Thursday, July 20, 2017

Notes on Eric Fischer: Federal Legislation of Cybersecurity

Notes on Eric Fischer: Federal Legislation of Cybersecurity
Necessity to change the current legislative framework for cybersecurity
Role of the federal government complex.
sector specific responsibilities
individual federal agency demands pertaining to various systems

Currently 50 statutes in place but no overarching framework
infrastructure, private
sharing of CI among private and gov
DHS authorities for federal systems
workforce
R and D
cybercrime law, data breach notification and defense related cybersecurity

Several attempts to enact comprehensive legislation have failed.

Passage in the house but not the senate led to reform FISMA and DHS workforce and information sharing inadequacies

The continuing evolution of technology and threat environments has created a scenario in which legislative reform is necessitated

Enacted statutes currently only allow federal involvement in securing federal and non-federal systems in specific statutes, but without an overarching framework mentioned above.
Counterfiet access device and computer fraud and abuse act of 1984
electronic comm privacy act of 1986
the computer security act of 1987
paperwork reduction act of 1995
clinger-coven act of 1996 - CIO and responsibility burdens placed in hierarchy for information security, mandatory standards
the homeland security act of 2002 
cybersecurity research and development act
the e-government act of 2002 - primary legislative vehicle for federal IT management and initiatives to make information and services available online
the federal security management act of 2002 clarification and amplification, federal incident center, redistribution of responsibilities

40 other laws include provisions relating to cybersecurity

Executive branch actions
NIST in the department of commerce > cybersecurity standards promulgated by OMB and prosecuted/enforced by DOJ
US Cyber Command > responsibility for military cyberspace operations
Comprehensive National. Cybersecurity Initiative (2008)
12 subinitiatives declassified in 2010: consolidation of external access points to federal systems, deploying intrusion detection and prevention systems, research coordination, info sharing, ad education… mitigation of risks from the global supply chain for info tech

“cyber czar” - created in 2009 to orchestrate federal cybersecurity activity, no direct control over budgets, NSA is argued to pre-empt

FISMA gives OMB authority to automate continuous monitoring of federal info systems by agencies in April 2010, delegated a few months later to the DHS
Within 2 years an interagency program called FedRAMP was established for cloud-computing cybersecurity

Protection of cyber infrastructure
Information sharing, coordination
Responsibilities and authority
Reform of FISMA
research and Dev.
Cybersecurity workforce
Data breaches resulting in theft or exposure of personal data such as financial information
Cybercrime offenses and penalties
National cybersecurity strategy
International efforts


Discussion of proposed revisions
Posse Comitatus Act of 1879
Ch 263 20 stat. 152
18 U.S.C. §1385
Restricts use of military forces in civilian law enforcement unless it is within a federal governement facility
Violations of the act include direct active use of military investigators, use of military pervades the activities of the civilian officials or when the military is used so as to subject the civilians to military power regulatory prescriptive or compulsory in nature.

There are difficulties identifying when a cyberattack involves national defense
some argue that defense of US information systems must be the purview of civilian agencies such as DHS and FBI due to privacy and civil liberty concerns unique to cybersecurity, even If the other option is more feasibly implemented

Anti trust laws
Sherman Antitrust Act
Wilson Tariff Act
Clayton Act
Section 5 of the Federal Trad Commission Act - prohibits unfair and deceptive trade practices

These are relevant to cyber law reform because any sharing of information will give companies an edge to compete unfairly with one another.



National institute of standards and tech act



Federal Power Act
Authority over interstate sale and Transmission of electric power
Must change in light of the development of smart-grid systems

Communications act of 1934
FCC - all wired and wireless communications
Presidential authority to control all stations capable of emitting EM radiation
To close such facilities as well.
This could be considered an internet kill switch interpreted directly (section 706), there has been considerable debate about whether such an authority exists, or whether further authority needs to be meted through legislation to clarify and delimit

National security act of 1947
Created NSC CIA and Sec. of Def.
Precedures of access to classified information

US information and educational exchange act of 1948 (Smith-Mundt Act)
Domestic dissemination provision originally applied to the now defunct USIA

Restrictive to USIA, claimed to be a Cold War Relic to protect Americans from being propagandized by their own federal agencies.
State Department Basic Authorities Act of 1956
DoS org counterterrorism and HIV response efforts
3 exemptions the act about withholding information pertain to cybersecurity:
Information properly classified for national defense or foreign policy purposes as secret as established by an executive order
data specifically exempted from disclosure by a statute, if that statutes meets criteria laid out in FOIA
trade secrets andcommerical or financial information obtained from a person that is privileged or confidential

Omnibus Crime Control and Safe Streets Act of 1968
Federal grant programs and other forms of assistance to state and local law enforcement
Comprehensive and electronic eavesdropping statute outlawed both activities in general terms but permitted federal and state use of them under strict limitations

Racketeer Influenced and Corrupt Organizations Act (RICO)
Enlarges civil and criminal consequences of organized crime
Repeated recommendation to include computer fraud within the definition of racketeering.

