The US government has, earlier this year, released documents outlining a new program that involves tracking social networking websites and social media websites. Facebook already has procedures in place, dating back to 2007 and updated yearly, to submit personal information of its users to law enforcement agencies should the need arise. The data that it is willing to hand over ranges from your mobile number and contact details, to your friend lists; from photos you have uploaded and been tagged in, to video posts that you have uploaded; from wall posts to status updates; even your IP address and session cookies. The list goes on. Facebook has long been criticised for its handling of private data and the fact that you can never fully “delete” your account, so those who value their privacy and security will be perturbed to know that Facebook is willing to share your personal information, friends, family, IP address, etc with relevant authorities. There are those who state that, “if you have nothing to hide you have nothing to fear”, though this statement has been criticised by many. Are we sleep-walking into a surveillance state? Is the surveillance state already here?
As stated, the potential for government agencies to request personal data that you upload to Facebook is already in place, but that it not the end of social media monitoring. Facebook is but one social media website out of many. All social media users should be aware of the types of information that can legitimately be passed on to various agencies, and the true extent of the monitoring. Earlier this year, the U.S. Department of Homeland Security (DHS) released publicly available documents outlining a new program that involves tracking social networking websites and social media websites.
This document is entitled “Publicly Available Social Media Monitoring and Situational Awareness Initiative“, which is dated June 22, 2010. The gist of this piece of legislation is this: The DHS is monitoring many social media/networking sites such as Twitter, Facebook and Youtube, for specific key-words ranging from words like “terror” to “Iraq”, to “bomb” to “cops”, to “marijuana”… and the list goes on. This information is then stored and passed on to certain departments, foreign governments, and even private sector “partners”.There is no mention of exactly which foreign governments will have access to the information, nor any mention of which private sector “partners”. It is intruiging yet also worrying.
The websites that will be monitored include: Facebook, Twitter, Youtube, Myspace, Flickr, Vimeo and Hulu, to name but a few. Facebook and Twitter “trend” sites will also be monitored.
The aim of this Initiative is to help the Department of Homeland Security (DHS) maintain “situational awareness”. Now what is “situational awareness”? Section. 515. of the Homeland Security Act includes a definition of the term:
“SEC. 515. [6 U.S.C. 321d] NATIONAL OPERATIONS CENTER. (a) DEFINITION.—In this section, the term ‘‘situational awareness’’ means information gathered from a variety of sources that, when communicated to emergency managers and decision makers, can form the basis for incident management decisionmaking.”
The National Operations Centre (NOC) is the “principal operations center for the Department”, and Federal law requires it to provide this “situational awareness” as well as a “common operating picture for the entire Federal Government, and for State, local, and tribal governments as appropriate” [pg.2]. So far, so clinical. So what does this mean in real terms?
It basically means that the National Operations Center will monitor, store, analyse, and pass on “relevant and appropriate” information to federal, local, and foreign governments, as well as private sector partners who are authorised to receive this “situational awareness” and “common operating picture”. There is no elaboration on who these private sector partners are, nor which foreign governments are to be allowed access. The information that will help provide “situational awareness” will come from social networking websites, blogs, etc. The initiative details below that:
“The NOC will use Internet-based platforms that provide a variety of ways to follow activity related to monitoring publicly available online forums, blogs, public websites, and message boards. Through the use of publicly available search engines and content aggregators the NOC will monitor activities on the social media sites listed in Appendix A for information ” [pg.3]
The initiative does state that personally identifiable information will not be stored, though some personal information may inevitably fall into their “hands” which they would then “delete”. There is no conclusive proof that the department would delete personal information, however, and the initiative is rather worrying. In fact, the initiative states that the NOC would share personal information in the event of a life-or-death situation. The initiative even details a couple of examples of such a situation:
“In the event of an in extremis situation involving potential life and death, OPS will share certain PII with the responding authority in order for them to take the necessary actions to save a life, such as name and location of a person calling for help buried under rubble, or hiding in a hotel room when the hotel is under attack by terrorists.” [pg.2]
It does not seem to put readers at ease, however. And the initiative states that the information will, essentially, come from all users of social media sites. The information to be stored/analysed will come from:
“Members of the public as well as first responders, press, volunteers, and others provide publicly available information on social medial sites including online forums, blogs, public websites, and message boards” [pg.4].
So basically anyone who posts on social media sites are opening themselves up to this program of monitoring. Appendix B details a list of the search terms and criteria for monitoring,which is very extensive and yet is only a “starting point”. Apparently, “Information posted in the public sphere…becomes a federal record and the Department is required to maintain a copy”, although personally identifiable information will not be stored. It is difficult to understand how the DHS can monitor social media sites and not receive or store personal information. In fact, the initiative states several times that personal information may end up in the DHS’ hands, though it will redact this information immediately. But again, there is no real guarantee that they will not end up storing personal information anyway. Which is particularly worrying as the information will be shared with foreign governments and private sector partners. The DHS also does not have to provide notice to users that their information is being stored/monitored.
The point is, people using social media websites should be aware that they are being monitored. This is especially important given the recent court rulings against a couple of people who posted ignorant, yet innocent, content on websites Facebook and Twitter. One guy joked about blowing up an airport on Twitter, next thing he knows the police are at his door and he is given a conviction. The rapid expansion of online monitoring needs to be brought to public attention, because if you are using these websites, you have a right to know. Mobile phone companies already store messages that you send which authorities can receive, now social media sites are under “attack”. Some argue it’s for “national security”, others feel it’s akin to having their post opened and read before being sent to their door. What do you think? Leave a comment below.
The monitoring will be done by essentially monitoring social websites for specific key-words. The complete list is in Appendix B, starting on page 17, and contains dozens and dozens of key-terms. These terms include the words: shooting, militia, police, cops, flu, sick, marijuana, cocaine, terrorism, Iraq, pirates, virus, ice, Al Qaeda… You can only begin to imagine the amount of data the DHS must receive from social media sites. It must also be noted that the list is a “starting point” and more terms will be added in time. Appendix A begins on page 12 and lists the websites that will be monitored and that, too, is simply a starting-point.
- New FOIA documents reveal DHS social media monitoring during Obama inauguration (eff.org)
- DHS Scoured Social Media Sites During Obama Inauguration for ‘items of Interest’ (pcworld.com)
- Facebook Apps Transmitting, Selling Personally Identifying Information (huffingtonpost.com)