Raj will be speaking at the National Cyber Security Centre, Netherlands (NCSC.NL) – Social Media & Cloud Computing are creating Threats to Privacy, Security and Liberty – A Global Perspective.
Social Media has had a resounding impact on how our children, employees and colleagues communicate. As parents, business owners, and/or concerned individuals what is our responsibility and how can we contribute to a safer digital environment.
The CyberHood Watch welcomes back Raj Goel to help us all to become better informed and to make intelligent decisions.
Episode Transcript:
Raj: Hey, Dave, I am. First off, happy New Year.
Dave: Thank you. And happy New Year to you.
Raj: Thank you.
Dave: And congratulations over in the Netherlands, correct?
Raj: Yeah, just not the speaker but the keynote speaker for the Dutch government.
Dave: I think that’s quite an accomplishment, so maybe you can tell me a little bit about how that came about. Of course, I know you’re very important. Maybe some of the listeners don’t realize just how involved you are with information security, the technologies out there, and really being a strong advocate for the people and for businesses and for kids, families, and parents. You’re really trying to cover the gambit of trying to keep everyone safe with the new technology, the digital age. And believe me, from what I know, we all need people like yourself out there who make their careers out of this and are really strong advocated for keeping us safe. Welcome to the show, Raj.
Raj: Thank you.
Dave: Tell us a little bit about how this came about and you got selected to be the keynote speaker.
Raj. Sure. So last year in 2012, I did 28 presentations across the country whether they were one-hour radio interviews with you, one-hour webinars, or full day conferences for organizations all over American and actually Canada on cyber security and privacy rights issues. And one of the conferences I spoke at in, New York School of Security’s Annual Security Conference. The year before, I did a panel for them, and they liked what I had to say so they asked if I could do a presentation for them in 2012. I said, “Of course. I’d love to. It’s in New York City. It’s convenient. It’s my old alma mater. Why not?” And so I did that and the presenter before me is the current administrator for security in justice for the Netherlands, and the conference was about technology, social media, how they’re changing our lives. He did a great presentation on how social media is changing and dramatically impacting how the Dutch government deals with its citizens. He had told a great story of how in one of the busiest airports in the world… It was a plane coming in for landing and the pilots weren’t responding at all. And the protocol is, if the flight doesn’t respond, you [something not 04:32]. That’s what the military does. Pretty quickly, there was this massive amount of tweets from people on the airplane. Like the US, Europe has been more intelligent about cell phones don’t crash airplanes. There was a lot of people going: what’s going on? And they kind of guessed that maybe there wasn’t a hostage situation. It was not a terrorist situation. It was just a faulty equipment problem. The airplane landed on the far side of the secure zone with guys in full gear and machine guns the plane. They discovered the airplane was fine, there was no hijacking, but the radio had malfunctioned. And what he says was this really demonstrates how governments can no longer use media and TV, radio and newspapers just to talk out to the citizens. They also have the ability to listen to the citizens and the citizenry using Facebook, social media, blogs, tweets, and so on. And in this presentation, he had a great slide, a great video on YouTube, called Medieval Technical Support about a monk providing tech support to a fellow monk on the first use of a book. It was a great, funny video. I asked him for coffee. So I presented before me. I presented after him. And then some guys from the FBI and others did a panel after us, so I complimented him on his stuff. He liked what I had to say about social media and how it’s compromising rights globally. And he asked me to speak at a conference for him in January. I said, “What’s the date?” He said, “22nd.” I said, “I am absolutely available. I thought he was in New York City because his assistant gave me his card from the Dutch Embassy. I got the invitation. We’re going for a week. Let’s go. I got a full schedule from them, and my jaw hit the floor. Not only am I one of the speakers, but also they gave me the keynote slot.
Dave: Wow. Congratulations. Well deserved.
Raj: I was at the right place at the right time.
Dave: Yeah, that’s true. Maybe it’s the right place and right time, but it’s kind of like that, “an overnight success.” Only how many years in the business and 15 as an IT guy? Yeah, you are an overnight success.
Raj: 25 years in IT and 15 or 16 now in security. Yep.
Dave: Overnight success.
Raj: Exactly.
Dave: You know, as you were telling me the airplane story and the radio malfunction, was there any communication that that was due to all the tweeting going on?
Raj: No.
Dave: You covered this great misnomer of not being able to use your cell phone on the plane.
Raj: Well, that’s only true in the United States thanks to the federal rules. And the rest of the world, cell phones, tweeting, and texting are perfectly allowed in airplanes. The US banned them early on because in the towers were built in the 80s, they didn’t list low-flying airplanes using their cell service. Today the cell phone towers are a lot more intelligent. A number of studies have found there was no real correlation between people using cell phones and iPads on the airplane and the aircraft flight performance. Hell, some of the airplanes have replaced all of the paper forms with iPads. So you can tell me it works in the cockpit but the rest of the airplane is magically not resistant to radio interference.
Dave: Yeah, it was kind of mind that feeling all along but you never know. It’s good to hear what you have to say. So is the national cyber security Center in the Netherlands where you’re going to be the keynote speaker… Are they one of the prominent are leaders in the industry as far as hosting these conferences and being on the forefront of putting this technology together in this information and really doing a great job of trying to secure the digital age basically?