Federal Advisory Committee Act 

Specifies the circumstances under which a federal advisory committee can be established and its responisibilities and limitations requires that such meetings be open to the public and records be available fro public inspection

Privacy act of 1974
Limits disclosure
Requires transparency in cases pertaining to an individual
Code of fair information practices for collection management and dissemination of records by agencies including requirements for security and confidentiality of records

Counterfeit Access Devic and computer fraud and abuse act of 1984
First incident of criminal penalties including asset forfeiture for unauthorized access and wrongful use of computers and networks of the federal government or financial institutions or in interstate or foreign commerce or communication
Criminalized electronic trespassing on and exceeding authorized access to federal government computers
Statutory exemption for intelligence and law enforcement activities


Electronic communications privacy act of 1986
Balance between the fundament al privacy rights of citizens and the needs of law enforcement
Internet was much smaller at the time of passage
Prohibition of the interception of wire oral or electronic communications unless an exception to the general rule applies
Prohibition of wiretapping or electronic eavesdropping
Disclosure of information secured through court-ordered wiretapping
Terrorism Risk Insurance Act of 2002
Risk provided for concrete losses during an act of terror, such as oil fields
Does not currently apply to cybersecurity, and modification may be appropriate

E-government act of 2002

Serves as the primary legislative vehicle to guide federal IT management and initiatives to make information and services available online

Wednesday, June 7, 2017

Notes From Docker Swarm and Kubernetes

Lecture by Jayesh Nazre
6/7/2017
Notes Transcribed by Paul Fischer


Containerization vs virtualization 

Docker terms
Client docker build
Pull
Run
>>>
Docker host

Daemon to images or daemon toregistry to images
To containers

ISO files into drive can be installed, an older form of images
Images need to be stored somewhere, obviously some repository out there
Dockerhub or Google repository are out there, you can make your own as well, in a similar fashion to Git Hub

You do not want those images for federal or state projects to be out in the public
Explanation of the images shortly, but for now think of those as images
.ami docker calls these images

Using two ways of launching the container from the image, running instance of image is what is meant by container
Apache web server can be in container, with application inside it such as word press, create multiple instances of those and create cluster of those creation of say a cluster of web applications
eg. 3 web servers can run the web code and you can create an image of those and tell docker to create three ‘replicas,’ thus if one of the instances fail, docker tax can tell the image to try other instance

DockerSwarm - Linux monopoly until the last two or three years
Three tier architecture with a docker swarm application data and ???? Layers
App layer

Manager to worker
Manager to host 11
Subnet1 10.0.1.0/24 communicates between docker layer container between manager and worker
App data and other layer also communicate through similarly formulated subnets 10.0.2.0/23 etc…


Docker Swarm
Allows a chain of managers and workers this gives a conceptual view of dockers the daemon layer exists between the manager eliminating the mhierarchical problems while retaining the capability of the system to maintain scaling or addition of more managers and workers


Instances serve the docker swarm through the containers

Q: can a host hold more than one role?
A: No behind the scene this host is the via and the docker or unix daemon. Most of the tech supported by docker is linux based, java is more simple to use and is natively supported. A three tier architecture and shebang running on the server is more fun than the desktop

Q: Can you pick a leader to be the manager?
A: another can be substituted for a former leader and that is typically what happens


Docker compost file allows a dialogue between  various clusters with one lines commands


Services vs Tasks vs Containers


3 nginx replicas (service [swarm manager[ branches into three instances of the abstractionnginx.1 2 and 3
These are worker nodes

In this manner if one of the containers fail then the swarm manager will reallocate the worker load to the other nodes that are available

In production there can no docker containers in the manager node if possible
So this previous image of the docker swarm formulated must be amended to move the docker containers to the worker nodes and allows the entire host to spawn on individual nodes


Docker network types
bridge
none
host
overlay

Node1
Br0 network names cape branches into vets and VTEP the VTEP:4789/udp communicates through the VXLAN tunnel to an identical branch under node 2 at a different IP address
Together this constitutes a layer 3 IP transport network
The tunnel is allowed to be created by the docker network type
Layer 3 IP. Transport network should be thought of as the physical infrastructure through the mountain between two nodes, but a VXLAN tunnel allows communication like a tra between the two
In the end in a nutshell you get packages of information between the two nodes
Packets get moved from. One package to another package, the VXLAN tunnel is a well established concept but there are other open source drivers and options that are available 

Docker provides the network and allows multiple nodes, not just two but even three four etc to communicates

