Connor Taylor

Adam Padgett

ENGL 102

31 January 2016

As a user of the Internet, viewer of internet ads, and US Citizen, it is hard not to be

interested in privacy rights. Both the United States Government and private companies gather

information on Internet users for various uses, usually policing and advertising, respectively. It

can be unnerving to think that somewhere there is a collection of information about you that is

used to determine if you would like a certain film or be a potential threat to national security.

Often times, the two decisions are made using the same information, requested by the NSA from

major Internet companies. These situations raise questions of whether these programs are legal,

effective, or harmful to the people affected by them.

In the first article, XKeyscore -- NSAs Google for the Words Private Communications

by Morgan Marquis-Boire, Glenn Greenwald, and Micah Lee, goes over the XKeyscore

program, one of the NSAs main avenues of obtaining information. It describes the tactics and

methods of obtaining data, and often provides the defenses of the organizations that use the

tactic. The document primarily uses leaked information as sources, so the credibility of these

sources could be questionable, especially considering that the NSA denies using certain practices

presented in them.

The second document is a 2006 recommendation from the Data Privacy and Integrity

Advisory Committee to the Secretary and the Chief Privacy Officer of the Department of

Homeland Security, advising the DHS to use information gathered through commercial data

collection in a way that would have the least strain on individual rights to privacy. It both
recommends ways to use the data effectively and appropriately. Included in the document are

several links that could potentially provide important information, however, it appears that many

of the links were either broken or the documents were removed from the DHS website. However,

using the Wayback Machine, a log of websites and government documents, I was able to access

some of these documents. I would have to check the trustworthiness of documents received

through this service.

The third source, Internet Tracking Has Moved Beyond Cookies by Jody Avirgan,

describes how the process of fingerprinting, or using information about a site visitors

computer to uniquely identify them, is used for advertising. This is different from using cookies

(a set of user-clearable trackers that are used to identify what websites a user has visited) in that

they can circumvent the users disabling of cookies or other efforts to avoid corporate tracking. It

goes into some detail about the methods used, and this could be helpful in finding a place to start

research.

Is it legal for the government to have access to data on the online browsing habits of its

citizens collected by private companies? As often pointed out in the first article, there are many

ways in which privacy law could be violated when government organizations collect mass

amounts of data, due to the sheer scale of the data received. It points out that there are few to no

restrictions in the use of the software that searches and collects data to ensure compliance with

these rules. However, this raises the question of whether the NSA even has an obligation to

follow these rules. An argument could be made that people are better off because of these

programs and therefore the possible violation of law is justified.

Is mass data collection by governments effective in preventing terrorist attacks? One of

the most common defenses of these programs is that they are necessary to combat terrorism. This
defense brings up the question of how effective they are in what they are apparently designed to

do. Are these programs effective at confronting terrorist threats before they act? Are they useful

in apprehending terrorists after an attack has occurred?

Should private companies be able to collect data on users without clearly informing

them? Should targeted advertising be an opt-in system instead of the opt-out method used today?

Both of these questions target whether the collection of data by private companies is ethical to

begin with. On one hand, the sites using these data collection services belong to private

companies, (despite often being treated like public spaces by their users) so they have no real

legal obligation to act in the interests of the user. After all, the user has the option to not use the

website (technically). On the other hand,

https://theintercept.com/2015/07/01/nsas-google-worlds-private-communications/

https://www.dhs.gov/xlibrary/assets/privacy/privacy_advcom_12-2006_rpt_commdata.pdf

https://fivethirtyeight.com/features/internet-tracking-has-moved-beyond-cookies/