Raj: Well, not sure how great they are on putting on conferences. I haven’t been there before. Not sure how great the Dutch are at protecting security, but I do know that they are one of the leading nations that highly wired and has really taken on new technologies historically with a passion. In Asia, Korea is the most highly wired nation in the world. Japan as number two. They take their whole social media and attractions very seriously. In Europe, the Dutch are probably the strongest technologies. In the US, we still do everything the paper. Taxes, estate taxes. Go to the DMV office. Been having a lot of manual and paper stuff in the US. Whereas in the Netherlands, they have really gone electronic with a passion. You want a driver’s license? You got the portal. You want to put a change of address? You got to the portal. You want to check if your taxes were charged correctly? You got the portal. And the portal is built by the Dutch government, maintained by the Dutch government. And when this big [something at 10:56] came out, they put up a message saying, “The site is currently offline for maintenance,” because the flaw was so big. They literally shut the entire country’s citizen portal down for a day or 2 days. That shows you, for 2 days, citizens could not conduct business with the government until the portal came back online. So they do take technology very seriously. They are doing some really good work on security. I’m not sure I would call them a world leader. And the actual technical research and development areas because there aren’t many technology companies out of the Netherlands. But in the social front, on legal front, they are doing some pretty novel things. The Dutch government has historically ben involved very aggressively in certificates, security. Historically, and we’re going back 400, 500, 600 years, the Dutch have always been a mercantile nation. They have adopted new technologies, new markets before most of their European peers. For the country the size of New Jersey, at one point they were the biggest empire on the planet.
Dave: Repeat what you just said. They were the biggest what?
Raj: About 500 years ago, they were one of the biggest empires in the world.
Dave: Oh, okay.
Raj: And to this day, every day you buy flowers for your wide, girlfriend, whoever… the flower pricing in the world is set every day in the Netherlands.
Dave: I’ve heard that, but you mentioned something that was interesting and what you’re referring to basically then is social disruption.
Raj: Yeah.
Dave: I know that’s a big part of this conference, and they talk about the rapid deployment in the mobile data transmission and cloud computing are giving away to new vulnerabilities and opportunities for misuse. So what are your thoughts on what those misuses be? And what maybe you hope or the conference hopes to get out of this to maybe find out some tips on how to prevent this?
Raj: Sure. So when you talk about misuse, you’ve got to first ask, “Misuse from whom and why whom?” Are we talking a criminal element? Are we talking from political activists? Are we talking from government and law enforcement? Corporations? There are 5 separate actors misusing technology on a daily basis. So you can talk about misuse by activists, by citizens. I focus primarily on misuse of technology by law enforcement, governments, and by corporations. So in every technology whether it’s a car, gun, radio, or TV, or the Internet…has multiple consumers and multiple users and abusers. Whether it is in a flaw in a core piece of software like the Ruby on Rails flaw or a flaw in the architecture of the Internet, the way our social securities are broken. Every single day around the world, new things are happening with social media that make you sit back and go, “Whoa.” Just a week before last week, some kid in Aurora, Colorado put up on Facebook, “Oh, I got drunk last night. Sorry to whoever’s car I flipped.” And he puts on Facebook that he had done a hit and run. He hit a vehicle when he was drunk and didn’t stop at the scene of the crime. Within 20 minutes of him posting on Facebook, 2 of his Facebook friends called local cops, and the kid has been arrested. On the one hand, great. He committed a crime. He should be punished. I’m all for it. On the other hand, I’m not entirely sure the teenager was aware or had ever been taught or was cognizant that by posting on Facebook that he committed the crime, whether it was a minor crime or major crime, he had just waived his first, fourth, and fifth amendment rights, especially his fifth amendment right to self-criminalization. And separately, just this weekend, a second Kuwaiti blogger was arrested and thrown in jail by the kingdom of Kuwait by insulting someone over a tweet. In every single day around the world, people are being arrested and thrown in jail or worse for innocuous or not innocuous Facebook and social media postings. And my concern from that… And I’m not saying the Kuwaiti government is wrong. Every government has the right to enforce their local laws whether you agree with them or not. My concern is as we move towards a global culture, and were all traveling more, were all becoming global families. It’s not uncommon to find people from six different countries in a month anymore. It used to be miraculous in the 80s. Today: I’m in London, I’m in France. That’s just a weekend trip. The real danger of that is, we are traveling more and we are not aware of the local laws on the grounds and those can change at the flip of a dime. More and more people are being incarcerated or prosecuted for crimes and foreign jurisdictions that are legal back home.
Dave: You know, that’s a great point to think about with the thought that the amount of travel that we can do and the different countries that we can be in and not knowing what they are laws are… That’s an important factor to understand. It’s almost like a saying that I have heard before: a closed mouth gathers no feat. So what you say are the social media networks can and will always be there. And like you are pointing out, it’s a very important factor that can lead to your own demise. It brings up a point that I thought about earlier. We’ve had conversations in the past where businesses and what your employees can put online. I got to thinking about that as you were talking. Sometimes we worry about the employees or what is said and you once referenced for me to comment where someone posted a comment that said somebody was coming by to meet with that corporation or that company, which led to a problem occurring. But it’s almost like your kids can be a bigger problem because they may be doing all these different types of postings on social networks that reveal maybe reveal relationships with their families that can be used in a negative or misuse.
