufacturer, the Department of Defense.
NATO took the threat seriously enough to organize mock cyber-wargame trials in Estonia several days
ago that indicated the western nations are aware of the need to fight on a new battlefield where the
enemy cannot be seen physically. It was the largest digital warfare exercise ever attempted, a trial run
to test dealing with a new non-military threat to global security.
Consider the financial damage to our nation from an attack that could shut down the power systems of
major cities. As Forbes pointed out a decade ago, there was a very great need to spend the money
building firewalls around our infrastructure’s internet communications network. We are in worse shape
today, since NSA chief Rogers plainly told the congressional intelligence committee last week “the
Chinese intelligence services that conduct these attacks have little to fear because we have no practical
deterrents to that threat.”
The cyber threat is real. America had better wake up to the need to defend the cogwheels of our
economy from the electronic reconnaissance attacking our industrial control systems. Public opinion
needs to be aroused by the media and security officials into a threat that no one can see as it is invisible.
It is not Soviet missiles we fear, but inroads by nation states and criminal elements fronting for them.
Our cyber command capabilities are as crucial as our Special Forces in beating back ISIS and other
Islamic terrorists.
Grid attacks take out command and control ---causes retaliation and nuclear war
Tilford 12 [Robert, Graduate US Army Airborne School, Ft. Benning, Georgia, “Cyber attackers could shut
down the electric grid for the entire east coast” 2012, http://www.examiner.com/article/cyberattackers-could-easily-shut-down-the-electric-grid-for-the-entire-east-coa] //khirn
To make matters worse a cyber attack that can take out a civilian power grid, for example could also cripple
the U.S. military. The senator notes that is that the same power grids that supply cities and towns, stores and gas stations, cell towers and
heart monitors also power “every military base in our country.” “Although bases would be prepared to weather a short power outage with
backup diesel generators, within hours, not days, fuel supplies would run out”, he said. Which means military
command and control centers could go dark . Radar systems that detect air threats to our country would
shut Down completely . “Communication between commanders and their troops would also go silent.
And many weapons systems would be left without either fuel or electric power”, said Senator Grassley. “So in
a few short hours or days, the mightiest military in the world would be left scrambling to maintain base
functions”, he said. We contacted the Pentagon and officials confirmed the threat of a cyber attack is something very real. Top national
security officials—including the Chairman of the Joint Chiefs, the Director of the National Security Agency, the Secretary of Defense,
and the CIA Director— have said, “preventing a cyber attack and improving the nation’s electric grids is
among the most urgent priorities of our country” (source: Congressional Record). So how serious is the Pentagon taking all
this? Enough to start, or end a war over it, for sure (see video: Pentagon declares war on cyber attacks
http://www.youtube.com/watch?v=_kVQrp_D0kY&feature=relmfu ). A
cyber attack today against the US could very well
be seen as an “Act of War” and could be met with a “full scale” US military response. That could include the use
of “nuclear weapons ”, if authorized by the President.
2ac – xt: china i/l
NSA revelations have irreparably hurt the credibility of Obama’s Chinese cybersecurity
Li 13 – Director, John L. Thornton China Center, Senior Fellow, Foreign Policy (Cheng, “NSA Revelations
Have Irreparably Hurt U.S. Corporations in China”, Brookings, 12/12/13,
Lawfare readers have followed and discussed the Snowden revelations with a mixture of dread and excitement. Our focus, understandably, is
on the impact of the leaks on the intelligence community and on U.S. national security policy. The seemingly endless disclosures and associated
news stories, along with the many declassified documents from the ODNI, have sparked discussions on technological change, government
accountability and oversight, FISA reform, and other important issues. For
many Americans, however, the bigger problem is the
leaks’ impact on the U.S. economy and on American businesses—many of whom do business overseas.
European allies may eventually shrug off their frustrations with the NSA, but my Brookings colleagues Cheng Li and Ryan McElveen argue that
China is far less likely to do so. The revelations are leading to a policy shift that may hinder U.S. technology firms in China for years or even
decades. Cheng Li is director of research and a senior fellow at the John L. Thornton China Center in the Foreign Policy program at Brookings,
and is a director of the National Committee on U.S.-China Relations. Ryan McElveen is a research assistant at the Thornton Center. NSA
Revelations Have Irreparably Hurt U.S. Corporations in China U.S.
technology firms conducting business in China are used to
being swayed by geopolitical winds, but they will never fully recover from the irreparable damage left by
the devastating NSA revelations of 2013. After such a turbulent year, it is useful to review what happened and determine how to
move forward. As the first summit meeting between Chinese President Xi Jinping and U.S. President Barack Obama
approached in June at the Sunnylands estate in California, the Obama administration made every indication that cyber
security would take top billing on the agenda. This was a hard-won break from the past for U.S. corporations. After years of trying
to elevate the issue of commercial cyber espionage in the public consciousness, the business community was finally given a golden opportunity
to push for change as events evolved in its favor in early 2013. In February, U.S.
cyber security firm Mandiant released a
report revealing that the Chinese government had infiltrated almost 150 major U.S. corporations and
agencies over the past seven years. The report narrowed the origin of these extensive online attacks to a People’s Liberation Army (PLA)
operations center in the Pudong area of Shanghai. In May, another report emerged from the Defense Science Board revealing that China had
secured access to detailed designs of Pentagon military weaponry and aircraft. As
these events unfolded, President Obama’s then
National Security Advisor Tom Donilon began urging China to curtail these activities and pushing for China to address them
at the June Presidential summit. At the same time, though, NSA contractor Edward Snowden was encouraging newspapers
to publish accounts of NSA espionage. For the Obama administration, Snowden’s timing could not have been
worse. The first story about the NSA appeared in The Guardian on June 5. When Obama and Xi met in
California two days later, the United States had lost all credibility on the cyber security issue. Instead of
providing Obama with the perfect opportunity to confront China about its years of intellectual property
theft from U.S. firms, the Sunnylands meeting forced Obama to resort to a defensive posture. Reflecting on how
the tables had turned, the media reported that President Xi chose to stay off-site at a nearby Hyatt hotel out of fear of eavesdropping.
2ac – xt: overreach i/l
The NSA internet surveillance undermines internet security
Kehl 14 - Danielle Kehl is a Policy Analyst at New America’s Open Technology Institute (OTI) (Danielle, “Surveillance Costs: The NSA’s Impact
on the Economy, Internet Freedom & Cybersecurity”, New America’s Open Technology Institute,
We have previously focused on the economic and political repercussions of the NSA disclosures both in
the United States and abroad. In this section, we consider the impact on the Internet itself and the ways
in which the NSA has both weakened overall trust in the network and directly harmed the security of the
Certainly, the actions of the NSA have created a serious trust and credibility problem for the United
States and its Internet industry. “All of this denying and lying results in us not trusting anything the NSA
says, anything the president says about the NSA, or anything companies say about their involvement
with the NSA,” wrote security expert Bruce Schneier in September 2013.225 However, beyond
undermining faith in American government and business, a variety of the NSA’s efforts have
undermined trust in the security of the Internet itself. When Internet users transmit or store their
information using the Internet, they believe—at least to a certain degree—that the information will be
protected from unwanted third-party access. Indeed, the continued growth of the Internet as both an
economic engine and an as avenue for private communication and free expression relies on that trust.
Yet, as the scope of the NSA’s surveillance dragnet and its negative impact on cybersecurity comes into
greater focus, that trust in the Internet is eroding.226 Trust is essential for a healthy functioning society.
As economist Joseph Stiglitz explains, “Trust is what makes contracts, plans and everyday transactions
possible; it facilitates the democratic process, from voting to law creation, and is necessary for social
stability.”227 Individuals rely on online systems and services for a growing number of sensitive activities,
including online banking and social services, and they must be able to trust that the data they are
transmitting is safe. In particular, trust and authentication are essential components of the protocols
and standards engineers develop to create a safer and more secure Internet, including encryption.228
The NSA’s work to undermine the tools and standards that help ensure cybersecurity—especially its
work to thwart encryption—also undermines trust in the safety of the overall network. Moreover, it
reduces trust in the United States itself, which many now perceive as a nation that exploits
vulnerabilities in the interest of its own security.220 This loss of trust can have a chilling effect on the
behavior of Internet users worldwide.230 Unfortunately, as we detail below, the growing loss of trust in
the security of Internet as a result of the latest disclosures is largely warranted. Based on the news
stories of the past year, it appears that the Internet is far less secure than people thought—a direct
result of the NSA’s actions. These actions can be traced to a core contradiction in NSA’s two key
missions: information assurance—protecting America’s and Americans’ sensitive data—and signals
intelligence—spying on telephone and electronic communications for foreign intelligence purposes.
In the Internet era, these two missions of the NSA are in obvious tension. The widespread adoption of
encryption technology to secure Internet communications is considered one of the largest threats to the
NSA’s ability to carry out the goals of its signals intelligence mission. As the National Journal explained,
“strong Internet security actually makes the NSA’s job harder.”231 In the 1990s, the NSA lost the public
policy battle to mandate that U.S. technology companies adopt a technology called the “Clipper Chip”
that would give the government the ability to decrypt private communications,232 and since then
strong encryption technology has become a bedrock technology when it comes to the security of the
Internet. The NSA lost that early battle against encryption, sometimes called the “Crypto War,”233 not
only due to vocal opposition from privacy and civil liberties stakeholders, but also because the private
sector convinced policymakers that subverting the security of American communications technology
products would undermine the U.S. technology industry and the growth of the Internet economy as a
whole.234 However, as an explosive New York Times story first revealed in September 2013, the NSA
has apparently continued to fight the “Crypto War” in secret, clandestinely inserting backdoors into
secure products and working to weaken key encryption standards.235 “For the past decade, N.S.A. has
led an aggressive, multipronged effort to break widely used Internet encryption technologies,” said a
2010 memo from the Government Communications Headquarters (GCHQ), the NSA’s British
counterpart. “Cryptanalytic capabilities are now coming online. Vast amounts of encrypted Internet data
which have up till now been discarded are now exploitable.”236
Given the amount of information the NSA is collecting, it is not surprising that the agency would also
take aggressive steps to improve its ability to read that information. According to the “black budget”
released by The Washington Post in August 2013, 21 percent of the intelligence budget (roughly $11
billion) goes toward the Consolidated Cryptologic Program, with a staff of 35,000 in the NSA and the
armed forces’ surveillance and code breaking units.237 “The resources devoted to signals intercepts are
extraordinary,” wrote Barton Gellman and Greg Miller.238 However, the agency has employed a variety
of methods to achieve this goal far beyond simple code-breaking—methods that directly undermine U.S.
cybersecurity, not just against the NSA, but also against foreign governments, organized crime, and
other malicious actors. In this section, we consider four different ways that the NSA has damaged
cybersecurity in pursuit of its signals intelligence goals: (1) by deliberately engineering weaknesses into
widely-used encryption standards; (2) by inserting surveillance backdoors in widely-used software and
hardware products; (3) by stockpiling information about security vulnerabilities for its own use rather
than disclosing those vulnerabilities so that they can be remedied; and (4) by engaging in a wide variety
of offensive hacking techniques to compromise the integrity of computer systems and networks around
the world, including impersonating the web sites of major American companies like Facebook and
NSA hacking and impersonation of American companies magnifies cybersecurity risks
Kehl 14 - Danielle Kehl is a Policy Analyst at New America’s Open Technology Institute (OTI) (Danielle, “Surveillance Costs: The NSA’s Impact
on the Economy, Internet Freedom & Cybersecurity”, New America’s Open Technology Institute,
Relying on weakened encryption standards, surveillance backdoors created with or without company
knowledge and assistance, and its massive catalogue of security vulnerabilities, the NSA engages in a
wide variety of offensive hacking through which it has built a massive network of compromised
computers systems and networks around the world. Much of this is done through an elite group known
as the Tailored Access Operations (TAO) unit, which Der Spiegel likened to “a squad of plumbers that
can be called in when normal access to a target is blocked.”304 TAO employees specialize in Computer
Network Exploitation to “subvert endpoint devices” such as computers, routers, phones, servers, and
SCADA systems. They have developed a range of sophisticated tools to help them effectuate network
intrusions that are undetectable by anti-virus software and are otherwise nearly impossible to find.305
As Schneier puts it, “TAO has a menu of exploits it can serve up against your computer… and a variety of
tricks to get them on to your computer... These are hacker tools designed by hackers with an essentially
unlimited budget.”306
One tactic for quietly scooping up vast amounts of data is to target the infrastructure around networks
and network providers, including the undersea fiber optic cables that carry global Internet traffic from
one continent to another. Leaked documents reveal that in February 2013 the NSA successfully hacked
the SEA-ME-WE-4 cable system, which originates in France and connects Europe to the Middle East and
North Africa.307 Reports also suggest that the NSA has hacked fiber optic links connecting Google and
Facebook data centers located outside of the United States.308 For access to messages that are
encrypted, the NSA maintains an internal database through its Key Provisioning Service which has
encryption keys for a wide array of commercial products. A separate unit within the agency, the Key
Recovery Service, exists for the purpose of trying to obtain keys that are not already a part of the NSA’s
database. According to The New York Times, “How keys are acquired is shrouded in secrecy, but
independent cryptographers say many are probably collected by hacking into companies’ computer
servers, where they are stored.”309
The NSA has also been working on ways to track and access the communications of users of anonymity
tools such as Tor. According to The Guardian, the NSA “has made repeated attempts to develop attacks
against people using Tor,” including targeting the Firefox web browser used with Tor and tracking signals
entering and leaving the Tor network to try to de-anonymize its users.310 Originally a project of the U.S.
