martes, 12 de marzo de 2019

Lo que puede ser no siempre es

Joaquín Mª Aguirre (UCM)
La guerra sucia comercial contra Huawei sigue por parte de la administración Trump. A la prohibición federal de adquirir material de Huawei en los Estados Unidos, le sigue ahora la segunda etapa, la de presionar a Europa para que sigan el mismo camino. De nuevo el lenguaje de la amenaza. Estados Unidos trata de evitar el desarrollo de la empresa Huawei mediante este tipo de imposiciones a los países.
Hace unos días lo tratábamos aquí con motivo de la presentación de Huawei de una reclamación ante los tribunales exigiendo que se aporte alguna prueba de lo que hasta ahora es una sarta de acusaciones sin ninguna. La compañía china hablaba de "juez, jurado y verdugo", como se recordará, ante la campaña contra ella.
La CNN trae el siguiente titular, que refleja el estado creciente de la tensión extendida al resto: "US warns Germany that using Huawei tech will come at a cost"*. Lo hace tras señalar Alemania que no tiene ninguna evidencia de que exista infracción o peligro en lo que Huawei ha realizado o presentado. La CNN explica:

Washington (CNN) The US has underscored to Germany its threat to limit intelligence sharing with countries that use Chinese tech giant Huawei to build their 5G communications networks.
US Ambassador to Germany Richard Grenell sent a letter to the German government last week threatening to curtail German access to US intelligence if Berlin decides to issue contracts to Huawei, according to a US official familiar with the matter.
"The Federal Minister for Economic Affairs and Energy has indeed received a letter; there is no comment on its content from their side. There will be a quick reply," said Matthias Wehler, spokesperson at the German embassy in DC. Germany announced March 7 that it wouldn't ban any company from bidding on 5G contracts.
The letter, which was first reported by the Wall Street Journal, echoes a steady drumbeat of warnings by top US officials, including Vice President Mike Pence, who flagged Huawei's alleged connections to Chinese intelligence and its ability to compromise national security by selling equipment with "backdoors" that could allow for unauthorized surveillance.*


El chantaje con la seguridad es de una grosería inimaginable en circunstancias que no se ajusten a la presencia en la Casa Blanca con los mismos rasgos amenazantes. El "estilo Trump", el de la prepotencia y la amenaza, se manifiesta en la diplomacia norteamericana, que se ha vuelto agresiva y amenazante con los que no siguen sus dictados, pues no pueden considerarse de otra manera. Es la Norteamérica "dictadora" que emerge entre malos modos y declaraciones fuera de tono.
En The Verge se resalta el tono amenazante de la carta enviada a los alemanes:

In one of the most explicit demands yet sent to an ally over Huawei, the United States government has told Germany to drop the Chinese company from its future plans or risk losing access to some US intelligence, The Wall Street Journal reports.
Huawei has faced accusations from the US that it could be used by the Chinese government for espionage. The company has repeatedly denied that it would act on behalf of China, and pointed out that the US government has not publicly produced any evidence to corroborate the claims, but US officials have remained unconvinced. The Trump administration has been pressing allies to end their relationships with Huawei, but Germany, moving ahead with its plans, has not moved to ban the company from its networks.**


El "podría" (could) es el elemento determinante. Una cosa es una "prueba" y otra el "podría". Cualquier país es susceptible de "poder" hacer algo distinto a lo que hace o dice que hará. Es absurdo establecer este tipo de prevenciones en ausencia de pruebas.
Las noticias de los avances de Huawei en telefonía y comunicaciones cuestionan el ego norteamericano, el mito de la supremacía tecnológica y la capacidad productiva. Es ahí donde realmente ha surgido la preocupación de la administración de Trump.
Desde el principio, la estrategia presidencial se ha basado el "hacer América grande de nuevo", lo que implica la reducción de sus rivales en todos aquellos campos en los que puedan hacerle sombra, especialmente la defensa y el control de las comunicaciones, que es la base de la Sociedad de la Información. El ideal que surgió con Al Gore de las "superautopistas de la Información" era la expansión norteamericana extendiendo su poder a través de las nuevas redes. Los Estados Unidos eran el centro del conocimiento y esto se podía rentabilizar extendiéndolo a través de las redes, que se daba por supuesto que se controlaría siempre. Internet era cosa de los Estados Unidos y los demás eran "alquilados", tal como expresa el propio sistema de "dominios", pensados para USA.


El crecimiento de las redes y servicios conexos por todo el mundo supuso un choque para Estados Unidos al darse cuenta que no podía controlar algo que se estaba haciendo universal. Pero sigue manteniendo la idea que, con Trump, regresa con más fuerza.
La lucha ahora ya no es con China o Huawei. Es con el resto del mundo, que se enfrenta a un "podría" chino pero a una realidad norteamericana, el chantaje. Mientras no haya pruebas encima de la mesa, las presiones norteamericanas a los aliados, las amenazas explícitas ya, son solo un chantaje inasumible. Trump necesita enemigos con los que librar sus propias batallas. Y si no los tiene se los inventa.
La autoridades en ciberseguridad alemanas han dado vueltas y más vueltas sin encontrar más que los temores norteamericanos. A finales de diciembre podíamos leer:

Germany's top cybersecurity official has said he hasn't seen any evidence for the espionage allegations against Huawei.
Arne Schönbohm, president of the German Federal Office for Information Security (BSI), the nation's cyber-risk assessment agency in Bonn, told Der Spiegel that there is "currently no reliable evidence" of a risk from Huawei.
"For such serious decisions such as a ban, you need evidence," Schönbohm said. Should that change, the BSI will "actively approach German industry" he assured the paper.
Huawei has opened a facility in Bonn, in west Germany, where it shares code and allows Schönbohm's risk assessors to inspect Huawei kit. This is along the same lines as the UK's Huawei Cyber Security Evaluation Centre (HCSEC) in Banbury, informally known as "The Cell", which addresses GCHQ's concerns about backdoors in Huawei products.***