Raj: What I have seen in the articles I’ve read is kids tend to self incriminate. Most of the time, they are not the ones exposing family relationships. Let’s face it, online or off-line, between 12 and 21… Kids don’t want to talk about family anyway. They are all embarrassed by us. What I find people who are generally destroying their families privacy most or giving up their families civil rights tend to be parents and grandparents. When people share photos, we think we are doing a private vacation or private interactions somebody else. When in reality, this never goes away. We have gone from 150 years from not having photos of anyone at all to this culture of photo albums and photos to being able to send someone a link with a couple of thousand photos. We still think at a human level that if I give you photos, you’re the only one with that physical object. Whereas in the digital world, I give you a link or I give you a copy or email you the photo… You and 1 billion other people now have a copy of that digital item. So mentally we think we are giving a secure resource to the selected individual wherein practice we are putting it on a billboard for the world to see. More often than not, compromising family and corporate issues.
Dave: So point out maybe a little more detail of how that’s going to be maybe misused like the scenario you said where a parent posts pictures of a newborn to the grandparents.
Raj: Okay. So let’s look at a very common scenario: when people get engaged, you tell your friends on Facebook and whatever else. There are a lot of couples now that are now putting out pictures of the babies over email, Instagram, flickr, all that stuff. I’ve seen some really great postings on Facebook of people doing really creative baby announcements. One couple did an announcement that looked like a movie poster. Somebody else did movie tickets with the baby’s due date. Another did concert tickets so people are getting really creative. And it’s great from creative, artistic perspective to see how much time people are putting in to sharing this awesome announcement. On the other hand, wants you make the baby public: the due date, your name, your spouse’s name your parents’ names, you disclosed the approximate date of birth.
Dave: So it’s more of the details and not specifically the picture.
Raj: Well, the picture itself has a lot of details in it period if you put up a picture of a baby, which I can’t tell the gender right away, But looking at the photo, I can grab the geolocation data and I can tell you the exact date and time the photo was taken. So if you just took a picture of your baby that says, “baby day one”. Then I can see the exact place of birth, address, ZIP Code of the location to baby was born. The baby’s date of birth is now disclosed. I go to the baby’s website and I now have the baby’s gender. I have the parent’s names. I have the mother’s maiden name. I have all the information I need to create a perfect profile, take out loans, or create identities from the data you’ve given freely to the world.
Dave: I don’t think people… You touched on something. Geo-targeting and geolocation. That’s pretty powerful information, and like you said, it’s just a picture but when you know exactly where they’ve taken it… Actually what comes to mind is that I posted a while back. Even on Facebook I posted where one of the fast food chains…somebody had taken a picture of them with French fries.
Raj: It was Burger King. And an employee taking a picture of an employee standing with their shoes on a box of lettuce, chopped lettuce. And the photo got posted on Facebook, and the photo went viral. Within 24 hours, a couple of activists on the Internet had taken the photo, ripped it apart, they located the exact Burger King this photo was taken at. They actually called the manager, they called national media, and the employee was actually fired. In this case, this is digital data for good. We don’t somebody standing in a bowl full of lettuce and serving food to consumers. In another case, a young woman put up on Facebook that she hoped Obama was dead and that somebody shot him. She wouldn’t cry. Within a day, the Secret Service had her nailed. They contacted her, contacted her boss, she was fired from her job. She of course claimed she had done nothing wrong, not understand that in most countries threatening government is just stupid and potential jail terms can happen. And in this country, threats to the president are taken very seriously. You know, you can call him an idiot. You just can’t threaten to kill him.
Dave: Yeah, you’re right. You can call him an idiot, but they’re in jail now.
Raj: She’s not in jail, but she was fired from her job because her employer…I think it was Coldstone Creamery didn’t want all the negative media attention that they were getting. In other cases, some kids posted a video online of them ganging up on a kid and giving horrific injuries to this child. Again, within a matter of hours, the video goes viral and people had actually done all the detective work for the cops. They located the date, time, location, and it made the cops’ jobs a lot easier. In another case, last year there was a video that was posted online. A family, a mother and I think it was a son had been accused for years of tormenting a disabled child in their neighborhood. And the mother of the child took a video, put it up online because she now had proof that you could see this perfectly healthy adult just horrifically humiliating this 10-year-old or 8-year-old kid coming off of a school bus. The media attention it generated…the father was arrested and charged with a number of crimes.
Dave: So in essence, the technology that is out there today and advancing at such a rapid pace…we all know that there’s misuse and the good side of it. Unfortunately, in your business and in mine, we primarily focus on the negative side of what does happen. We pointed out good one thing, the standing in the lettuce. That was a benefit for, you know, the people that come in and go to the stores. Do you have any good stories where this technology has really been a benefit that can maybe be duplicated to help parents or kids or businesses?