Naval Research Laboratory, Tor is a service that attempts to protect user identities by routing traffic
through a network of virtual tunnels. According to the project website, “Tor helps to reduce the risks of
both simple and sophisticated traffic analysis by distributing your transactions over several places on the
Internet, so no single point can link you to your destination.”311 One de-anonymization technique the
NSA has tried against Tor is “based on a long-discussed theoretical weakness of the network: that if one
agency controlled a large number of the ‘exits’ from the Tor network, they could identify a large amount
of the traffic passing through it”—although it remains unclear how many Tor nodes the NSA actually
operates and whether the tracking was successfully implemented.312 A different program called
EgotisticalGiraffe exploits a vulnerability in the Firefox browser to perform a ‘man-in-the-middle’ attack
on Tor users.313 Still other projects attempt to identify users by measuring the timing of messages
going in and out of the network and by deliberately trying to disrupt or degrade Tor traffic to force users
off of the service. As The Guardian points out, attempts by the NSA to undermine the Tor network are
particularly interesting given the fact that Tor is largely funded by other parts of the U.S. government,
including the State Department’s Internet Freedom program, as part of an effort to protect free
expression online.314
One of the crown jewels of the NSA’s offensive capabilities is the “QUANTUMTHEORY” toolbox, which
the agency deploys to insert malware on to target computers through a variety of tactics.315 According
to Der Spiegel, an internal NSA presentation about QUANTUM capabilities lists a wide range of popular
American companies as targets, including Facebook, Google, Yahoo, LinkedIn, and YouTube. The agency
has used the program to spy on high-ranking members of the Organization of the Petroleum Exporting
Countries (OPEC), while its British counterpart GCHQ relied on the capabilities to attack computers of
Belgacom, a telecommunications company partly owned by the Belgian government.316 One
QUANTUM tactic is to insert malware by impersonating these companies and redirecting traffic to the
NSA’s own servers to obtain access to sensitive information or insert malware.317 The NSA and GCHQ
have masqueraded as both LinkedIn and Facebook on various occasions, and have reportedly attempted
to spoof Google as well.318 The reaction to this news from major American tech companies has been
swift, public, and decisively critical of the U.S. government. Facebook CEO Mark Zuckerberg publicly
blasted the Obama administration in March for the breach of trust as well as personally calling the
President to voice his concerns.319 “The US government should be the champion for the internet, not a
threat,” Zuckerberg wrote in a post on his Facebook page, expressing his frustration about the slow
speed of the reform process.320
Using capabilities like those in its QUANTUM toolbox to insert malware and the TURBINE system for
command and control of that malware, the NSA has exploited innumerable computers and networks
across the globe. Each computer or network that is infected enables the infection of even more
computers and networks—with NSA’s ultimate goal being the insertion of millions of software implants
across the Internet.321
Taken together, the NSA activities described in this section—the undermining of encryption, the
insertion of backdoors, the stockpiling of vulnerabilities, and the building of a massive malware network
that relies on the impersonation of American companies—represent a fundamental threat not just to
the U.S. Internet economy but to cybersecurity itself. Yet, like the other costs discussed in this paper,
they are often ignored when discussing the NSA’s surveillance programs, in favor of a simplistic debate
over security versus liberty.
We literally cannot afford to continue ignoring these costs.
encryption i/l
Weakening encryption for surveillance undermines cybersecurity
Haydock 15 – Writer for War on the Rocks (Walter, “COUNTERTERRORISM, BACKDOORS, AND THE RISK
OF “GOING DARK”, War on the Rocks, 6/25/15, http://warontherocks.com/2015/06/counterterrorismbackdoors-and-the-risk-of-going-dark/2/)//GK
The terrorist threat to the United States is evolving rapidly, especially in terms of the methods by which extremists
communicate. Counterterrorism analysts and operators face a variety of technical challenges to their efforts. In
Oct. 2014, Federal Bureau of Investigation (FBI) Director James Comey warned of the growing risk of “going dark,”
whereby intelligence and law enforcement agencies “have the legal authority to intercept and access
communications and information pursuant to court order,” but “lack the technical ability to do so.” European Police Chief
Rob Wainwright has warned that terrorists are using secure communications in their operations more frequently, a technique the Islamic State
of Iraq and the Levant (ISIL) is apparently pioneering. The emergence of secure messaging applications with nearly unbreakable end-to-end
encryption capabilities such as surespot, Wickr, Telegram, Threema, and kik highlights how rapid technological change presents a powerful
challenge to security and counterterrorism agencies. Responding
to such developments, the FBI has lobbied Congress
to legislate the mandatory creation of “backdoors” in commercially available communications via an update
to the Communications Assistance for Law Enforcement Act. The Director of the National Security Agency (NSA), Adm. Michael Rogers,
suggested creating overt “front doors” to allow the U.S. government access to certain devices and software. This scheme would split between
agencies the “key” necessary to decode encrypted information. British Prime Minister David Cameron, went as far as to recommend legislation
outlawing end-to-end encryption in the United Kingdom unless the government had assured access to the data “in extremis.” President Barack
Obama declared that the absence of such backdoors is “a problem” and described the ability to lawfully intercept all forms of communication
as a “capability that we have to preserve.” Such proposed steps are misguided and ill-advised. Creating backdoors in
communications technology is not the answer. First and foremost, in an era where state, terrorist, and criminal
actors constantly strive toward — and succeed in — penetrating American commercial and government
networks, legislating holes in encryption is dangerous. U.S. government networks themselves are clearly insecure, as the
recently identified electronic intrusion into Office of Personnel Management records, as well as historical breaches of Department of Defense
systems, indicates. ISIL has even successfully hacked American military social media accounts. Unidentified criminals stole the personal
information of more than 100 million Target customers in a breach that the company discovered in 2013. Requiring
companies to weaken their encryption would provide hostile cyber actors additional vectors by which to
harass, rob, and spy on American citizens.
Encryption good
Encryption restores trust in U.S. markets
Clarke et al, 13 – former National Coordinator for Security, Infrastructure Protection, and Counterterrorism for the United States (Richard A. Clarke, Michael J. Morell, Geoffrey R. Stone, Cass R. Sunstein,
Peter Swire, Review Group on Intelligence and Technologies, “LIBERTY AND SECURITY IN A CHANGING
WORLD”, 12/3/13, https://www.whitehouse.gov/sites/default/files/docs/2013-1212_rg_final_report.pdf, //11)
We recommend that, regarding encryption, the US Government
(1) fully support and not undermine efforts to create encryption
(2) not in any way subvert, undermine, weaken, or make
vulnerable generally available commercial software; and
(3) increase the use of encryption and urge US companies to do so,
in order to better protect data in transit, at rest, in the cloud, and
in other storage.
Encryption is an essential basis for trust on the Internet ; without such trust, valuable communications
would not be possible. For the entire system to work, encryption software itself must be trustworthy.
Users of encryption must be confident, and justifiably confident, that only those people they designate
can decrypt their data.
The use of reliable encryption software to safeguard data is critical to many sectors and organizations,
including financial services, medicine and health care, research and development, and other critical
infrastructures in the United States and around the world. Encryption allows users of information
technology systems to trust that their data, including their financial transactions, will not be altered or
stolen. Encryption-related software, including pervasive examples such as Secure Sockets Layer (SSL)
and Public Key Infrastructure (PKI), is essential to online commerce and user authentication. It is part of
the underpinning of current communications networks. Indeed, in light of the massive increase in cybercrime and intellectual property theft on-line, the use of encryption should be greatly expanded to
protect not only data in transit, but also data at rest on networks, in storage, and in the cloud.
Encryption must become a norm – public pressure key
Timm 6/2 - co-founder and the executive director of the Freedom of the Press Foundation (Trevor
Timm, “Congress passes USA Freedom Act, the NSA 'reform' bill. What does it mean for your privacy?”
Boing Boing, 6/2/2015, http://boingboing.net/2015/06/02/congress-passes-usa-freedom-ac.html)//MBB
Encryption is now a legitimate bulwark against mass surveillance by any government. Open-source and
free software projects are both getting easier to use for ordinary users and are proliferating in numbers.
Once collaborators with the NSA, big tech companies have also taken a far more adversarial position
since their secret capitulations were exposed. These companies have at least partially responded to
demand from citizens to protect their communications with encryption that can prevent intelligence
agencies from spying on innocent people.
While companies like Apple have made great strides by encrypting iPhones by default, a lot more needs
to be done to make sure end-to-end encryption—whether we are emailing, texting, or calling each
other—becomes the norm in 21st century society. Continued pressure from the public will get us there.
Edward Snowden’s leaks have also opened the door to more court challenges. For years the government
was able to hide behind procedural maneuvers, like invoking standing or the state secrets privilege, to
prevent judges from ruling on the constitutionality of the programs. As the Second Circuit’s landmark
opinion ruling NSA mass surveillance of Americans illegal, this tactic is slowly crumbling. While it remains
an uphill climb for anyone to challenge the government’s actions, whistleblowers like Snowden and
others are breaking down that wall.
We hope that all of these actions--in Congress, in the courts, and from the public—-will continue to
become stronger and bring permanent reform in the months and years to come.
Encryption backdoors violate Human Rights – UN Report confirms
Peters 5/28 – Senior Editor at Dark Reading (Sara Peters, “UN Report Warns Encryption Backdoors
Violate Human Rights”, Dark Reading, 5/28/2015, http://www.darkreading.com/endpoint/privacy/unreport-warns-encryption-backdoors-violate-human-rights/d/d-id/1320611)
Report says States should be promoting strong encryption and anonymity tools, not restricting them.
Encryption is essential to protecting a variety of human rights, and nation-states should avoid all
measures to weaken it, according to a report released today by the United Nations Human Rights
The document, written by UN Special Rapporteur David Kaye, was based upon questionnaire responses
submitted by 16 States, opinions submitted by 30 non-government stakeholders, and statements made
at a meeting of experts in Geneva in March.
According to the report, encryption and anonymity tools (like VPNs, proxies, and onion routing) are both
necessary to ensuring individuals' privacy, freedom of opinion, freedom of expression, and freedom to
seek, receive, and impart information and ideas. All of these rights are protected under and described by
the UN's International Covenant on Civil and Political Rights, to which 168 states are party, and the UN
Universal Declaration on Human Rights.
Yet, law enforcement and intelligence agencies in a variety of countries, including the United States, are
trying to institute restrictions on encryption, arguing that it jeopardizes their efforts to protect national
security and bring criminals to justice.
[Although law enforcement is asking for "indulgence on the subject of encryption," cloud providers,
mobile device manufacturers, and lawmakers aren't ready to oblige. See "Law Enforcement Finding Few
Allies on Encryption."]
According to the UN's report, "States should avoid all measures that weaken the security that individuals
may enjoy online, such as backdoors, weak encryption standards and key escrows."
It even goes so far as to suggest "States should promote strong encryption and anonymity" [emphasis
Some of the reasons it's so important:
The report points out that while freedom of expression gets plenty of attention, greater attention must
be paid to freedom of ideas, because "the mechanics of holding opinions have evolved in the digital age
and exposed individuals to significant vulnerabilities."
Whereas ideas might once have just been stored in one's mind or jotted down in a bedside diary or
private letters, now ideas are scattered around places like browser histories, e-mail archives, and
mandatory surveys on web registration pages. Ideas thus become concrete, instead of abstract, which
changes the scope of surveillance, criminalization, harassment, and defamation that can happen in
relation to opinions.
Encryption and anonymity technology could help individuals protect their rights; and by proxy, help the
nations that are obligated to help them protect those rights. The International Covenant on Civil and
Political Rights not only protects individuals against "arbitrary or unlawful interference with his or her
privacy ... or correspondence" and "unlawful attacks on his or her honour and reputation," it also states
that “everyone has the right to the protection of the law against such interference or attacks.”
"Such protection must include the right to a remedy for a violation," the report states. "In order for the
right to a remedy to be meaningful, individuals must be given notice of any compromise of their privacy
through, for instance, weakened encryption or compelled disclosure of user data."
The report also points out that some countries base their censorship efforts on keyword searches, and
that encryption enables individuals to avoid that kind of filtering.