Q is the VXLAN traffic encrypted
It does not have the capability of encryption alone, but if the network has its own encryption then the information is safe
If someone uses sniffer or other software on layer 3 IP transport networks. The VXLAN tunnel will not be sen directlys


Docker compose v3
Version:’3 ‘
Services:
webserver:
image: myapache:10
ports:
-8085:80
networks:
-mywebnw
deploy:
replicas: 2
environment:
-mytomcat=mystack1)appserver
sappserver:
image: mytomcate:10
networks:
-mywebnw
-myappnw
0mydbnsw
deploy:
replicas: 2
environment:
JDBC)CONNECTION _STRING=jdbc:mysql://mystack1_mysql:3306/web)customer_tracker?useSSL-false
mysql:
image: mylocalsql:10
networks:
-mydbnw
deploy:
replicas: 1
Networks:
mywebnw
drier:overlay
spam
driver:default
config:
- subnet: 10.0.1.0/24
Myappnw:
driver:overlay
spam:
driver: default
config:
- subnet: 10.0.2.0/24
Mydbnw:
drier: overlay
spam:
driver: default
config:
- sunset:10.0.3.0/24



You do not really need a 3d architecture for the functionally hacker-proof  by allowing a hack of the web server instead of the database server in the event of an offensive action
The reason for the logical reference seen in my tomcat
Iso called images published by apache created by a container on the machine was deployed and a custom image was deployed called my tomcat which can then be used to spawn multiple images.

The logical reference was in mystack1 as the name of the cluster when it is deployed appserver must be the same throughout allowing a logical reference to the server

Talking to six through the communication
In mysql there is only oe replica being referenced, but in order to be logical the environment must be referenced
The image can be uploaded to the cloud or manually loaded into your cluster

One replica because there are some things which must be taken into consideration
It is difficult to have a system that relies on a container for a replica, recreation of two systems
One will write information into the container

The two are not synchronized this resynchronization with multiple replicas will require an FS locally, but one replica is recommended for for local work with a database

You can do aamysql dump to basically allow anything to occur out of the box, through shipping or with the launch event of the container you go out on the network share and pick  up the instance later data file pick. Up, for performance reasons.
With a large database you may experience performance problems with instance loading. There is no need to create docker clusters with the system that is used, and the networking is done for you

If you do want to do it in amazon with out using iOS you can stope your transaction and your data information  and somehow restore it when it dies

If I delete my container I will have to launch whatever data I had in order to have this returned

File systems for schedule errors, you can define a volume

Q launch data and the entry point for the data
Yes, that is there you can put that under networks my. Webnw and driver overlay

Everything must be written in the docker compose file described above

Stateless architecture and micro services coming together to deliver something, designation of a solution that is monotony is not what is wanted, so the databases  must be merged and converged
You do not want this to be in the logical reasoning described above. 
The end result can be incrementally added up to get to the server

When you have a big file you may want to slice it and dice it.
There is only one replica in the example, but three networks are provided using the version before
When the network is created externally I get a copy of the network as well, the program is self cleaning, so when I take down my network the entire network goes down… hence a one-command take-down of the system is possible or conceivable.

You can only do things through the master node, administratively, there is no control in the worker nodes
To log in the master:
root@ubuntu: `#docker node ls
Return of the list of nodes in the closter, these are physical nodes with status availability and the manager status, which returns leader when it is selected as the managing node
So I could have two web servers two app servers, and one SQL

~# docker stack deploy -C /mysoftwares/mydocker/myfinal.yml mystack1
Deploys the file with a logical reference to the Docker Composition provided above, you can use some scripting to make this dynamic as well
So I could have two web servers two app servers, and one SQL >>>> these should now be servecies and networks which have been created appropriately.

~# docker ps
Will give the master status of the system ad the log of when the containers were created at which ports

~$ sudo -s
Will test the system in a sudo system

“Portainer” can be used to create a background backdrop or a graphical interface such as images provided by different providers to deploy in the cluster. All that is done here can be deployed on the command prompt, which may be provided if there is time, which is unlikely

The information is being accessed through the tomcat on the java and attaining the data through mysql database.