Raj: Sure. Absolutely. In a lot of these cases where people are committing crimes and are potentially dumb enough to post them online, it makes law enforcements’ jobs and us a lot easier. If you see somebody getting picked on. If you can stop an act of crime, go ahead. But if you can’t, take the photo and share it with law enforcement. And if you need the attention, go public with it. Kids who are shoplifting, kids stealing cars, kids or adults raping other people bullying. In those cases, using technology and social media to turn a spotlight and righting the wrong is great. I’m not saying technology itself is wrong. What I focus in primarily is the misuse of technology by governments and law enforcement. What we do as citizens, as individuals is one thing. Whether you use or misuse it, you can’t outlaw stupidity and people will do what people do no matter what. What I am concerned about and I’ve said this on your show before and elsewhere am that in this digital age, just like with the photos… 200 years ago, photographs really didn’t exist. About 100 years ago, they became very popular but very rare. It was not uncommon for somebody to have a photo or 2 or 3 of them and their entire lives as late as 70 years ago. Today, everyone one of us at least in this country, will appear in several thousand to a million photographs by the time they put us under in our lifetimes. So we’ve seen this rapid adoption of photographs through technology. What has not caught up with that is that what used to be a very rare physical object which had not other metadata but which what you saw is now this massively data rich, meaty information file. What you see is actually a very small part of the overall data package. And just as in the consumer space, civilian space, our brains haven’t caught up with how powerful and how heavily loaded this photo really is with meanings and meta meanings. In the law enforcement space, our laws have not caught up with technology. On any level: the spy agencies, the security agencies, the domestication agencies, the local cops…they’re very happy to keep the old laws on the books, not let them get updated, or they’re not certainly advocated for change that would make their lives more difficult. But in the process, they are destroying our civil rights at a global level.
Dave: Go into that a little more. Something you said earlier where the misuse of this technology by governments and law enforcement…I don’t think most people on the every day level are thinking of this technology being misused by law enforcement.
Raj: Most people aren’t especially in the United States because we have a ‘relatively clean government’. We as a country have not culturally grown up in the monarchy or in a repressive state. The closest we came to it was the McCarthy era. And so we tend to refer to authority, trust our government; trust the cops, the FBI to a large extent. Whereas in Europe, until 30 years ago, half of Europe was a surveillance state, the former Soviet Union. These Germans until 25 years ago were a totally separate country and the most heavily surveillance states in the world. One in ten East Germans actively spied on their neighbors, family members, kids spied on their parents for law enforcement. Neighbors spied on neighbors. Employees spied on employers. Employers spied on employees. Everybody reported everybody else to the government, so when we say ‘law enforcement’, we should probably talk about government. The real challenge is because the massive rise in technology and the rapid drop in cost. Every government around the world, no matter what they are on paper, has become a surveillance state. Just right after New Years, Congress cant do anything about our debt or fiscal problems but they had no problems giving the NSA and the FBI, especially the NSA, a blank check on all Internet surveillance for the next 5 years. The law got renewed with 0 debate. So right now, US government has he global right to spy on all communications by American citizens and American corporations globally. Email, Facebook, tweets, you name it. They’re archiving it all as much as they can. And right now, we have a fairly decent government. We have a fairly open society. That may not always be the case. And if we don’t safeguard our first amendment rights of free speech from the government and our Fifth Amendment rights to self incriminate, 10, 15, 20 years down the road, our kids will not have first and Fifth Amendment rights at all. Everything is going online and a number of cases globally, rights people have in the real world about being able to say what they want, especially in this country, are not applying to cyber space. Things you can say in the real world: “I hate my boss. I hate my job. My company is full of morons.” In the real world, you can’t say that. Cops will haul you to jail, at least in the United States, for saying that. On the Internet, if you say that, you can be fired. Lots of people have been fired for making those kinds of statements, which are innocuous in the real world but not innocuous in an online forum. The embassy is building one of the largest data centers in the world for surveillance. It’s not just what the government is doing. Four years ago, Twitter signed an agreement with the Library of Congress to archive every single public tweet at the Library of Congress. On one hand, this is a really interesting use of technology. I’m not sure if it’s great or un-great, but it’s a really interesting use of being able to capture and archive 4 years of public communications. They’re actually having a real problem at the Library of Congress and on Twitter on how they store and analyze all this data. If Twitter is doing this and the archive is not going forward, so they’re never stopping until the Library of Congress is stopped. So if every public communication is recorded for innocuous means or public service or jut for the Hell of it, what are the downsides? What are the controls of this data? Today, everyone’s conversations are being recorded. It’ll be on the Internet for who knows how long. It’s a fairly innocent, fairly safe conversation. Ten years from now, I have no idea how much what I have said will be illegal, unethical, or life threatening. And neither do you.
Dave: I know. That is amazing and that blank check that you referred to for the NSA and that facility that’s one of the largest information facility actually being built right here in our backyard. It’s like a million square feet and over a billion dollars into it so far.