"The trend lines regarding security and privacy online are deeply worrying," the report says. "States
often fail to provide public justification to support restrictions. Encrypted and anonymous
communications may frustrate law enforcement and counter-terrorism officials, and they complicate
surveillance, but State authorities have not generally identified situations — even in general terms,
given the potential need for confidentiality — where a restriction has been necessary to achieve a
legitimate goal. States downplay the value of traditional non-digital tools in law enforcement and
counter-terrorism efforts, including transnational cooperation ...
"Efforts to restrict encryption and anonymity also tend to be quick reactions to terrorism, even when
the attackers themselves are not alleged to have used encryption or anonymity to plan or carry out an
The UN Human Rights Council, in the report, advises against any restrictions on encryption and
anonymity technologies, but acknowledges that if restrictions must happen, they meet several
Any restriction must be "precise, public, transparent and avoid providing State authorities with
unbounded discretion to apply the limitation." Limitations must only be justified to protect specified
interests. States must prove any restriction is "necessary" to achieve and legitimate objective, and
release that restriction as soon as that objective is complete. By "necessary," the report means that the
restriction must be the least intrusive measure available and proportional to the severity of the
NSA surveillance undermines encryption and builds backdoors into software
Granick 13 - Director of Civil Liberties at the Stanford Center for Internet and Society (Jennifer Granick,
“We All Go Down Together: NSA Programs Overseas Violate Americans’ Privacy, Yet Escape FISC,
Congressional Oversight”, Just Security, 10/17/2013, http://justsecurity.org/2125/together-nsaprograms-overseas-violate-americans-privacy-escape-fisc-congressional-oversight/)
We have also learned that the NSA subverts encryption standards, collaborates with technology
companies in the United States and abroad to build backdoors into their products, and coerces
businesses into handing over their master encryption keys. These practices impact the privacy of
average people by making the systems we rely on for the transmission and storage of sensitive data less
secure. Both the NSA and thieves can defeat weak encryption standards and find hidden backdoors.
Turning over encryption keys gives the NSA technical access to all the services’ customers’
These practices by themselves they do not fit the FISA definition of electronic surveillance, though the
acquisition of content or installation of surveillance devices enabled by these techniques may. There’s
no sign that Congress or the FISA court approved the NSA’s NIST caper or its successful negotiations to
ensure or install backdoors in commercial products. No law that requires Internet companies to grant
such access or empowers the government to demand it. In 1994, Congress adopted the Communications
Assistance for Law Enforcement Act (“CALEA”). CALEA was intended to preserve but not expand law
enforcement wiretapping capabilities by requiring telephone companies to design their networks to
ensure a certain basic level of government access. The Federal Bureau of Investigation pushed its
powers under CALEA, however, and the law was expanded in 2005 by the Federal Communications
Commission to include broadband Internet access and “interconnected” VoIP services which rout calls
over the traditional telephone network. Pure Internet services, however, are not subject to CALEA. The
FBI will seek to change that, but for now, nothing in CALEA prohibits these companies from building
robustly secure products that will protect their customers’ data from attacks.
Yet, the Guardian reported that some companies have built or maintained backdoors allowing
government access to their services, and specifically identified Microsoft and its VoIP service, Skype. To
the extent Skype’s VoIP service operates peer-to-peer independent of the traditional phone network, it
is not subject to CALEA obligations. Yet, Microsoft said, in response to the Guardian report, “when we
upgrade or update products legal obligations may in some circumstances require that we maintain the
ability to provide information in response to a law enforcement or national security request.” It’s
unclear what those “legal obligations” might be, though some have pointed to the general obligation of
electronic communications service providers to “provide the Government with all information, facilities,
or assistance necessary to accomplish the acquisition” under section 702 of the FISA Amendments Act.
Is the government is using that rather generic provision of law to force creation or maintenance of
technological vulnerabilities in communications networks? If so, Congress ought to know, and so should
the public which relies on these facilities for secure communications.
The difference between content and metadata is key to cybersecurity
Tene, 14 - Associate Professor at the College of Management School of Law (Omar,2014, “A NEW
HARM MATRIX FOR CYBERSECURITY SURVEILLANCE”, http://ctlj.colorado.edu/wpcontent/uploads/2014/11/Tene-website-final.pdf)//gg
Moreover, cybersecurity threats in particular can be embedded into all layers of a communication,
regardless of the distinction between content and metadata. This means that protecting computers,
networks and infrastructure against cyber risks requires monitoring not only of metadata but also of
contents. Hence, with respect to the United States Computer Emergency Readiness Team’s (US-CERT)
Einstein Program, an intrusion detection system that monitors the network gateways of government
agencies for cybersecurity risks, Dempsey writes that: “[t]he distinction between content and noncontent is largely irrelevant to the Einstein debate, because Einstein undoubtedly captures and
examines content, using a technique called deep-packet inspection.”128 This is corroborated by the
Department of Homeland Security’s privacy impact assessment for Einstein 3, which states that:
DHS Office of Cybersecurity and Communications [CS&C] relies on signatures based on specific
indicators that are known or suspected to be associated with malicious activity. While indicators will
often be based on network traffic metadata, such as IP addresses, they may potentially be designed to
match against any packet data, including the payload (the network traffic data). As such, E³A prevention
capabilities may include deep packet inspection by ISPs.129
Paul Rosenzweig supports this approach, stating that “it would be an extremely poor rule that permitted
screening of only non-content information for malware, as that would simply draw a map for malfeasant
actors about how to avoid the intrusion detection systems.”130
The Review Group recognized the weakness of the existing model, stating that “In a world of ever more
complex technology, it is increasingly unclear whether the distinction between ‘meta-data’ and other
information carries much weight.”131 It recommended that “the government should commission a
study of the legal and policy options for assessing the distinction between metadata and other types of
The foregoing discussion supports a shift away from the traditional content-metadata dichotomy
towards a framework that assesses privacy risk based on the purpose of monitoring . Different rules and
procedures should apply to monitoring activities depending if they involve collection of evidence,
intelligence gathering or cybersecurity defense. Where monitoring is restricted to cybersecurity
defense, content can be conceptualized as a container for metadata, since its analysis is not intended to
discern the “substance, purport, or meaning” of a communication. Rather it is meant to identify
anomalies and signatures, including malware, viruses, Trojans, rootkits and phishing attacks (which are
themselves non-content) that may be embedded in the content layer.133 Hence, a machine would be
reviewing the content of communication but only in search of suspicious metadata.134 This monitoring
could be analogized to a search performed by analysts who are non-English speakers, who can identify
signatures of cybersecurity risks but are unable to comprehend the contents of the English-based
communications that they sift through. Such analysts would technically be privy to the content of the
communication but impervious to its “substance, purport and meaning.” Clearly, they would be
impotent if the purpose of the monitoring were the production of evidence or gathering of intelligence.
Such a purpose would require application of different rules.
Advocating for a rule based on the purpose of monitoring should not be confused with support for a rule
shifting privacy protections from the data collection to the data use stage. Over the past few years,
several commentators have argued that privacy law should recalibrate to impose use, as opposed to
collection-limitations.135 This essay does not advocate wholesale data collection. On the contrary, it
cautions against data retention and calls for analysis of data on the fly or upon very short periods (e.g.,
milliseconds) of storage.136
Purpose-based rules for monitoring communications content and metadata can be based on two
existing Supreme Court doctrines: the special needs doctrine and the contraband-specific doctrine.
Cyber attacks on the horizon- threaten international escalation
Heyward 5/20, cyberterror analyst and contributor at BreitBart, (John,
Many experts reckon the first cyberwar is already well under way. It’s not exactly a “cold war,” as the
previous generation understood the term, because serious damage valued in millions of dollars has been
done, and there’s nothing masked about the hostile intent of state-sponsored hackers. What has been
masked is the sponsorship.
Every strike has been plausibly deniable, including whitehat operations such as the nasty little Stuxnet
bug Iran’s nuclear weapons program contracted a few years back. Cyberwar aggressors like Russia and
China officially claim to be interested in peace and security.
The cyberwar could get much hotter soon, in the estimation of former CIA counter-intelligence director
Barry Royden, a 40-year intel veteran, who told Business Insider the threat of cyberterrorism is
pervasive, evasive, and so damned invasive that, sooner or later, someone will give into temptation, pull
the trigger, and unleash chaos.
Effective security against a massive attack by militarized hackers is “extremely difficult – in fact, it’s
impossible,” according to Royden. “Everyone is connected to everyone, and as long as you’re connected
you’re vulnerable. And there are firewalls, but every firewall is potentially defeatable, so it’s a nightmare
in my mind. You have to think that other governments have the capability to bring down the main
computer systems in this country, power grids, hospitals, or banking systems – things that could cause
great economic upheaval and paralyze the country.”
There are, in fact, excellent reasons to believe hostile governments have the capability Royden
describes. Even top-level systems at the State Department and White House have been penetrated by
hackers, in what appear to be exploratory operations. North Korea, a relatively small cyberwar player,
did a horrific amount of damage to Sony Pictures, possibly with the help of insiders. We don’t know how
many “insiders” there are. Not only is hacker warfare fought on an entirely new battleground, but it
adds new dimensions to old-school espionage.
Some non-governmental hacking incidents could be a result of military hacking units polishing their
skills. Last week, Penn State University announced it was hit by “two sophisticated hacking attacks, one
of which cyber-security experts say originated in China,” according to NBC News. The personal
information of some 18,000 students and university employees was jeopardized. The university had to
disconnect its systems completely from the Internet to deal with the threat.
Unplugging from the Internet won’t be an option if systems across the nation, including vital
infrastructure systems, are hit simultaneously by a massive attack.
Penn State University President Eric J. Barron put the problem in perspective by vowing to “take
additional steps to protect ourselves, our identities and our information from a new global wave of
cybercrime and cyberespionage.”
The extent of the risk to our nation’s physical infrastructure was highlighted when security researcher
Chris Roberts was removed from a United Airlines plane last month, because he was passing his time on
the tarmac tweeting about the plane’s security vulnerabilities.
Popular Science notes that the Government Accountability Office recently published a report
“highlighting the potential dangers posed by hackers using commercial airlines’ onboard wireless
communications networks, including Wi-Fi, as a possible attack vector.”
Roberts previously claimed to have hacked the International Space Station and taken control of its
thermostat, and he thought he might have a shot at hacking the Mars rover.
Economic infrastructure is equally at risk. The Federal Reserve Bank of St. Louis confirmed on Tuesday
that its systems were breached by hackers, “redirecting users of its online research services to fake
websites set up by the attackers,” as reported by the New York Times.
US government officials becoming aware of cyber terror threats but no progress being
made- threats will escalate in the short term
Fortyno 5/20, political analyst and contributor at Progress Illinois, (Ellyn, Leon Panetta
Warns Of Cyberattack Threat, Blasts Congressional Gridlock At Chicago Discussion,
In a wide-ranging discussion at the Chicago Council on Global Affairs Thursday evening, former U.S.
Defense Secretary and past CIA Director Leon Panetta reiterated his concern over the threat of potential
cyberattacks against the United States. Such attacks, he said, could do serious damage to technology
that runs everything from the nation's transportation system to its power grid.
"We're now seeing viruses that can literally destroy computers," Panetta told a crowd of approximately
800 people at the event, held at the Fairmont Chicago Millennium Park.
Panetta's greatest fear is that this type of destructive technology "moves into the hands of terrorists,
who then don't have to come to this country to blow us up. They can basically use that kind of
technology to cripple our country."
Cyberterrorism was one of many topics covered at the talk, moderator by Ivo Daalder, president of the
Chicago Council on Global Affairs and former U.S. Permanent Representative to the North Atlantic
Treaty Organization.
Asked about the Iran nuclear talks, Panetta started by saying, "Look, I don't trust the Iranians,"
explaining that "they've been engaged in promoting terrorism throughout the world."
"Add to that the fact that they have developed a nuclear enrichment capability ... with 19,000
centrifuges for God's sake, and they tried to hide it from the world," he said.
That being said, negotiations over Iran's nuclear program are "obviously ... worth the effort," Panetta
"If they can get the kind of inspection regime put in place that really makes it clear you can go in and go
where you want to make sure that they're not doing any high enrichment and you can enforce that, that
would give me some comfort in whatever deal is cut," he said.
As far as Russian President Valdimir Putin's actions in eastern Ukraine, Panetta said he approves of
President Barack Obama's move to impose sanctions on Russia.
"I think it's very important to be very tough with Putin at this point," Panetta said, adding that he
doesn't understand the "hesitancy" in giving military arms to Ukraine.
"You're providing a lot of stuff now, you might as well provide arms as well to try to give them half a
chance at being able to be successful," he said.
At the top of the discussion, Panetta detailed the May 2011 raid that killed Osama bin Laden. That
operation, which Panetta oversaw as the then-CIA director, sent "a message to the world that nobody
attacks our country and gets away with it," he stressed.