Los temores de Estados Unidos están alentados por su propia estrategia de volver a una Guerra Fría, con una parte del mundo enfrentada a la otra, quedando la que le interesa en sus propias manos. Esta es la estrategia que Trump ha elegido para su mandato. Es la forma de aislar a China, una de sus obsesiones desde la campaña presidencial. Trump va a un modelo orwelliano de división del mundo por lo que el establecimiento de lazos con lo que él considera otra parcela enfrentada le descabala los planes. Necesita que se rompan lazos para que sus tentáculos sean más efectivos, como estamos viendo en defensa: crea "conflictos" y luego vende "seguridad". Si estigmatiza las comunicaciones con China, solo quedarán los Estados Unidos como alternativa.
El hecho de que esté jugando con la seguridad, amenazando con no compartir informaciones, tendrá un efecto negativo, como ha ocurrido con la defensa. Las presiones sobre los países de la OTAN han servido para acelerar los acuerdos para establecer un ejército europeo y no depender de los Estados Unidos.
En comunicaciones puede ocurrir algo igual. Tampoco nosotros tenemos seguridad de que las redes 5G no "podrían" usarse por parte de USA para espiar a los socios europeos, algo de lo que sin embargo sí tenemos pruebas, como se ha señalado en el caso de los políticos europeos, Angela Merkel incluida. Estados Unidos parece que quiere tener la exclusiva del espionaje. ¿Cuántas noticias hemos leído sobre los intentos rechazados por las empresas de acceso a las redes en los Estados Unidos?



* "US warns Germany that using Huawei tech will come at a cost" CNN 12/03/2019 https://edition.cnn.com/2019/03/11/politics/us-germany-huawei-letter/index.html"
** "US tells Germany to stop using Huawei equipment or lose some intelligence access" The Verge 11/03/2019 https://www.theverge.com/2019/3/11/18260344/us-germany-huawei-5g-letter-security
*** "German cybersecurity chief: Anyone have any evidence of Huawei naughtiness?" The Register 18/12/2018 https://www.theregister.co.uk/2018/12/18/german_cybersecurity_chief_show_me_the_huawei_evidence/


Anexo


What are some of the laws regarding internet and data security?




Authored by a Symantec employee


Numerous laws in the U.S. cover Internet, data security, and privacy in the United States, with the 1974 Privacy Act arguably being the foundation for it all. The Privacy Act passed to establish control over the collection, maintenance, use, and dissemination of personal information by agencies in the executive branch of the U.S. government.

[...]

The invention of the Internet changed the definition of privacy, and made it necessary to enact new laws concerning electronic communications and security.

Let’s review some of the laws currently in place to provide a more solid idea of your rights as a consumer or businessperson:

Electronic Communications Privacy Act (ECPA)
The Electronic Communications Privacy Act was passed in 1986, and while technology has changed significantly since then, the act has remained the same. The law allows the U.S. government to access digital communications such as email, social media messages, information on public cloud databases, and more with a subpoena. No warrant is required if the items in question are 180 days old or older. Companies supply the government with information; for example in the latter half of 2012, Google reported that the government made 18,000 requests for information.

The ECPA also dictates when the government is allowed access to GPS tracking via cellphones.

Computer Fraud And Abuse Act (CFAA)
The Computer Fraud And Abuse Act makes it a crime to access and subsequently share protected information. The act was passed in the late 1980s and revised about a decade later. Reformers say the act is far too restrictive.


Cyber Intelligence Sharing And Protection Act (CISPA)
Legislation regarding this act was originally introduced in 2011. It passed in the House of Representatives but not the Senate in 2013, and was reintroduced in 2015. The act is an amendment to the National Security Act of 1947, which does not cover cyber crime.

A basic definition of this act is that it concerns how to share information on potential cyber threats with the federal government. The act has received substantial opposition, with opponents such as the Electronic Frontier Foundation concerned about “inadequate privacy protections” considering broad cyberthreat definitions. It will very likely continue to be a point of debate in Congress for some time.

Children’s Online Privacy Protection Act (COPPA)
The Children’s Online Privacy Protection Act was amended in 2012, with changes officially implemented in 2013. It requires websites that collect information on children under the age of 13 to comply with the Federal Trade Commission (FTC). The act originally passed in 2000 and was the “first U.S. privacy law written for the Internet.” The FTC determines whether a website is geared towards children by reviewing its language, content, advertising, graphics and features, and intended audience.

The law also affects general interest sites looking to collect information from children, whether the site’s operators mean to do so or not. For example, if a site operator invites browsers to submit their names and email addresses and collects other personal information via cookies, the operator might have information on visitors under the age of 13.

Wrapping Up
These and other data/Internet security laws are frequently hot topics among those who call for “Internet freedom.” There are also laws regarding the sharing of information on an international scale, such as the Trans Pacific-Partnership Agreement (TPP). This agreement involves nine countries along the Pacific Rim, including Peru, Chile, and the U.S. The U.S. Trade Office touts agreement benefits, particularly those relating to trade agreements, however opponents are concerned about its effects on digital copyrights both in the U.S. and abroad.

Familiarization with data security laws is a good idea whether you’re an individual consumer looking to go shopping online, a business collecting personal customer information, or someone who otherwise has anything else to do with the Internet.
[...]
https://us.norton.com/internetsecurity-privacy-laws-regarding-internet-data-security.html

No hay comentarios:

Publicar un comentario

Nota: solo los miembros de este blog pueden publicar comentarios.