Raj: It’s a couple of billion, and it’s a lot bigger than that. Private companies are doing things for their own benefit that in the long run will come back and bite us very hard. One example is that really, realistically cops can’t go around, see every license plate, and run a license plate check on them because they don’t have the manpower or the legal right to do that. But they’ve stretched that quite a bit that every cop car on the highway has cameras on both sides that can automatically run every license plate and is checked against law enforcement databases. But separately, a couple of repo men…a couple of them have built massive, large databases where they pay people. They pay their investigators to drive around. All these cars do is photograph every single license plate, but them in databases, and do a database track. If there’s somebody in your neighborhoods and you could live in a rich community, a middle community, or poor community. If there’s somebody in your neighborhood that owes money on a car and it needs to be repossessed, these repo guys will come through and cruise your neighborhood and photograph every single car, put the data information in the database, and it’s supposedly built to help repo cars faster. But a couple of them are now turning around and selling this data to private companies and to government for a pretty penny. So where the government can’t legally go around, photographing every single car, they can buy it. And they are. So I’m not saying the repo company had no right to collect this data. They have the right. We allow it. But there’s no control of what they can do with this data or what control we have as citizens.
Dave: Yeah, I think we talked a little bit about that once before where the government can’t do searching, and I think we were referring to social security numbers.
Raj: I was talking about data profiles. There’s a lot of information government can ask of you legally.
Dave: Right.
Raj: By law, the government cannot ask you, “Who do you sleep with? What do you smoke? What do you drink? What are your political views?” The census for asks for a lot of information, but it doesn’t ask you as much information as Facebook or Match.com do. Legally, the government cannot ask, “Are you a republic or a democrat?” They can ask you who you voted for. They can’t ask you what brand of vodka or bourbon you drink. But any information held in a commercial database…government can buy. And so right after 9/11, for example, on September 12, 2001, [someone] had one of the largest [data breaks] in the country. He told his guys, “Go through the database. Go through all the data we have and find me profiles of potential terrorists.” We did not know on September 12 who the guys were that flew the aircrafts into the buildings. “Let’s look at our database. Find for me who might be a suspected terrorist in our database.” And he called the FBI and said, “This is who I am. You know who I am. I had my guys run through this and we think we have these people who might have been some of the hijackers.” He literally said that some of the hijackers are on the list. He gave the FBI 30 names with their full profiles. Turns out, they think 4 or 5 of the hijackers were on his list.
Dave: Wow.
Raj: Within a week, his company got a very nice contract, a couple hundred million dollars for this decade to provide these profiles to the FBI. Legally, the FBI could not get this data from us. They can’t ask for this data unless we are actually being investigated, but they can buy it wholesale on every person in their database because it’s available for commercial purchase.
Dave: So is that kind of the struggle with the social media networks life Facebook, LinkedIn? That a lot of this information has been given freely? And it’s a large database, and it’s kind of the moral issue of will they sell this information? Or how this information is going to be gathered and used.
Raj: Well, there’s a moral dimension to it. If they have it, they’re collecting, and they’re going to sell it to somebody at some point. When OnStar came out, GM sold it because it was a great, life-saving tool. You’re in an emergency, press the button, they’ll call the emergency responders for you. If your keys are locked, they can unlock your car. If you lock your kid in your car, they can unlock it for you. And when OnStar came out 10, 12 years ago, no one really thought about the privacy fact of OnStar. Then last year, OnStar admitted publically when the updated their terms of service that by being an OnStar subscriber in the past or now and actively subscribing, you’ve given them the right and the permission to sell your data to third parties. Now who wants to buy your OnStar data? I don’t want to buy it. But you know what? Your insurance company does. The attorney for the opposing side, whether it’s your divorce case or business litigation is going to want to buy that data. So my position, if you will, is I’m not saying no to technology. I am a gadget freak. I love new tech. That’s why I’m in technology. By I am saying as a responsible, adult citizen in our countries, we need to locally and globally demand that civil rights protections be built into the architecture. Everything from ‘give me the ability to verify all the information Facebook has on me’ to ‘give me the ability to permanently delete my LinkedIn profile if I choose to’. We do not have the right to revoke our data from third parties actors. We don’t even have the right to correct this information. You can beg, you can plead. There are number of cases where somebody died and the remaining relative can’t get access to profiles to make updates or contact people or shut it down. And separately in the digital world…in the real world, you buy a record, you buy a CD, you buy a DVD. You can give it, you can burn it in, you can leave it in your estate, you can leave it in your will to give it to people. But today, if you go to iTunes, you go to Amazon, and you buy a digital download, you don’t have a right to give that to people when you pass away. You die, it dies with you. Why is it that I can go buy a CD or DVD, keep it on my shelf, and give it to my kids for now and forever? Or they can give it or throw it away. But if I take the same money and buy a digital product, I don’t have the right to loan you my favorite novel or my favorite eBook on my Kindle or on my iPad. I don’t have the right to give that to my survivors or my friends because I don’t actually own that product. I have a license to view it for a short period of time.
Dave: That’s an interesting concept, isn’t it? I don’t know how you’re going to get around that. Do you have any thoughts?
Raj: On the digital download or product side?
Dave: Yeah.