A good portion of the talk, however, involved Panetta expressing frustration over what he sees as a
different kind of national security threat -- congressional gridlock.
Panetta said America will ultimately "pay a price" for the political stalemate in Washington, D.C.
"What I'm concerned about today is that because there's this conflict [in Congress] ... because all the
rules of the game seem to be thrown out the window, that there's this kind of sense of giving up," he
stressed. "And so major issues that are facing this country, there's a sense we're not going to deal with
"Right now we're fighting ISIS," Panetta noted, refering to the terrorist group. "We've got men and
women in uniform out there putting their lives on the line and the damn Congress can't agree as to what
war authority we ought to have. So the likelihood is they're probably not going to do anything ... Too
often they do nothing, and we're going to pay a price for this."
Panetta, a Democrat, served in the U.S. House from 1977 to 1993, representing California's 16th
congressional district. After that, Panetta was the director of the Office of Management and Budget
before becoming President Bill Clinton's chief of staff from 1994 to 1997.
Out of the many jobs he's had, Panetta said he enjoyed serving in Congress the most.
"As far as the mission of getting something done like the Bin Laden mission, being director of the CIA,
obviously is tremendously satisfying as well," he said. "But I have to tell you, being a member of
Congress at a time when ... both sides were working together to get something done, that was great."
After the program, Panetta signed copies of his recent book, "Worthy Fights: A Memoir of Leadership in
War and Peace."
NSA circumvents encryption protocols
Schneier, 15, fellow at the Berkman Center for Internet and Society at Harvard Law School, a program
fellow at the New America Foundation's Open Technology Institute, a board member of the Electronic
Frontier Foundation, an Advisory Board Member of the Electronic Privacy Information Center, and the
Chief Technology Officer at Resilient Systems, Inc (Bruce, Data and Goliath: the Hidden Battles to Collect
Your Data and Control Your World, Ch. 6)//AK
We don’t know what sort of pressure the US government has put on the major Internet cloud providers
to persuade them to give them access to user data, or what secret agreements those companies may
have reached with the NSA. We do know the NSA’s BULLRUN program to subvert Internet cryptography,
and the companion GCHQ program EDGEHILL, were successful against much of the security that’s
common on the Internet. Did the NSA demand Google’s master encryption keys and force it to keep
quiet about it, as it tried with Lavabit? Did its Tailored Access Operations group break into Google’s
overseas servers and steal the keys, or intercept equipment intended for Google’s overseas data centers
and install backdoors? Those are all documented NSA tactics. In the first case, Google would be
prohibited by law from admitting it, in the second it wouldn’t want to, and in the third it would not even
know about it. In general, we know that in the years immediately after 9/11, the US government
received lots of willing cooperation from companies whose leaders believed they were being patriotic.
I believe we’re going to see more bulk access to our data by the NSA, because of the type of data it
wants. The NSA used to be able to get everything it wanted from Internet backbone companies and
broadband providers. This became less true as encryption— specifically a kind called SSL encryption—
became more common. It will become even less true as more of the Internet becomes encrypted. To
overcome this, the NSA needs to obtain bulk data from service providers, because they’re the ones with
our data in plaintext, despite any encryption in transit . And to do that it needs to subvert the security
protocols used by those sites to secure their data. Other countries are involved in similar skullduggery. It
is widely believed that the Chinese government embeds the capability to eavesdrop into all networking
equipment built and sold by its own company Huawei. And we have reason to suspect that British,
Russian, Israeli, and French Internet products have also been backdoored by their governments.
Vulnerabilities within the government internet infrastructure make governmental
cyber warfare a real possibility
Schneier, 15, fellow at the Berkman Center for Internet and Society at Harvard Law School, a program
fellow at the New America Foundation's Open Technology Institute, a board member of the Electronic
Frontier Foundation, an Advisory Board Member of the Electronic Privacy Information Center, and the
Chief Technology Officer at Resilient Systems, Inc (Bruce, Data and Goliath: the Hidden Battles to Collect
Your Data and Control Your World, Ch. 11)//AK
Vulnerabilities are mistakes. They’re errors in design or implementation—glitches in the code or
hardware—that allow unauthorized intrusion into a system. So, for example, a cybercriminal might
exploit a vulnerability to break into your computer, eavesdrop on your web connection, and steal the
password you use to log in to your bank account. A government intelligence agency might use a
vulnerability to break into the network of a foreign terrorist organization and disrupt its operations, or
to steal a foreign corporation’s intellectual property. Another government intelligence agency might
take advantage of a vulnerability to eavesdrop on political dissidents, or terrorist cells, or rival
government leaders. And a military might use a vulnerability to launch a cyberweapon. This is all
When someone discovers a vulnerability, she can use it either for defense or for offense. Defense means
alerting the vendor and getting it patched—and publishing it so the community can learn from it. Lots of
vulnerabilities are discovered by vendors themselves and patched without any fanfare. Others are
discovered by researchers and ethical hackers.
Offense involves using the vulnerability to attack others. Unpublished vulnerabilities are called “zeroday” vulnerabilities; they’re very valuable to attackers because no one is protected against them, and
they can be used worldwide with impunity. Eventually the affected software’s vendor finds out—the
timing depends on how widely the vulnerability is exploited—and issues a patch to close it.
If an offensive military cyber unit or a cyberweapons manufacturer discovers the vulnerability, it will
keep it secret for future use to build a cyberweapon. If used rarely and stealthily, the vulnerability might
remain secret for a long time. If unused, it will remain secret until someone else discovers it.
Discoverers can sell vulnerabilities. There’s a robust market in zero-days for attack purposes—both
governments and cyberweapons manufacturers that sell to governments are buyers—and black markets
where discoverers can sell to criminals. Some vendors offer bounties for vulnerabilities to spur defense
research, but the rewards are much lower. Undiscovered zero-day vulnerabilities are common. Every
piece of commercial software—your smartphone, your computer, the embedded systems that run
nuclear power plants—has hundreds if not thousands of vulnerabilities, most of them undiscovered. The
science and engineering of programming just isn’t good enough to produce flawless software, and that
isn’t going to change anytime soon. The economics of software development prioritize features and
speed to market, not security.
What all this means is that the threat of hacking isn’t going away. For the foreseeable future, it will
always be possible for a sufficiently skilled attacker to find a vulnerability in a defender’s system. This
will be true for militaries building cyberweapons, intelligence agencies trying to break into systems in
order to eavesdrop, and criminals of all kinds.
cyber impact = probable
Cyber threats are the biggest threat to national security – outweighs terrorism
Arce 15 - Contributing Writer at Tech Times. Nicole Arce is based in World Wide. (Nicole, “Cyber Attack
Bigger Threat Than ISIS, Says U.S. Spy Chief”, Tech Times, February 27, 2015,
Director of National Intelligence James R. Clapper has identified cyberattacks as the biggest threat to
the economy and national security of the United States , despite the looming threats of extremist
terrorist groups such as the Islamic State (ISIS) and the growing nuclear ambitions of countries such as
Iran, China, and North Korea.
The nation's highest intelligence official told the Senate Armed Services Committee hearing on
worldwide threats that although America is not currently at risk for a catastrophic, Armageddon-style
scenario that will cause the meltdown of major infrastructures, such as financial institutions or power
grids, Clapper said government agencies and private companies in the U.S. are already being subjected
to an increasing occurrence of low and moderate-level cyberattacks whose destructive effects
accumulate over time to negatively impact the nation's economy and national security.
"Cyber threats to U.S. national and economic security are increasing in frequency, scale, sophistication,
and severity of impact; [and] the ranges of cyber threat actors, methods of attack, targeted systems, and
victims are also expanding," Clapper said.
Particularly of concern to Clapper is the growing role of politically motivated attacks aimed at infiltrating
U.S. government and military networks. He said the cyberattacks, which come in large part from Russia,
are "more severe than we have previously assessed," but Clapper did not provide more details. Aside
from Russia, hackers backed by the governments of China, North Korea, and Iran have been found to
target government and commercial networks "on a daily basis."
"Politically motivated cyberattacks are now a growing reality, and foreign actors are reconnoitering and
developing access to U.S. critical infrastructure systems, which might be quickly exploited for disruption
if an adversary's intent became hostile," Clapper said.
2ac – xt: china cyber impact
China has surpassed the US in cyber warfare – any large scale attack will be
Copp 15 - Tara Copp is a Defense Correspondent for the Washington Examiner. She was a senior defense
analyst for the Government Accountability Office, and she previously reported on the Navy for Jane’s
Defense Weekly. One of the original embedded reporters in Iraq in 2003, Copp has also traveled in
Afghanistan and throughout the Middle East assessing DOD logistics and readiness. A Plan II graduate of
the University of Texas, Copp was editor of The Daily Texan, and earned her master’s degree from
Georgetown University in security studies. (Tara, “U.S. vulnerable to large Chinese cyberattack, experts
warn”, The Examiner, January 21, 2015,
China has surpassed the United States in conducting cyber warfare and one day may launch a largescale attack that the U.S. will be unable to respond to , some of the nation's foremost national security
experts warned Wednesday.
Unlike nuclear threats, where overwhelming U.S. stockpiles are considered a deterrent to China's
smaller numbers of warheads, no such balance exists in the cyber realm, said Zbigniew K. Brzezinski,
President Jimmy Carter's former national security adviser.
China's superior capabilities in cyber warfare create the possibility "to paralyze an opponent entirely
without killing anyone -- that is very tempting," Brzezinski said at the first Senate Armed Services
Committee hearing under new Chairman Sen. John McCain, R-Ariz.
The committee also discussed the ongoing threats presented by the Islamic State of Iraq and Syria,
instability and developing U.S. operations in Syria, potential continued aggression by Russia and the new
resurgence of violence in Yemen.
"President Obama told the nation last night that the 'shadow of crisis has passed.' That news came as
quite a surprise to anyone who's been paying attention to what's been happening around the world,"
McCain said.
Brzezinski and retired Air Force Gen. Brent Scowcroft, who served as national security adviser under
Presidents Gerald Ford and George H. W. Bush, suggested that the U.S. should pursue both pre-emptive
and reactive cyber capabilities that would form a mutually assured deterrent to hostile cyber activity.
The nation needs to develop "pre-emptive capability that matches the actions against us ... to change
the balance of power."
Sen. Joe Donnelly, D-Ind., asked the panel what the U.S. would have done if the recent cyberattack on
Sony Pictures had targeted U.S. stock exchanges instead, saying it's only a matter of time.
The lack of response is similar to "England before World War II, ignoring a threat that is right before us,"
Donnelly said. The U.S. has "never had more warnings and done less."
Scowcroft cautioned that U.S. efforts to develop a cyber defense strategy are "still at step one. We need
serious analysis" of the extent of the gaps in capabilities.
cyber impact = magnitude framing
Cybersecurity is a matter of national security – can cripple our defense systems
Blumenthal 12 – Senator. Previously, he served as Attorney General of Connecticut. (Richard,
‘Blumenthal: 'Cybersecurity Is National Security’”, Congressional Documents and Publications, proquest,
July 11, 2012//DM)
The first is, most significantly, the United States today is under attack. We are under cyber-attack. The
question is how we respond. It is our national interests that are at stake. And every day this nation
suffers attempted intrusions, attempted interference, attempted theft of our intellectual property as a
result of the ongoing attack that we need to stop and deter and answer.
National security is indistinguishable from cybersecurity. In fact, cybersecurity is a matter of national
security. Not only insofar as our defense capabilities, our actual weapons systems are potentially under
attack and interference. But also, as my colleague from Rhode Island said so well, because our critical
infrastructure, are every day at risk. Our facilities in transportation, our financial system, our utilities
that power our great cities and our rural areas, and our intellectual property, which is so valuable and
which every day is at risk - in fact, is taken from us wrongfully at great cost to our nation.
The number and sophistication of cyber-attacks has increased dramatically over the past five years and
all of the warnings - they are bipartisan warnings - say those attacks will continue and will be mounting
with increasing intensity. In fact, experts say that with enough time, enough motivation, enough
funding, a determined adversary can penetrate nearly any system that is accessible directly from the
internet. The United States today is vulnerable. And to take the Pearl Harbor analogy that our Secretary
of Defense has drawn so well, we have our ships sitting unprotected today as they were at the time of
Pearl Harbor. Our ships today are not just our vessels in the seas, but our institutions sitting in this
country and around the world. Our critical infrastructure that is equally vulnerable to sophisticated and
unsophisticated hackers. In fact, the threat ranges from the hackers in developing countries,
unsophisticated hackers, to foreign agents who want to steal our nation's secrets through terrorists who
seek ways to disrupt that critical infrastructure.
And it is not a matter simply of convenience. We're not talking here about temporary dislocations like
the loss of electricity that the Capitol area suffered recently or that our states of New England suffered
as a result of the recent storms last fall. We're talking about permanent, severe, lasting disruptions and
dislocation of our financial and our power systems that may be caused by this interference. One
international group, for example, accessed a financial company's internal computer network and stole
millions of dollars in just 24 hours. Another such criminal group accessed online commercial banking
accounts and spread malicious computer viruses that cost our financial institutions nearly $70 million.
