The FBI and the DOJ want you to report suspicious people and monitor social networks. Goodbye liberty

"Terrorism has replaced Communism as the rationale for the militarization of [America], for military adventures abroad, and for the suppression of civil liberties at home. It serves the same purpose, serving to create hysteria." -- Howard Zinn, "Terrorism and War"

Some of the worst consequences of terrorism come not from the real dangers that terrorism poses but in our efforts to defend ourselves from something that is incredibly hard to define and predict.

Terrorism is not like dealing with an invading army or an attack by aircraft or missiles; it is a diffuse, random assault that can, theoretically, happen anywhere. The next person to get blown up could be some state official or it could be you, which is how terrorism works; the fear it generates is more powerful and culture-changing than the actual attacks themselves.

25 More Ridiculous FBI Lists: You Might Be A Terrorist If ...

While our government quite rightly sees one of its may tasks as protecting us from such threats, the reality of efforts to do so is that we wind up ignoring pragmatic issues such as the cost and effectiveness of counter-terrorism measures, as well as the dangers of overreach that accompany those efforts.

As an example of overreach I offer you the latest in governmental insanity: The FBI and the Department of Justice produced a series of 25 fliers to encourage -- and I am not kidding -- the reporting of suspicious activities by local businesses in a variety of industries.

Under the rubric of "Communities Against Terrorism," one of the fliers, titled "Potential Indicators of Terrorist Activities Related to Internet Café," suggests that the following behaviors should be considered "suspicious" where coffee and the Internet meet: "People who: Are overly concerned about privacy, attempts to shield the screen from view of others. Always pay cash or use credit card(s) in different name(s). Apparently use tradecraft: lookout, blocker or someone to distract employees. Act nervous or suspicious, behavior inconsistent with activities. Are observed switching SIM cards in cell phone or use of multiple cell phones. Travel illogical distance to use Internet Café."

I love the use of the term "tradecraft." How many people in the general public know what that means?

There's a lot more advice about the suspicious use of computers and an exhortation to "Be part of the solution" by asking Internet Café workers to: "Gather information about individuals without drawing attention to yourself. Identify license plates, vehicle description, names used, languages spoken, ethnicity, etc."

It gets better! The flier advises, "If something seems wrong, notify law enforcement authorities," but adds the rider, "It is important to remember that just because someone's speech, actions, beliefs, appearance, or way of life is different; it does not mean that he or she is suspicious." What does "seems wrong" mean? How on earth is anyone supposed to balance those contradictory directions?

The flier then provides the phone number for something called the Joint Regional Intelligence Center (JRIC) and tells you to mention "Tripwire"! Ye gods! Code Red! Code Red! Someone said "Tripwire"! Frisk him! He might have an EFF or ACLU membership card!

This is insane! This is reminiscent of the U.S.'s "Second Red Scare," otherwise known as the era of "McCarthyism" ("the practice of making accusations of disloyalty, subversion, or treason without proper regard for evidence"), which lasted from 1947 to 1957 and was arguably one of the most shameful eras of American political history.

But wait, there's more! The FBI has just published a Request for Information (RFI) asking IT vendors for a "secure, lightweight web application portal using mashup technology ... The application must have the ability to rapidly assemble critical open source information and intelligence that will allow [the FBI's Strategic Information and Operations Center] to quickly vet, identity and geo-locate" potential threats to the U.S.

According to a report in Computerworld, what the FBI is planning to do is scour blogs and the social networks such as Facebook, Twitter and Plurk to "keep on top of breaking events, incidents and emerging threats."

Once again the issue is not the ostensible purpose of the FBI's "intelligence" gathering project, but rather how the data collected will be used, because that data will be sliced, diced and analyzed by whoever has the power to do so.

As I discussed last week, the consequences of government agencies being allowed to overreach, to use data gathered about individuals and organizations in ways that are antithetical to due process and violate individual privacy and public trust, are serious issues, and to underestimate what could happen and how it will change us as a society is simply naive.

As much as I hate to recycle a quote that has been recycled to death, Benjamin Franklin's "They who can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety," sums it up better than anything else I can think of.

Consider those wise words carefully when you're next sitting in Starbucks, sipping the latte you paid for with a five spot you had handy, trying to stop the guy beside you from reading the email you're writing to your mother while the barrista is trying to surreptitiously dial the phone and eyeing you like you might have a bomb in your shoe.

Gibbs is doing nothing suspicious in Ventura, Calif. Send your intelligence to and along with the FBI follow Gibbs on Twitter (@quistuipater) and on Facebook (quistuipater).

Read more about wide area network in Network World's Wide Area Network section.

Join the CSO newsletter!

Error: Please check your email address.

More about Department of JusticeDOJEFFFacebookFBILANRequest DSLStarbucksTripwireWikipedia

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Mark Gibbs

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place