Raj: You know, one thing could be just clarification of the terms. When I buy a book, I’m buying a book. When I’m buying an eBook, I’m renting an eBook. I’m not saying that digital downloads are wrong. Hey, I bought music from the Amazon mp3 store, I’ve bought eBooks. Well, I’ve rented eBooks. I think thing could be actually clarifying our language. Don’t let the merchants misuse language. When you buy a physical object, you’re buying rights associated with that physical possession. When you are renting a digital object, you’re renting it temporarily. And the ‘temporarily’ can be defined by how much you use or how long the technology survives. Microsoft spend billions of dollars making the Microsoft Zune store and Microsoft Ready To Play crap in the late 90’s, early 2000’s. That product is gone. That technology and all the stuff you bought in it… you can no longer use it. Sony has spent the last 20 years building empires and when they fail, you lose rights to your digital media. So on the digital download side, I say we clarify the terms. On the social media and civil rights side, in my wildest dreams, I think of myself as a Ralph Nader for the Internet. We need a new conversation on civil rights for minors and adults in cyber space. In the real world, if a kid commits a crime except for a couple of heinous things, the records are sealed. The records are sealed for life unless the kid becomes an adult and does something else. That forces the cops on the opposing side to have those records be unsealed later in life. In the civil and legal world, we have a legal amnesia for minors. That is not true on the Internet. That’s not true electronically. We need to have the digital amnesia rights.
Dave: That’s a good point, but that would be very helpful in the future for kids that are being kids, you know?
Raj: Kids are being kids. They’re going to say dumb things. They’re going to say stupid things. They’re going to say things that they don’t have the wisdom and maturity not to say. And quite frankly, they are kids because that’s their job: to say stupid stuff, to experiment, to move our society forward by experimenting at the edges. We as adults need to give our kids the right to be kids again and not be tangled in with adults living in virtual, digital prisons.
Dave: Exactly. You know, you mentioned some of the things that are taking place. The rights. Is that sort of where SOPA, PIPA have come in? Where I guess corporations are trying to–
Raj: SOPA and PIPA are a part of Disney’s, Sony’s, Hollywood’s 40-year war against technology. Or 50-year war against technology. SOPA and PIPA are laws written and paid for by the movie and the record industry of America and their global counterparts in their jurisdictions to take away our civil rights and our existing rights not to improve society, not to improve security, not to give us any other benefits, but to protect the bottom lines of the top corporations in the world. As a consumer, my kids are hooked on a Disney. And as a comic book fan, what Disney has done with the Marvel movies is phenomenal. I loved The Avengers. I loved Iron-Man. As an adult and a civil rights activist, Disney is the poster child for the company that has in every single instance actively destroyed society for private benefit. They’ve been doing it for 50+ years.
Dave: And it’s caused a lot of problems. I know those laws are trying to be implemented or just the suggestion that there’s been some suggestion that there’s been some copyright infringement has been detrimental to some people who are running blogs for a living.
Raj: Right, and before we talk about SOPA and PIPA and copyright infringement problems, we should actually take a step back and look at until the late 70’s. The copyright act is pretty rational. But when the Mickey Mouse copyrights were about to expire, Disney pretty much bought Sonny Bono and the current copyright in the United States that gives the product or symbol protection 75 years after the death of the creator. It’s ridiculous. Giving somebody it for 18 years makes sense. Giving them someone a copyright for 18 to 20 years makes sense. But to give Disney a perpetual right on Mickey Mouse or on Snow White. Snow White is not a Disney character. You can argue they could have the rights to Mickey Mouse forever because Walt Disney invented him, but Disney did not invent Snow White. Disney did not invent Pocahontas. Disney did not invent most of their characters and yet because of various things they’ve done with copyrights, Disney now pretty much owns Snow White forever. And Snow White was really popularized by the Grimm Brothers 200+ years ago. Disney has a great practice of taking public domain characters, reinventing them, Disney-fying them, and them owning them.
Dave: I wish we had the finances to be able to do that, but we don’t. So I guess that’s where the large corporations with the deep pockets, they kind of flex their muscles that way.
Raj: Well, it’s not them flexing their muscles. It’s that they’re taking advantage of our ignorance and our busy lives to do these things in the dark in smoke-filled rooms. And we as citizens, we have more power and more money than all the corporations combined.
Dave: I agree.
Raj: There’s no corporation as strong as the consumer. No government is as strong as the American consumer. And what we need to do as other countries have done is we as adults need to get together and actually demand our rights. More important, we need to go back to the Constitution, read it again, read the Declaration of Independence, and be the check and balance on government and on corporations. That’s out job. Our job isn’t getting up, going to work, getting a paycheck, and paying the mortgage. Our job is raise our kids, take care of our communities and at the end of the day, leave this place better than we found it. The [something at 53:25] in America, for 20 years fought every single safety innovation. Seatbelts? They fought them. Anti-lock breaks? They fought them. Airbags? They fought them. Crash zones? They fought them. They were willing to let people die horrifically in exploding cars and faulty tires until Ralph Nader and a bunch of others got together and said, “Enough is enough.” Ralph Nader wasn’t rich. He still isn’t rich. He’s famous but he’s not rich. But he saved billions of lives globally by putting a stand for ‘we want better cars’. We should not have exploding deathtraps on our highways and parked in our garages. The same thing applies here. We need to say, “We need civil rights.” Enforce rights we have, give us new protections on new technologies. This is not a new conversation in this country. You and I are alive today because the last century, writers and social activists got together and demanded the FDA, the government actually, police food. The FDA is only a 100-something-year-old agency. It came about because of food poisonings, alcohol poisonings, and bad medicine being sold to the American consumer until the 1910’s. So we got the FDA within the last century. We need something equivalent for digital rights, civil rights, and cyber rights for the 21st century. And no one’s going to give it to us. You, me, people listening…we have to demand these rights, demand these controls. Otherwise, we have failed as parents.