One company that was recently the victim of an intrusion determined that it lost ten years' worth of
research and development valued at $1 billion. That is billion with a "b," virtually overnight.
These losses are not just to the shareholders of these companies. They are to all of us who live in the
United States, because the losses in many instances are losses of information to defense companies that
produce our weapons systems, losses of property that has been developed at great cost to them and to
our taxpayers. So we should all be concerned about such losses, as Sean Henry, the executive director of
the F.B.I., has said - and I'm quoting - "the cyber threat is an existential one" meaning that a major
cyber-attack could potentially wipe out whole companies. End of quote.
Those threats to our critical infrastructure, as you have heard so powerfully from my colleague from
Rhode Island, are widespread and spreading. Industrial control systems that help control our pipelines,
railroads, water treatment facilities, power plants are at an elevated risk today. Not at some point in the
future. Today. The F.B.I. warns that successful cyber-attack against an electrical grid could cause serious
damage to parts of our cities and ultimately even kill people. The Department of Homeland Security said
last year that it has received nearly 200 reports of suspected cyber incidents, more than four times the
number of incidence reported in 2010. In one incident more than 100 computers at a nuclear energy
firm were infected with a virus that could have been used to take complete control of that company's
system. These reports, these warnings go on. But in summary, the director of the F.B.I. said it best quote - "we are losing data. We are losing money. We are losing ideas and we are losing innovation."
Those threats are existential to our nation, and we must address them now. Not simply as a luxury, not
as a possibility, but as a need now.
Cyber conflict causes escalation – loss of defensive capabilities and destabilization of international
International Security Advisory Board 14 - Federal Advisory Committee established to provide the
Department of State with a continuing source of independent insight, advice and innovation on
scientific, military, diplomatic, political, and public diplomacy aspects of arms control, disarmament,
international security, and nonproliferation. (ISAB, “Report on A Framework for International Cyber
Stability”, July 2, 2014, http://www.state.gov/documents/organization/229235.pdf, p.6-8//DM)
Cyber conflict between nations exploiting any one of the three threat vectors could lead to very severe
damage to the integrity of U.S. information architectures. It could damage our ability to communicate,
operate, and control escalation, and our ability to preempt attacks. Cyber conflict that integrates
measures across all three vectors could have a cascading impact that seriously disrupts and damages
U.S. operational and commercial capacity in an unprecedented, idiosyncratic way. The damage could go
to the point of making us non-competitive in markets and, in the extreme case, undermining basic
national functions embedded in our infrastructure. We are actually seeing very worrying versions of this
kind of campaign.
During the development of this report, the ISAB Cyber Study Group met with a number of private sector
companies. Based on the compilation of cyber, corporate, and economic data, one such company has
determined that nation-state threat actors are conducting anti-trust and economic schemes using cyber
intrusion and exploitation as a catalyst for market entry and growth, leading to accumulation of market
share. Furthermore, their research revealed that these adversaries have a broad understanding of U.S.
industries, processes and systems, internal control weaknesses and the cultural and psychological
nuances of the broader markets better than most operational, financial and IT executives within the
affected industries. At least 25 industries and 48 companies have had indications of offensive nationstate cyber-economic activity against them within the last five years.
The potential impact of activity like this with simultaneous exploitation along all three of the threat
vectors could be enormous. With Russian cyber attacks in Georgia in 2008 and Ukraine in 2014 executed
in support of military operations, we have seen the emergence of a new offensive military potential.
Attacks on critical infrastructure (which could include our monetary system and our networked electric
and water utilities and transportation control facilities) made in support of an offensive military
campaign -- or for purely economic, political or other gain (e.g., criminal or terrorist activity) -- could
have a devastating effect on U.S. strategic capability. The challenges inherent in the increasingly opaque
nature of the dynamic software combinations needed to run large systems and to counter human
misbehavior make the defender’s job very difficult.
“The complexity of these scenarios, which results in part from massive interconnectivity and
dependencies between systems that are not always well understood, has made it difficult to develop a
consensus regarding the probable consequences of an attack.”4
The potential for international relations being destabilized due to cyber activities creates a special
concern for the Department of State. The National Academies of Science pointed out that “the world is
organized around nation-states and national governments, and every physical artifact of information
technology is located somewhere. Consequently, one might expect cyberspace-related tensions to arise
between nations exercising sovereignty over their national affairs and interacting with other nations.”5
Many scenarios are possible, among them the actions of a third party (nation-state or not) undermining
the relations between two countries. For example, in a cyber attack by country A on country C using
means in country B, country C might likely mistakenly blame country B, an innocent bystander. To avoid
escalation, means must be found to contain the damage and identify the true nature and perpetrator of
the attack.
Cyberattacks are increasingly targeting US defense secrets - this will undermine
military superiority
Reed 13 - John Reed is a national security reporter for Foreign Policy. He comes to FP after editing
Military.com’s publication Defense Tech and working as the associate editor of DoDBuzz. Between 2007
and 2010, he covered major trends in military aviation and the defense industry around the world for
Defense News and Inside the Air Force. (John, “Here’s How Foreign Spies Are Now Getting U.S. Weapons
Tech”, Foreign Policy, July 23, 2013, http://foreignpolicy.com/2013/07/23/heres-how-foreign-spies-arenow-getting-u-s-weapons-tech/?wp_login_redirect=0//DM)
Forget the shady middlemen; never mind the students just a little too eager to find out the particulars of
engines and warheads. Today, when foreign spies want to acquire America’s latest weapons technology,
they just hack into networks and steal the digital designs. 2012 marked the first time, overseas
intelligence agencies used cyber espionage – rather than the old-fashioned kind — as their number one
way to pilfer information on U.S. weapons.
That’s according to a new report by one of Pentagon branches responsible for preventing such spying.
Not coincidentally, perhaps, half of all successful incidents in 2012 of espionage against American
defense contractors originated in Asia, up from 43 percent the previous year. This report highlights what
plenty of us have come to grasp intuitively, cyberattacks are steadily replacing — or at least
complementing — attempts to flat-out purchase U.S. defense technology or simply ask for more
information about it as the top MO of industrial intelligence operators.
This shift from overt attempts at collecting information on U.S. weapons to cyber theft means that it
may become more difficult to detect when a rival is trying to gain access to America’s defense secrets. It
also shows why the Obama administration has been in such a tizzy of China’s alleged industrial
According to the report from the Defense Security Service, these spies were particularly interested in
gathering information on U.S. electronics; worldwide collection attempts in this sector spiked 94 percent
from the year before.
A "substantial" number of those electronics were radiation-resistant electronics that can be used in
nuclear weapons, ballistic missiles, aerospace and space programs , according to the report.
"Foreign entities, especially those linked to countries with mature missile programs, increasingly focuses
collection efforts on U.S. missile technology, usually aimed at particular missile subsystems," reads the
Why are nations with mature missile programs trying to steal secrets about American missile parts? To
make their missiles even more deadly, of course.
"After a country masters the chemistry and physics required to launch a missiles, scientists and
engineers can focus on accuracy and lethality, the desired characteristics of modern missiles," the report
Getting their hands on U.S. missile parts will also help these countries defend against American
weapons .
"Reverse-engineering would probably give East Asia and the Pacific scientists and engineers a better
understanding of the capabilities of the targeted and acquired technology to develop countermeasures
to U.S. weapons systems," reads the document.
Overall, foreign spies’ top four American targets were "information systems; electronics; lasers, optics
and sensors; and aeronautic systems technologies," according to the report.
All of these are crucial parts of the weapons that have given the U.S. a clear advantage on battlefields
for the last 20 years . Information systems are how the US military passes massive amounts of
intelligence and communications data. Meanwhile optics, lasers and sensors are key technologies that
help American drones spy on enemies and that guide its smart weapons onto targets. Aeronautic
systems technologies, as you know, are the parts that make up the Pentagon’s next-generation rockets,
stealth drones and fighters — exactly the types of weapons that nations like China are trying to
The report doesn’t specifically call out China as the home of these spies. But let’s be honest, the vast
majority of espionage attempts originating from Asia are likely coming from China.
Independent Judiciary
2ac – judicial independence
XO 12333 threatens judicial independence – secrecy inhibits judicial oversight
Rotenberg, EPIC President and Executive Director, 6-16-15 [Electronic privacy information
center, non-profit research and educational organization established in 1994 to focus
public attention on emerging privacy and civil liberties issues.12 We work with a distinguished panel of
advisors in the fields of law, technology and public policy., COMMENTS OF THE ELECTRONIC PRIVACY
INFORMATION CENTER, file:///C:/Users/Jonah/Downloads/EPIC-12333-PCLOB-Comments-FINAL.pdf]
For over two hundred years, the American people have proudly and properly maintained a healthy
skepticism of their government.165 Correspondingly, an independent judiciary was established to
ensure meaningful oversight of the law making and enforcement branches of our government.166
However, EO 12333 167 effectively evades both public and judicial scrutiny.168 While there are minimal
reporting requirements for violations of the authority, the secrecy of activities conducted under EO
12333 makes evaluation of those activities—their legality, purpose, scope, and effectiveness—nearly
In 2009, President Barack Obama issued a memorandum to the heads of executive departments and
agencies emphasizing the importance of transparency and open government in order to “strengthen our
democracy,” “promote efficiency and effectiveness in Government,” and “ensure the public trust.”169
In 2014, President Obama issued Presidential Policy Directive 28,170 laying out for the public the
government’s principles and doctrines of surveillance, an act in and of itself in favor of transparency. In
February of this year, the President again lauded transparency when he stated, “technology so often
outstrips whatever rules and structures and standards have been put in place, which means that
government has to be constantly self-critical and we have to be able to have an open debate about
it.”171 Yet, this very month, the Obama administration, without debate or public notice, expanded the
National Security Agency’s (NSA’s) warrantless surveillance of Americans’ international internet traffic to
search for evidence of computer hacking.172 It is precisely this type of “gradual and silent
encroachment” that our the founders warned would lead to greater “abridgement of the freedom of the
people” than by “violent and sudden usurpations.”173
Potentially unlawful mass surveillance conducted under secret authority is not a phenomenon of the
current presidency. In December 2005, the New York Times reported that President George W. Bush
secretly issued an executive order in 2002 authorizing the NSA to conduct warrantless surveillance of
international telephone and Internet communications on American soil.174 EPIC submitted FOIA
requests to the NSA just hours after the existence of the warrantless surveillance program was first
reported.175 However, not until September of 2014—after a disregarded court order and persistent
delay—did the NSA turn over responsive documents.176 These documents offer the fullest justification
of the program to date, but parts of the legal analysis, including possibly contrary authority, were still
U.S. District Judge Henry H. Kennedy echoed the need for transparency in his 2006 order to the NSA
writing, “EPIC correctly argues, ‘a meaningful and truly democratic debate on the legality and propriety
of the warrantless surveillance program cannot be based solely upon information that the
Administration voluntarily chooses to disseminate.’”177 This argument again holds true where even less
is known about EO 12333, stifling the dialogue about the order’s legality and scope before it can begin.
For similar reasons, secret legal authorities inherently thwart proactive oversight mechanisms. In 2014,
EPIC obtained documents that reveal that the FISA Court sharply criticized the NSA’s internet metadata
program, but the Court’s criticism was kept secret.178 One document in particular illustrates how
oversight in secret is no oversight at all: FISA Court Judge John Bates’ chastisement of the NSA for “longstanding and pervasive violations of the prior [court] orders in [the] matter.”179 While the FISA Court
first authorized the metadata program in 2004, documents obtained by EPIC show that the program’s
legal justification was not provided to Congress until 2009.180 The documents also reveal that the DOJ
withheld information about the program in testimony for the Senate Intelligence hearing prior to the
reauthorization of the legal authority.181 The program was shut down in 2011 after a detailed
review.182 What little oversight may be exercised over EO 12333 activities is severely hampered by a
near total lack of transparency about which activities or programs are even conducted under its
<insert impact from other file>
Internet Freedom
Latin American democracy
Internet freedom helps Latin American democracy
Meacham 6/2 - director of the CSIS Americas Program (Carl Meacham, “Are Internet Policy and
Technology the Keys to Latin America’s Future?”, Center for Strategic and International Studies,
6/2/2015, http://csis.org/publication/are-internet-policy-and-technology-keys-latin-americasfuture)//MBB
With this in mind, a forward-looking Internet policy could help to bolster democracy in Latin America.
This policy tool has the potential to develop the strong public sphere necessary to push for democratic
consolidation, to facilitate commerce, and to allow for greater accountability of elected officials.
Currently, there is a divide between countries that are working to promote a free Internet and open
government data and countries that are working to restrict Internet access and government
information. Not surprisingly, that divide matches up with countries that are challenging democratic
norms in the offline world as well. With the long-term goal of Internet freedom, regional Internet policy
could prove part and parcel to efforts to ensure political freedoms all across Latin America.
Latin America could well be the next hot spot for social innovation. The region’s long struggles with
economic inequality and social stratification are increasingly brought to light by its large and vocal
millennial population, more vocal than ever in calling for social and institutional change. Even as some
political systems remain tightly controlled by older generations, innovative technologies have the
potential to magnify the voices and influence of Latin America’s youth.
As Internet and technological penetration take off throughout the region, Latin America could be on the
verge of a series of exciting changes—if only it can create the conditions to allow for them. Improving
Internet infrastructure, building a culture of innovation, and resolving persistent controversies over
intellectual property and similar issues will enable the region to take advantage of this unique moment.
And if it manages to do that, the region could carve out its place in innovative markets while putting
itself on track toward greater political openness and the development of a more participatory
Democracy key to Latin American stability
Borum 9 – (Randy Borum, Science of Global Security & Armed Conflict, “Democracy May Support
Stability and Sustainability”, 6/8/2009, http://globalcrim.blogspot.com/2009/06/democracy-maysupport-stability-and.html)//MBB
New research supports this conventional wisdom in a study of 45 African countries and 18 Latin
American states over the time period 1996–2004. "While controlling for the material wealth of a
country, education, population, armed conflict, ethnic tension, and debt, this pooled timed series
analysis points to a strong positive correlation between democracy and good governance practices,"
according to Daniel Stockemer, a PhD candidate at the Department of Political Science at the University
of Connecticut.
Stockemer begins by outlining the key ingredients of good governance as described in the scholarly
literature: "Under the doctrine of good governance, states are obliged to perform their functions
efficiently; to value non-corruptibility, to be responsive to civil society and to guarantee stability.
Governments must also be transparent in the allocation of services and equitable in the distribution of
goods." This kind of governance - based on the rule of law - promotes stable legal institutions and is a
foundation for sustainable development. Accordingly, the study used four measures of good
governance, based on World Bank Good Governance Indicators– (1) political stability and absence of
violence, (2) government effectiveness, (3) control of corruption and (4) regulatory qualities.
Applying systematic analysis and empirical research methods, he sought to evaluate the relationship
between democracy and good governance for Africa and Latin America, focusing on two questions: (1)
Are those African and Latin American countries that are democratically ruled better governed than
states that are authoritarian? (2) Does a state’s move toward more democracy immediately trigger
better governance performance?
He found affirmative answers to both questions. More democratic states had better governance. And as
states became more democratic, their governance practices also improved (though more so for Africa
than Latin America).
Stockemer concludes that "democracy is both a normative good and a form of government that leads to
better governance, which in turn should trigger enhanced development in the form of high growth rates
and advancement of living standards of the majority of the population."’
Latin American stability prevents drug trade expansion – strengthened law
Evan 3 - professor of national security studies, modeling, gaming, and simulation with the Center for
Hemispheric Defense Studies, with a research focus on Latin America’s relationships with external
actors, including China, Russia, and Iran, (R. Evan “The Impact of Instability in Latin America”,
The growing disorder in the nations of the Andean ridge highlights a dangerous new phenomenon with
significant national security implications for the United States. Criminal organizations and armed groups
in the region have fallen into new forms of collaboration that allow them to finance their own
operations without reliance on outside aid and its associated strings. The military and self-financing
activities of these groups, in turn, creates dynamics that ultimately could break down the economic and
sociopolitical fabric of the countries in which they operate. As illustrated by the FARC, ELN, and AUC in
Colombia, these organizations leverage the weakness of the states in which they operate to survive and
grow. Their activities are financed, in part, by taxing or directly engaging in criminal activity such as
narcotrafficking, embezzlement, and extortion.15 These criminal enterprises, in turn, leverage a unique
combination of global commerce and information flows and the compromised character of the
institutions within their own country. In short, criminal organizations conduct operations involving
global shipments of narcotics and other goods, leveraging international banking, the international
transportation infrastructure, and the ability to purchase “specialized human expertise” for certain
operations on global markets.16 At the same time, the criminal activities depend on “safe havens” that
they have created within compromised states to conduct key stages of their operations-- such as money
laundering and narcotics production. Within their compromised societies, criminal organizations have
enormous manpower needs, both to perform the daily physical labor required by their operations, and
to provide protection from the state (and from rivals) for their activities. Armed groups on both the left
and right serve the interests of criminal enterprises by physically protecting them in exchange for
revenue. This loose partnership between criminal organizations and armed political groups thus
generates capabilities, and promulgates incidents that contribute to the weakness of the state--thus
sustaining the space in which criminal activity can take place.17 Both criminal organizations and armed
groups thus are nourished by--and systematically destroy--the socioeconomic fabric of the state in
which they grow. As the host state weakens, the activities of these organizations also infects and
destabilizes neighboring states through flows of guerillas and refugees, and the violence and human
suffering associated with them. Although a great deal has been written about narcotrafficking, the
spread of insurgency, and socioeconomic problems in Latin America,18 the current confluence of events
is new and different with respect to the way in which multiple phenomenon reinforce each other to
produce a potential escalating spiral of violence and economic malaise in the region. The individual
perpetrators--such as drug cartels, terrorist cells, and insurgent groups—may not be coordinated, yet
the combination of their individual goal-directed actions produces systemic effects that could ultimately
destabilize the region and undercut the basis for U.S. global power.
Latin American drug trade funds Hezbollah and Iran – causes Iranian prolif
McCaul, 12 – U.S. Representative for Texas's 10th congressional district, Chairman of the House
Committee on Homeland Security (Michael T., U.S. House of Representatives, “A LINE IN THE SAND:
http://homeland.house.gov/sites/homeland.house.gov/files/11-15-12-Line-in-the-Sand.pdf, //11 and
Hezbollah remains especially active in the TBA. 25 With an estimated $12 billion a year in illegal commerce,
the TBA is the center of the largest underground economy in the Western Hemisphere.26 Financial crimes are a specialty of the area and
include intellectual property fraud, counterfeiting, money laundering and smuggling. Moreover, lax customs enforcement in the area allows
these crimes to continue largely unabated from one country to the other.27 The
TBA has been described as one of the most
lucrative sources of revenue for Hezbollah outside of state sponsorship.28 The evidence to suggest Hezbollah is actively
involved in the trafficking of South American cocaine to fund its operations is mounting as well. In 2008, U.S. and
Colombian authorities dismantled a cocainesmuggling and money-laundering organization that allegedly helped fund Hezbollah operations.
Dubbed Operation Titan, the enforcement effort uncovered a money laundering operation that is suspected of laundering hundreds of millions
of dollars of cocaine proceeds a year and paying 12 percent of those profits to Hezbollah.29 Operation Titan has led to more than 130 arrests
and the seizure of $23 million.30 One of those arrests was of Chekri Mahmoud Harb (also known as “Taliban” or “Tali”) who is a Lebanese
national suspected of being a kingpin of the operation. In 2010, Harb pled guilty to conspiracy to manufacture and distribute five kilograms or
more of cocaine knowing the drugs would ultimately be smuggled into the United States.31 In another example, the Treasury Department’s
Office of Foreign Assets Control (OFAC) has listed Ayman “Junior” Joumaa, a Lebanese national and Hezbollah supporter, as a Specially
Designated Narcotics Trafficker based upon his involvement in the transportation, distribution and sale of multi-ton shipments of cocaine from
South America along with the laundering of hundreds of millions of dollars of cocaine proceeds from Europe and the Middle East.32 Federal
prosecutors in Virginia also charged Joumaa for conspiracy to distribute cocaine and money laundering charges. The indictment alleges Joumaa
shipped thousands of kilograms of Colombian cocaine to the United States via Guatemala, Honduras and Mexico. Specifically mentioned in the
indictment was 85,000 kilograms of cocaine that was sold to the Los Zetas drug cartel from 2005 to 2007.33 The indictment further
substantiates the established relationship between Hezbollah, a proxy for Iran, and Mexican drug cartels, which control secured smuggling
routes into the United States. This nexus potentially provides Iranian operatives with undetected access into the United States. Joumaa
allegedly laundered in excess of $250 million of cocaine proceeds from sales in the United States, Mexico, Central America, West Africa and
Europe. Joumaa would typically receive these proceeds in Mexico as bulk cash deliveries. Once the proceeds were laundered, they would be
paid out in Venezuelan or Colombian currency to the cocaine suppliers in Colombia. Joumaa’s fee for laundering the currency would vary from
eight to 14 percent.34 A recent civil complaint filed by the U.S. Department of Justice states that Joumaa relied heavily upon the Lebanese
Canadian Bank (LCB) and the Lebanese exchange houses Hassan Ayash Exchange Company (Hassan) and Ellissa Holding (Ellissa) to conduct the
money laundering operation described above.35 The complaint also alleges these businesses partnered with Hezbollah in various other money
laundering schemes. One such scheme involved LCB allowing Hezbollah-related entities to conduct transactions as large as $260,000 per day
without disclosing any information about the transaction.36 According to the 2011 State Department Country Reports on Terrorism, the
Barakat Network in the TBA is another example of drug money being funneled to Hezbollah. Although the total amount of money being sent to
Hezbollah is difficult to determine, the Barakat Network provided, and perhaps still provides, a sizeable amount of the money sent annually
from the TBA to finance Hezbollah and its operations around the world. Another scheme that took place from 2007 to early 2011 involved LCB,
Hassan and Ellissa transferring at least $329 million of illicit proceeds to the United States for the purchase of used cars through 30 car
dealerships that typically had no assets other than the bank accounts which received the overseas wire transfers. Once in receipt of the wired
funds, these dealerships would purchase used vehicles and ship them to West Africa to be sold. The cash proceeds would then make their way
to Lebanon under the security of Hezbollah and its illegitimate money transfer systems.37 Hezbollah has also involved itself in the trafficking of
weapons, which fuels the violence so intrinsic to drug trafficking and terrorism in Latin America. On July 6, 2009, Jamal Yousef, also known as
Talal Hassan Ghantou, was indicted in New York City on federal narco-terrorism conspiracy charges. According to the unsealed indictment,
Yousef is a former member of the Syrian military and an international arms trafficker who was attempting to make a weapons-forcocaine deal
with the Fuerzas Armadas Revolucionarias de Colombia (Revolutionary Armed Forces of Colombia or FARC).38 What Yousef did not know was
that he was actually negotiating with an undercover operative of the Drug Enforcement Administration who was posing as a representative of
the FARC. Yousef had agreed to provide the FARC military-grade weapons that included 100 AR-15 and 100 M-16 assault rifles, 10 M-60
machine guns, C-4 explosives, 2,500 hand grenades and rocket-propelled grenades. In exchange for the weapons, the FARC was to deliver 938
kilograms of cocaine to Yousef.39 While negotiations progressed, Yousef stated that the weapons had been stolen from Iraq and were being
stored in Mexico by Yousef’s cousin who is an active member of Hezbollah. To establish their bona fides for the trade, Yousef’s cousin
videotaped the weapons cache on location in Mexico. Towards the completion of the transaction, it was learned that the weapons cache was
actually larger than had been first reported. The deal was amended to include the additional weapons in exchange for 7,000 to 8,000 more
kilograms of cocaine that would be delivered to the coast of Honduras.40 The transaction was never completed because Yousef was arrested
and imprisoned in Honduras on separate charges beforehand. In August 2009, Yousef was extradited to New York where he awaits trial. The
explanation for Iranian presence in Latin America begins with its symbiotic relationship with Hezbollah.41
United in their dedication to the destruction of Israel, Iran has helped Hezbollah grow from a small group of untrained guerrillas into what is
arguably the most highly trained, organized and equipped terrorist organization in the world.42 In return, Hezbollah has served as an ideal
proxy for Iranian military force – particularly against Israel – which affords Iran plausible deniability diplomatically.43 Hence wherever
Hezbollah is entrenched, Iran will be as well and vice-versa. The
primary reason for Iran’s increasing presence and
influence in Latin America is based on its growing ideological and economic relationship with Venezuela. Ideologically speaking,
both regimes share a mutual enmity of what they perceive as the imperialist agenda of the United States .44
Economically speaking, the two countries have partnered together in an attempt to survive and thrive despite being ostracized in varying
degrees from the official economy and its financial and trade systems.45 On the latter score one would be hard pressed to find a country that
has been more successful at overcoming sanctions and embargoes levied by the United States and international community than Iran. In spite
of ever-increasing economic constraints dating back to the Carter Administration,
Iran has managed to fight an eight year war
with Iraq, become the world’s biggest sponsor of terrorism, vigorously pursued its own nuclear program
and become the prime destabilizing factor in the Middle East.46 This impressive adaptability relies in no small part on
Iran’s creativity in exploiting unscrupulous businesses, criminal networks and other corrupt regimes for economic survival. For rogue leaders
like Venezuela President Hugo Chavez, who see embargoes and sanctions as just another manifestation of American oppression and
imperialism, Iran has become their champion and welcomed ally.47 This sentiment has developed into a cooperative understanding that, to the
extent they can be successful at overcoming economic sanctions and creating their own economy, Iran and Venezuela can continue to pursue