Dave: Yeah, I agree with you. You said something. It’s kind of the unification of the people that are going to make a difference, and it’s kind of what you’re addressing here at the national cyber security center in the Netherlands, is the fact that they’re trying to unite all of the people in that particular ICT. And that’s like the umbrella of all technologies put together. And this is kind of what you’re referring to and the fact that pulling all the people in IT and in this industry to work together to come up with something that’s going to keep us all safe in some form of matter. So why don’t you talk a little bit about what you’re going to be speaking about. I know we’ve been doing a lot of that, but maybe particularly what you’ll be covering. And then wrap it up with maybe some of the others you’re interested in hearing about.
Raj: So if you go to our website, brainlink.com, under ‘free stuff’, there’s a webinar, which I recorded a year ago on what [something at 56:34] on social media. And what I’m speaking next week about is an updated version of that. The webinar still stands alone. It still has all the data still relevant and valid in it, but the world has changed in the last 12 months. And so at The Hague, I’m going to use more global examples of how social media and technology have been used to the detriment of individuals and societies, generally by government or by large organizations. I work in information security. I don’t really care about security aspects as much from a government or social perspective. We need to build security into the system, but I’m focused very much on protecting or demanding civil and privacy rights that either we have or we’re ignoring or the ones we don’t have yet because no one has thought about them before. Or people have thought about them but it’s something we’ll get around to it later. I’m going discuss more of in the last 12 months here’s what has happened around the world. How government and large corporations have used things we said and things we did online to our detriment. And, by the way, here’s what’s happening when private actors for their own private benefit do the right things and how it’s being misused. The repo men. The building of the OnStar database. The building of the Facebook database. When Facebook got founded and they were funded early on, they didn’t know they were going to be the world’s largest social media network but they built their architecture to collect all this data. Right now, they did a really good job of collecting it. They did a really poor job of analyzing it, which is why most Facebook ads are horrible and awful. But at some point, their ability and our ability as a society to process bites of data in near-real time is going to occur. Real-time traffic, real-time ad targeting, real-time tracking. Right now, parents are volunteering to put GPS chips on their kids. A kid in Texas got thrown out of school for refusing to wear a tag in school. Parents are giving their kids cell phones. “Hey, give this kid this cell phone. Here’s our fees. You can track your kids in real-time because we record GPS data.” If you’re a pet owner, you can actually have a collar put on your pet or have a tracker implanted inside your animal so you can track the location 24/7. There are large businesses around. There’s money being made selling parents surveillance technology. Employers are being sold surveillance technology. On one hand, this’ll protect yourself from doing stupid stuff on the Internet. On the other hand, all the data that gets collected: the cell phone, the text, the video records, the phone records, the emails…we collect all this data but we never, ever delete it unless the machine crashes or the hard drive dies. And on the one hand, as a security expert, I advise my clients to keep as much data as you can, log everything that you can, and analyze it. When you don’t any longer need it and if the laws allow, delete what you don’t need. A lot of companies are doing it on a individual level, but socially, we are not deleting data we no longer need because somebody always says, “Oh we might need it someday.” And it’s not someday. It’s forever. What’s been happening in the last 12 months in the world and why you should care at how slowly and incrementally these little, individual events are really leading towards a wave of drowning individual freedoms around the world. In the US, in Canada, in the EU. The EU is really progressive. They’ve got a bunch of laws on the books that are very, very un-American. They are very civil rights oriented, human oriented, and they’re having a really difficult time implementing them because they’re fighting with Facebook and Google and they’re losing more than they’re winning. We need to protect our society from the New Dutch India companies.
Dave: Yeah, what struck me was one of the things you said where the child was kicked out of school for not having the RFID tag on them. I guess that’s really what it’s coming to, isn’t it? I don’t know. You talk about the mark of the beast, huh?
Raj: I talk about the mark of the beast. I talk about how it’s a discussion I don’t get involved in. What I care about in that is: we treat our children in schools, at least in America, worse than prisoners in a prison or worse. Our kids in schools have less civil rights than prisoners do.
Dave: That’s interesting.
Raj: Kids in schools don’t have freedom of speech. In a lot of schools, they don’t have freedom of dress. Schools tell them what to wear, what schools of acceptable, and this happens primarily in the lower economic communities. Kids in schools, putting RFID tags on them. We’re training our kids to grow up as prisoners. They have no freedom of movement, congregation, speech. So what are we training them for? When they graduate school, go to college, and graduate college, what mindset are they bringing to the table? Surveillance is okay. Track my movement all the time. Well, our cell phones are doing that for us right now. You know exactly where I am. Verizon knows exactly where I am right now because I’m talking to you on my cell phone. Today, Verizon knows it. I don’t know how soon until law enforcement knows it at some point in the future. You will know in real-time where I am by clicking on a webpage or getting a ping on your dashboard.