their ideological agendas beyond the reproach of their Western first-world oppressors. In their efforts to achieve this independence, neither
Iran nor Venezuela has ignored the pecuniary and political benefits of participating in the illicit drug trade. For example, Iranian Revolutionary
Guard Corps (IRGC) General Gholamreza Baghbani has been working in conjunction with the Taliban to oversee the trafficking of opium and
heroin from Afghanistan through Iran in order to generate revenue to support Hezbollah.48 General Baghbani is a commander in the IRGC Qods
Force which is the Iranian Special Forces unit that works closely with Hezbollah in conducting terror operations throughout the world. In a
similar fashion to Iran’s ideological relationship with Hezbollah, Venezuela and the FARC often work together in the trafficking of cocaine for
mutual benefit. Numerous Venezuela government officials have been designated by the OFAC as providing assistance to the FARC in the
trafficking of cocaine and the purchasing of weapons.49 In addition to participating in cocaine trafficking, Venezuela affords the FARC respite
from United States and Colombian pursuit via safe havens within the country.50 Venezuela extends this assistance in part because the socialist
regime of Hugo Chavez aligns well ideologically with the FARC’s Marxist underpinnings. Pragmatically speaking, Venezuela provides support to
the FARC insurgency because it believes it helps mitigate the perceived threat of United States intervention in the region.51 The FARC in turn
has provided reciprocal support of the Chavez regime by such actions as training pro-Chavez militants and assassinating anti-Chavez politicians
within Venezuela.52 Given their own individual propensities in the trafficking of illicit drugs to further ideological interests, it should come as no
surprise that
the activity is so intrinsic to the ongoing Venezuelan Iranian enterprise in Latin America.53
Each country brings valuable infrastructure to drug trafficking that can be used to help expand and supply a worldwide
cocaine market. Assets such as state-owned airlines, shipping companies, airports and sea ports can operate beyond the watchful eyes of the
legitimate world. This can be seen in the regularly scheduled flights between Caracas and Tehran that continue despite Venezuelan-owned
Conviasa Airlines’ claims they ended in September 2010.54 Even though it was described as a regular commercial flight, there was no means by
which to purchase a ticket to travel onboard. Moreover, the flight would depart Caracas from a secluded non-public terminal without the
normal manifests associated with legitimate air commerce.55 Another example that also illustrates the ingenuity of Iran in circumventing
international sanctions involves the Islamic Republic of Iran Shipping Lines (IRISL), which is responsible for moving almost one-third of Iran’s
imports and exports. The IRISL has been under OFAC economic sanction since September 2008 for providing logistical services to Iran’s Ministry
of Defense and Armed Forces Logistics.56 In order to stay one step ahead of OFAC and United Nations regulatory efforts, the IRISL regularly
reflags and changes the owners of its ships. Between September 2008 and February 2012, there were 878 changes to the IRISL fleet including
157 name changes, 94 changes of flag, 122 changes of operator and 127 changes of registered ownership. This simple tactic has allowed Iran to
continue shipping goods to and from Venezuela and all over the world despite the best efforts of the international community to prevent it.57
Being able to control major modes of transportation that operate from one safe port to another beyond the watchful eyes of legitimate
immigration and customs authorities is a fundamental advantage that is very difficult to counter. While Iran and Venezuela may be much more
interested in using this advantage for commercial, military and nuclear purposes, there is no reason to doubt they would use it in the trafficking
of drugs to finance covert terrorist activities for themselves and their allies. Iran and Hezbollah have been involved in the underworld of Latin
America long enough to become intimately familiar with all of its inhabitants and capitalize on their capabilities. Former DEA executive Michael
Braun has an interesting way of describing this dynamic: “…If you want to visualize ungoverned space or a permissive environment, I tell people
to simply think of the bar scene in the first “Star Wars” movie. Operatives from FTOs (foreign terrorist organizations) and DTOs (drug trafficking
organizations) are frequenting the same shady bars, the same seedy hotels and the same sweaty brothels in a growing number of areas around
the world. And what else are they doing? Based upon over 37 years in the law enforcement and security sectors, you can mark my word that
they are most assuredly talking business and sharing lessons learned.”58 Braun says as Europe's demand for cocaine continues to grow and
TCO's operate in West and North Africa to establish infrastructure to move the drugs: "These bad guys (cartels) are now routinely coming in
very close contact with the likes of Hezbollah, Hamas, Al Qaeda, who are vying for the same money, the same turf and same dollars. It's really a
nightmare scenario. And my point being is if anyone thinks for a moment that Hezbollah and Qods Force, the masters at leveraging and
exploiting existing elicit infrastructures globally, are not going to focus on our southwest border and use that as perhaps a spring board in
attacking our country then they just don't understand how the real underworld works."59 Iran attempted to leverage this capability in October
2011 with the foiled plot to assassinate the Saudi Ambassador to the United States. According to a federal arrest complaint filed in New York
City, the Qods Force attempted to hire a drug cartel (identified by other sources as the Los Zetas) to assassinate Saudi Ambassador Adel alJubeir for a fee of $1.5 million. The terror attack was to take place at a popular restaurant in Washington, D.C. without regard to collateral
deaths or damage.60 The Qods Force made this solicitation because it knows drug traffickers are willing to undertake such criminal activity in
exchange for money. Moreover, if this terror attack had been successful, the Qods Force intended to use the Los Zetas for other attacks in the
future.61 Had it not been for a DEA informant posing as the Los Zetas operative, this attack could have very well taken place. It has been
suggested that this assassination was directed by the Iranian government in retaliation for a Saudi-led military intervention in Bahrain against
an Iranian-backed Shiite Muslim majority that was protesting a Saudi-backed Sunni Muslim minority government.62 There are also indications
that Iranian Supreme Leader Ayatollah Khamenei has ordered the Qods Force to intensify terror attacks against the United States and other
Western countries for supporting the ousting of Syrian President and Iranian ally Bashar al-Assad.63 How
all of this plays into the
Iranian nuclear threat leaves troubling possibilities for the U.S. and our ally Israel. We know that Hezbollah has a
significant presence in the United States that could be utilized in terror attacks intended to deter our efforts to curtail Iran’s nuclear program.64
For this same reason, Israelis in the United States and around the world have gone on high alert to prevent a repeat of deadly Hezbollah terror
attacks against Israeli facilities that occurred in Argentina in 1992 and 1994. These
increasingly hostile actions taken by the
Iranian government would be alarming enough without Iran and Hezbollah having well-established
bases of operations in Latin America. While Latin American bases serve as a finance mechanism for
Hezbollah, it is believed the ability exists to turn operational if the need arises. There is no doubt that the enemy is at our doorstep and we
must do something about it now. While a very aggressive foreign policy to counteract these threats is in order, we must not forget that a secure
Southwest border is always our first and last line of defense.
<insert prolif impact>
Safe Harbor Advantage
TTIP i/l turn
Turn – free flowing info undermines the TTIP – external actors are concerned about
US-EU internet dominance
Aaronson, 4/13/15 – Research Professor at The George Washington University's Elliott School of
International Affairs and the former Minerva Chair at the National War College (Susan, World Trade
Review, “Why Trade Agreements are not Setting Information Free: The Lost History and Reinvigorated
Debate over Cross-Border Data Flows, Human Rights and National Security”, //11)
As of July 2014, trade officials are negotiating cross-border data flows in three very different trade
agreements. The US and the 28 nations of the EU are negotiating the Transatlantic Trade and
Investment Partnership (T-TIP); the US and ten other nations bordering the Pacific are negotiating the
Transpacific Partnership (TPP); and some 50 members of the WTO (including the 28 EU states) are
negotiating the Trade in Services Agreement of the WTO (TISA).4 Although many government officials
around the world want to encourage these data flows, many states have not responded positively to
US and EU efforts to facilitate the free flow of information . Officials and citizens from these states
worry about their ability to control information flows as well as their dependence on US companies to
provide web services (which must comply with US rules on privacy and national security).5 They are also
concerned that the US continues to dominate not only the Internet economy, but also Internet
governance institutions in ways that benefit US interests.6 Meanwhile, some activists in the US and EU
noted that both governments restricted information flows through its punitive approach to online
copyright and hence was hypocritical (Aaronson with Townes, 2012: 9, fn 81).
1nc – at: advantage solvency
Policies have already been reformed – those solve – prefer our evidence, it postdates
Aaronson, 4/13/15 – Research Professor at The George Washington University's Elliott School of
International Affairs and the former Minerva Chair at the National War College (Susan, World Trade
Review, “Why Trade Agreements are not Setting Information Free: The Lost History and Reinvigorated
Debate over Cross-Border Data Flows, Human Rights and National Security”, //11)
US and EU trade and foreign policymakers recognized that if they wanted to include free flow of
information provisions in TTIP they had to change course. First, the EU and the US set up a working
group on privacy , which provided answers to EU questions about the reach, methods, and effectiveness
of the NSA programs.68 Second, the US Department of Commerce took steps to show that Safe
Harbor was effective , and US companies that violated these policies would be punished. The US
Federal Trade Commission doubled enforcement actions against 14 companies that claimed to
participate in the Safe Harbor Framework but had not renewed their certifications under the
program.69 The US also reassured businesses that the US remained committed to a voluntary , rather
than a top-down regulatory approach to privacy. The two trade giants agreed to develop an
interoperable system for data protection. Specifically, they agreed to strengthen the Safe Harbor
program for the exchange of personal data for commercial purposes, as they also negotiated a
framework agreement which would apply to personal data transferred between the EU and the US for
law enforcement purposes. The EU has insisted and US policymakers have reportedly concurred that the
US grant EU citizens the same privacy rights as US citizens.70 While the EU’s approach might protect EU
citizens and facilitate data exchange among the US and EU, it would do little for citizens of other nations.
Nor did it clarify whether the US would view privacy regulations as legitimate exceptions to the free flow
of information or address the broader issue of how to deal with the multiplicity of privacy strategies
among US and EU trade partners.
Safe Harbor is beyond repair – false membership, lack of transparency, and no review
TNS, 13 – Targeted News Service (“EU and US NGOs Respond to EU Date Safe Harbor Report: Safe
Harbor Program Should be Suspended Until US Protects Online Privacy”, 11/27/13, ProQuest, //11)
Director General of The European Consumer Organisation, Monique Goyens, commented:
"The European Commission's report on the 'Safe Harbour' agreement confirms the longstanding
concerns of consumer groups on both sides of the Atlantic. More than a decade after its establishment,
the pact is riddled with problems.
"This agreement claims to reassure EU and US consumers when their personal data is exchanged for
commercial purposes, but it has now been shown to retain only a fig-leaf of credibility. In practice, it is
riven with false claims of membership , the process is not transparent and many signatories' lack even
a privacy policy. In the wake of all this, there has been absence of effective enforcement by regulatory
authorities over the years. Recent events have highlighted the obvious imprudence of poorly designed
data exchange agreements. The question now will be: 'is Safe Harbour beyond repair?'
"The safety of European consumers' data needs to be paramount. Data flows must have a true harbour,
not just a commercial port. US authorities may need to come to understand that Safe Harbour can no
longer be used as a free pass for data exchange.
"The European Commission's 13 Recommendations are a welcome address of many of the issues. Better
enforcement is crucial and we're glad to see that being examined. But the ability of companies to selfcertify as offering 'Safe Harbour' is unjustifiable and remains inexplicably outside the review . It is hard
to see the purpose of proceeding without tackling such basic flaws and perhaps the time has come to
put the Safe Harbour agreement to one side and move on.
Safe-Harbor will be circumvented
WSGR, 13 – Wilson Sonsini Goodrich & Rosati: the premier provider of legal services to technology, life
sciences, and growth enterprises worldwide (“Cloud Providers That Adhere to U.S.-EU Safe Harbor
Framework Meet EU's Data Protection Adequacy Requirements, Says U.S. Commerce Department”,
5/6/13, https://www.wsgr.com/WSGR/Display.aspx?SectionName=publications/PDFSearch/wsgralertcloud-providers.htm, //11)
While completing the required Safe Harbor application is relatively simple and quick, it can be easy for
organizations to overlook the program's compliance requirements , including annual assessments and
documentation of compliance. Given the increasing attention and focus by customers on vendor and
supply chain management in this area, increased investment in privacy and data security-related
controls may yield quick returns by enabling deals to close more quickly and efficiently. Moreover, with
the FTC's prosecution of a number of entities that claimed they were Safe Harbor-certified even though
their certifications had lapsed, technical compliance with the Safe Harbor has taken on greater
significance. A benefit of the program is that it helps encourage organizations to routinely and annually
re-evaluate their privacy and data protection practices and to do so systematically. Many organizations
also rely on and work with outside third parties, including law firms, to assist in these efforts. Such
assistance can provide valuable benchmarking information and guidance on best practices, as well as
assist with risk management.
not topical
Safe Harbor isn’t topical – not national security, federal, or US persons
FPF, 13 – Future of Privacy Forum (“The US-EU Safe Harbor: An Analysis of the Framework’s
Effectiveness in Protecting Personal Privacy”, December 2013, http://www.futureofprivacy.org/wpcontent/uploads/FPF-Safe-Harbor-Report.pdf, //11)
Scrutinizing the Safe Harbor over concerns about government access misconstrues the purpose of the
Safe Harbor. The Safe Harbor is intended to bring US data practices in line with the EU Data Directive.