Dave: It’s like going through the directory and pushing a button. “Oh, yeah, there he is. That’s what he’s doing.” Once they’re even maybe tied into satellite, and I’m talking in the future, you’ll be able to real-time even watch the move around.
Raj: Yeah, it’s called Face Time. We have it right now. And it’s called Skype. At some point, your phone’s going to go, “Call from Raj.” It’s not just going to give you my name and phone number. It’s going to give you my location, whether or not I’m in my neighborhood. So you can say, “Hey, Raj. How you doing in Europe? How’s the snow looking?” It’s going to be built into phones.
Dave: I haven’t heard you talk anything about apps and maybe the vulnerabilities with apps.
Raj: Like any software, apps have problems. But that’s just the given nature of software. For me, apps present a very interesting civil and privacy and rights argument in that any app store owner, whether it’s Apple with their iTunes store, Amazon with their Amazon store, not only knows what you bought, which they’ve always known as merchants. But they know down to the word you’re reading. What’s the last word you read on an audio book? What page are you reading? What are you reading? And today, that data is in Apple’s databases and Amazon’s database. At some point, all these databases are going to talk to each other because they want to share this data freely. Netflix just spend a fortune buying the US senate. They got the video privacy law revoked. And why do they care? Because after Judge [something] lost his nomination because reporters told the world what kinds of videos he was renting and watching, and after the video renting history nearly derailed William [someone]’s nomination, they passed a law. If you rent a video, the video store can’t tell anybody what you rented, which is fine in the physical world but Netflix isn’t like that. They want to be able for you to tell people on Facebook what movie you’re watching, what you’re download right now. They spent the last couple of years lobbying Congress and the last bill that got passed right before the Christmas/New Years break…if you rent a DVD from Netflix, they can’t tell the world what you rent. If you rent the same DVD as a streaming video, they now have the legal right to tell the world what you watched to encourage you to send a Tweet or Facebook to tell the world this cool TV show you’re watching. And when I rent a DVD, you just know I rented it from you. You don’t know how far I got. You don’t know if I watched it. When you rent a DVD stream on the other hand, you don’t only know what I bought and paid for, you know when I watched it, how far I got into it, how many times I watched it, what scenes I am fast-forwarding to, what scenes am I skipping, and all of this data is being collected. And at some point, it’s going to be harvested in ways that designers never imagined. And you as a consumer paying Netflix your $12 or $16 a month don’t have the right to tell Netflix, “Hey, delete all my viewing data.”
Dave: That’s the threat. Like we mentioned or you mentioned before earlier is that all this data is collected with no use in mind at the moment, but in time, that data is going to be mined in ways we never even dreamed of.
Raj: All the data is being collected for intended use. In some cases, the uses are benign and useful. In other cases, it’s not benign but it’s legal. The real challenge, the real threat is the law of unintended consequences. We have no idea what’s going to happen when the things that are collected today are becoming rapidly analyzable. And when they come sharable or shared with other parties legally or illegally. WikiLinks is a good example. The US government has all this data. I’m glad they collect all this data. I’m glad they record them. I don’t think the government actually thought at any point that somebody would publish all these cables globally. I’m sure they thought the Russians were stealing it. The Chinese probably already have a copy. But I don’t think they expected the citizenry to get their hands on this data.
Dave: Well, Raj, we’ve gotten to a point to maybe we can wrap up or if there’s any last minute comment. Before we do that, how’s your book going?
Raj: The book is doing well. In fact, we got a couple of new clients because they read the book. They really liked that the book is not an advertisement. It’s not preachy but is how to use technology and tools and people to have a happier, healthier life. It really is how to use technology, not from a geeky and push that button perspective, but how to think about technology as a tool in ways you may not have before. And how to use it to liberate your employees and make more money, have more vacations, and have a lot more fun.
Dave: Is that your second book that you’re referring to?
Raj: No, that’s my current book.
Dave: Your current book, okay.
Raj: My second book is a lot more technical in nature. I’m currently writing it for a security publisher and it is: How To Have Successful and Effective PIPA and PCI Audits. But the first book is How To Get Great Results From IT: The Most Important Secrets From IT. That really is how to use technology you already have and the people you already have to do more, make more, and have more fun.
Dave: and that’s available at RajGoel.com?
Raj: It’s actually available on Amazon.
Dave: Okay. Do you have a website where you can get it?
Raj: If you go to RajGoel.com, there’s our landing page. You can go to Amazon, search for ‘Raj Goel’, and I’m still the first hit on Amazon for my name.
Dave: Well, I would highly suggest everybody get a copy because I did read it and it’s a great book. At an individual, non-tech level, it’s got some great information for you.
Raj: Thank you, Dave, I appreciate that. And on that not, have a happy, healthy New Year and I will speak to you after my European tour.
Dave: I’m looking forward to it. We’ll have you back to talk about it.
Raj: Thanks, Dave.
Dave: All right, Raj. Bye, everyone.