The Directive does not apply to matters of national security or law enforcement.173 Article 3 of the
Directive states: “This Directive shall not apply to the processing of personal data…[with respect to]
operations concerning public security, defen[s]e, State security (including the economic well-being of
the State when the processing operation relates to State security matters) and the activities of the State
in areas of criminal law.” 174 Thus, the Safe Harbor always had been envisioned as protecting the
privacy of EU citizens within only the commercial privacy context .175 It should come as no surprise
then that the Safe Harbor specifically provides exceptions to the Safe Harbor’s privacy principles “to the
extent necessary to meet national security, public interest, or law enforcement requirements.”176
Cybersecurity Advantage
Alt cause to failure
No incentive to protect cyber infrastructure – lack of understanding
Sales 13 – Associate Professor of Law at the Syracuse University College of Law, former professor at
George Mason University School of Law (Nathan A., Northwestern University Law Review, “REGULATING
CYBER-SECURITY”, file:///C:/Users/Alana%20Levin/Downloads/SSRN-id2035069.pdf, //11)
The poor state of America’s cyber-defenses is partly due to the fact that the analytical framework used
to understand the problem is incomplete . The law and policy of cyber-security are under theorized.
Virtually all legal scholarship approaches cyber-security from the standpoint of the criminal law or the
law of armed conflict.19 Given these analytical commitments, it is inevitable that academics and
lawmakers will tend to favor law enforcement and military solutions to cyber-security problems. These
are important perspectives, but cyber-security scholarship need not run in such narrow channels. An
entirely new approach is needed . Rather than conceiving of private firms merely as possible victims of
cyber-crimes, or as potential targets in cyber-conflicts, we should think of them in regulatory terms.20
Many companies that operate critical infrastructure tend to underinvest in cyber-defense because of
negative externalities, positive externalities, free riding, and public goods problems—the same sorts of
challenges the modern administrative state encounters in a variety of other contexts.
NSA will circumvent cyber restrictions
Kehl 14 – policy analyst at New America’s Open Technology Institute (Danielle, Open Technology
Institute, “Surveillance Costs: The NSA’s Impact on the Economy, Internet Freedom & Cybersecurity”,
July 2014, https://www.newamerica.org/downloads/Surveilance_Costs_Final.pdf, //11)
One tactic for quietly scooping up vast amounts of data is to target the infrastructure around networks
and network providers, including the undersea fiber optic cables that carry global Internet traffic from
one continent to another. Leaked documents reveal that in February 2013 the NSA successfully hacked
the SEA-ME-WE-4 cable system, which originates in France and connects Europe to the Middle East and
North Africa.307 Reports also suggest that the NSA has hacked fiber optic links connecting Google and
Facebook data centers located outside of the United States.308 For access to messages that are
encrypted, the NSA maintains an internal database through its Key Provisioning Service which has
encryption keys for a wide array of commercial products. A separate unit within the agency, the Key
Recovery Service, exists for the purpose of trying to obtain keys that are not already a part of the NSA’s
database. According to The New York Times, “How keys are acquired is shrouded in secrecy, but
independent cryptographers say many are probably collected by hacking into companies’ computer
servers, where they are stored.”309
FCC Mechanism
At: FCC expertise
FCC sucks – evolving marketplace and lack of interbureau coordination undermine
transparency and expertise
GAO, 9 – United States Government Accountability Office (“FCC Management: Improvements Needed in
Communication, Decision-Making Processes, and Workforce Planning”, December 2009, Google Ebook,
What GAO Found
FCC consists of seven bureaus, with some structured along functional lines, such as enforcement, and
some structured along technical lines, such as wireless telecommunications and media. Although there
have been changes in FCC’s bureau structure, developments in the telecommunications industry
continue to create issues that span the jurisdiction of several bureaus. However, FCC lacks written
procedures for ensuring the interbureau collaboration and communication occurs. FCC’s reliance on
informal coordination has created confusion among the bureaus regarding who is responsible for
handling certain issues. In addition, the lack of written procedures has allowed various chairmen to
determine the extent to which interbureau collaboration and communication occurs. This has led to
instances in which FCC’s analyses lacked input from all relevant staff. Although FCC stated that is relies
on its functional offices, such as its engineering and strategic planning offices, to address crosscutting
issues, stakeholders have expressed concerns regarding the chairman’s ability to influence these offices.
Weaknesses in FCC’s processes for collecting and using information also raise concerns regarding the
transparency and informed nature of FCC’s decision-making process. FCC has five commissioners, one
of which is designated chairman. FCC lacks internal policies regarding commissioner access to staff
analyses during the decision-making process, and some chairmen have restricted this access. Such
restrictions may undermine the group decision-making process and impact the quality of the FCC’s
decisions. In addition, GAO identified weaknesses in FCC’s processes for collecting public input on
proposed rules. Specifically, FCC rarely includes the text of a proposed rule when issuing a Notice of
Proposed Rulemaking to collect public comment on a rule change, although some studies have noted
that providing proposed rule text helps focus public input. Additionally, FCC has developed rules
regarding contacts between external parties and FCC officials (known as ex parte contacts) that require
the external party to provide FCC a summary of the new information presented for inclusion in the
public record. However, several stakeholders told us that FCC’s ex parte process allows vague ex parte
summaries and that in some cases, ex parte contacts can occur just before a commission vote, which
can limit stakeholders’ ability to determine what information was provided and to rebut or discuss that
FCC faces challenges in ensuring it has the expertise needed to adapt to a changing marketplace . For
example, a large percentage of FCC’s economists and engineers are eligible to retire in 2011, and FCC
faces difficulty recruiting top candidates. FCC has initiated recruitment and development programs and
has begun evaluating its workforce needs. GAO previously noted that strategic workforce planning
should include identifying needs, developing strategies to address these needs, and tracking progress.
However, FCC’s Strategic Human Capital Plan does not establish targets for its expertise needs, making it
difficult to assess the agency’s progress in addressing its needs.
FCC expertise is hype – their evidence is political self-praise
Engebreston, 13 – Executive Editor of Telecompetitor, former editor-in-chief of Telephony Magazine
and America’s Network Magazine (Joan, “Catch-Up Talk with Blair Levin Yields Some Surprises”,
Telecompetitor 5/6/13, http://www.telecompetitor.com/catch-up-talk-with-blair-levin-yields-somesurprises/, //11)
***Blair Levin = former FCC chief of staff
Currently with the Aspen Institute, Blair Levin headed up the team at the FCC that three years ago
created the National Broadband Plan with the goal of spurring broadband deployment. But in a speech
last week, Levin said, “The FCC is becoming more of a political institution and less an expert agency .”
Like other D.C. political institutions, he said, the commission is “increasingly caught up in a one-note
narrative . . . of self-praise rather than focusing on providing the expertise and analytic agility necessary
to adjust programs to provide bandwidth abundance to constituencies it is meant to serve.”
In an interview with Telecompetitor on Friday, Levin directed further criticism at the FCC’s self-praise. “I
would never invest in a company that had a CEO who behaved that way,” he said.
Work undone
It was up to the FCC to implement the ideas recommended in the National Broadband Plan – and the
way Levin sees it, much of that work has been left undone.
One of the most important pieces of information to emerge out of the NBP was that the majority of the
homes that can’t get broadband are in areas served by the nation’s largest price cap carriers – and that
hasn’t changed much, he told Telecompetitor on Friday.
Although he noted that CenturyLink is doing some upgrades, he said “AT&T is doing zero, and Verizon
sold some lines to Frontier but they’re not doing anything with what they held on to.” (AT&T would
disagree with Levin’s assessment, having touted its rural network upgrade plans last fall. But it’s true
that those plans rely heavily on mobile broadband rather than a fixed offering.)
Levin also argued in his recent speech that the FCC essentially “punted” on “the critical issue of
contribution reform.” In other words, the FCC’s new broadband-focused Universal Service program
appears to be doomed to be funded as a percentage of carriers’ long-distance voice revenues – a
methodology that is becoming increasingly unsustainable as long-distance voice revenues decline.
When I asked Levin what he’d like to see happen on that front, however, he declined to offer a specific
suggestion. Instead, he said the commission should pull a lot of ideas together and run a proceeding.
(The FCC has avoided taking even such an apparently innocuous step – perhaps because it would then
be expected to take action and, politically, it is afraid of taking any action on that controversial issue.)
Singing a different tune?
When the NBP was released, Levin made some enemies among rural telcos because of some of the
Universal Service reforms proposed in the plan. The fundamental point of contention was that in
targeting to bring broadband to unserved price cap territories without increasing the size of the fund,
the corollary was that rate of return carriers would have to get by on less.
Over the past three years, the FCC has implemented some of the reforms proposed in the NBP –
although not exactly as the NBP proposed. And some readers might be surprised by one of the things
Levin said in another recent speech.
“In those areas where the fund was already driving broadband investment, reform has stalled
progress ,” he said in Madison, Wisc. on April 4. He even cited a recent survey of small rural phone
companies showing that 69% of respondents have cancelled or postponed investments due to
uncertainty about restructuring.
Xt: no written procedures
Lack of interagency procedures gut efficiency
GAO, 9 – United States Government Accountability Office (“FCC Management: Improvements Needed in
Communication, Decision-Making Processes, and Workforce Planning”, December 2009, p.16-17, Google
Ebook, //11)
FCC’s lack of written policies and its reliance on informal interbureau coordination to address issues that
span beyond the purview of a single bureau can result in inefficiencies . For example, one FCC official
told us that while FCC was conducting a merger review of two major media companies, the review
process was delayed because of confusion regarding which bureau was responsible. Since each of the
companies merging had assets regulated by different FCC bureaus, it was unclear which bureau was the
designated lead and would be responsible for a specific portion of the merger review process. Although
the chairman eventually designated a lead bureau, the time it took for this to happen slowed down the
process, and the overall lack of coordination made the process less efficient. Our International Control
and Management Evaluation Tool emphasizes the importance of internal communications, specifically
noting the need for mechanisms that allow for the easy flow of information down, across, and up the
organization, including communications between functional activities.
Xt: no expertise
Funding constraints complicate the hiring process – difficult to update staff and
GAO, 9 – United States Government Accountability Office (“FCC Management: Improvements Needed in
Communication, Decision-Making Processes, and Workforce Planning”, December 2009, p.41, Google
Ebook, //11)
FCC faces multiple challenges in recruiting new staff. One challenge FCC faces (similar to other federal
agencies) is the inability to offer more competitive pay. Additionally, not having an approved budget
and working under congressional continuing resolutions has hampered hiring efforts for engineers and
economists. Competing priorities may also delay internal decisions regarding hiring. For example, OSP
has not received the budgetary allocation for hiring new economists in time for the annual American
Economic Association meeting for at least the past 4 years. This meeting is the primary recruiting venue
for recently-graduated economists. When the FCC is not able to hire economists at the annual meeting,
the agency potentially loses out on skilled employees who have been offered employment elsewhere.
FCC officials told us that OSP has received permission to attend the 2010 American Economic
Association meeting and hire at least one economist.
Zero Days
Disclosure of zero-days undermines non-proliferation efforts and there’s no spillover
Sanger 14 – chief Washington correspondent of The New York Times (David E., New York Times,
“Obama Lets N.S.A. Exploit Some Internet Flaws, Officials Say”, 4/12/14,
The N.S.A. made use of four “zero day” vulnerabilities in its attack on Iran’s nuclear enrichment sites .
That operation, code-named “Olympic Games,” managed to damage roughly 1,000 Iranian centrifuges,
and by some accounts helped drive the country to the negotiating table.
Not surprisingly, officials at the N.S.A. and at its military partner, the United States Cyber Command,
warned that giving up the capability to exploit undisclosed vulnerabilities would amount to “ unilateral
disarmament ” — a phrase taken from the battles over whether and how far to cut America’s nuclear
“We don’t eliminate nuclear weapons until the Russians do,” one senior intelligence official said
recently. “You are not going to see the Chinese give up on ‘zero days’ just because we do.” Even a senior
White House official who was sympathetic to broad reforms after the N.S.A. disclosures said last month,
“I can’t imagine the president — any president — entirely giving up a technology that might enable him
some day to take a covert action that could avoid a shooting war.”