Q:
Log files, SSL keys etc. how are these injected or pulled out of the containers
An easy ay to create an image of what you want, and you can do what you want with your baseline, pretty much a unix box, multiple applications web app and data and other systems in place, if you do that your container will die. The recommend to run processes through separate credits Mongoldb these systems will be something along these lines. Think of this container as something that you threw away, you will not try to figure out what is wrong with it it or anything, you will just throw it away and create a new container regularly. Everything done with the unix box will be possible within this program, but you can sell into the container…


If you are new to containerization, docker is strongly recommended before going to kubernetes


Kubernetes:
Host1 master node
Communicates through the API server to hosts 2 and three the worker nodes
This was a contribution from google used to spawn between 40k and 100k containers, contributed to the opensourec community, so many have moved on to kubernetes
In this case it relies on dockers, but can be used to rely on any other container system
The same architecture that is shown here was seen before with the master and worker nodes and master/manager
The difference is the scalable CNI plug-ins Comuter network interface plugins are somewhat alaguous to the tunnel described above, different open source team s such as flannel or calico, create an open source container to create the magic of containers within Pods allowing all of the different functions, from the node proxies to the docker engines to communicate in an interconnected fashion
The Pod Concept
the system must abstract the container that thehdocker is running from its managers
so the master node does not manage the containers they  manage pod. This addresses the hierarchy problem described in the Docker swarm system described above…’
This actually predates docker swarm, and some services have been borrowed between the two
Abstraction of parts, there is no container, there is now the handling of pods


Q: If either of these can containers be migrated across hosts?
A: Yes all of the capabilities described above remain in Kubernetes

Recommend production of 3 systems if possible in a nutshell to create all of the boxes API server, container manager, LCD, such to be easily accessible

The easiest way to instal kubernetes into your laptop is using qinikube
Another option is kubeadm
this allows multiple aDm to be in a cluster, while qinikube allows one admin and to play with the concepts of the swarm


Allowing you a graphical way to instal the kubernetes cluster


For a company the best bet is hosted

Options o fate graphical interface allow the cluster on multiple providers
Google has the system allowing how many masters and how many workers are necessitated in order to maximize efficiency

Amazon EC2 container service dis not related to kubernetes, but for docker but works better wtihAWS and should be used for those experimenting with that.

You can build all of the earlier systems


Kubernetes - sample app (deployment)

apiVersion: extensions/v1beta1
Kind:  Deployment
Metadata:
name:mywebappdeploy
Spec
replicas: 2
template:
metadata:
labels:
app: mywebapp
spec:
containers:
-specname : 
….

apiVersion:v1
Kind: Service
Metadata:
name mywebappservice
Spec:
prts:
- port: 80
protocol: TP
selector:
app: mywebapp
type:NodePort


Master talks dialogue with hipster that has dialogue with storage backend, Kublt cAdvisor on connected nodes as well as the containing node


Graphical version of managing your cluster exists in both, but this does not ave to be done in command prompts

Q: are there advantages, which can be used for dockers forms today?
A: unless it is a cost concern I would d not recommend it for production, but for rfinished products, the costs of VMs if you have an old provisioned instance then this could be used


Use a docker paid center and it would be a very large charge, and to get into the infrastructural awareness


Use it for the tear down, to integrate with Jenkins or other ALM extant.

~$ minkube status
~$ minikube start
~$ kubectl get pods — output = wide
Will show you the pods, the restarts, ages IP and status

~$ minikube dashboard


Thursday, May 11, 2017

International Human Trafficking and Culpability in Complicit Response Efforts

Paul Fischer
4/22/2017
Professor Mark Budolfson



International Human Trafficking and Culpability in Complicit Response Efforts



A broad definition of slavery confronts many contemporary understandings of the term. Today estimates of international human trafficking only demonstrate a fraction of the greater problems in global slavery as a fundamental part of industrial, manufacturing, and even employment service fraud. The costs of the epidemiology of modern slavery will be evaluated through three vectors as a function of harm to employers, to consumers, and to, the most apparent, the humanitarian dignity of slaves themselves. In order to use these costs to effectively recommend policy changes, it is necessary to point towards cogent definitions of the predicate terms to complicity and cooperation while retaining addendums for feasibility and efficacy in implementation. Macro and micro economic models both point towards a crisis in terminology to describe the potential costs of inaction to the global human subjugation that must be addressed as an industrial issue unique to the modern era of manufacturing.
In general terms, with estimates of tens of millions of slaves disproportionately distributed throughout the world, the ability of nations or international bodies to respond appropriately must be considered realistically (Ucnikova). This points towards a macro solution such as those that have been recently endorsed. Some of the greatest victories, dating to the early days of modern industrialism, such as American legislation in 1930 that prohibited all importation of products produced by slavery have actually held the slaveowners or nations with legalized or unenforced slavers individually responsible. In order to understand why this phenomenon presents a fundamental disambiguation between normative distinctions in culpability and complicity will be given.


Complicity as a Term of Moral Shame and Efficacy in Response



In a memorandum that shocked the world, the president of Harvard University at the time, Lawrence Summers, defended the acceleration of dirty industry and pollution distribution through Less Developed Countries (LDCs). In summation, he claims that such a move would minimize costs by distributing pollution and thus decreasing the odds of acute toxicity and by affecting nations with already compromised health care systems and increase productivity in developed nations by an amount unimaginable by LDC standards (Hausmann and McPherson). It should be clear that this approach focuses on the outcome from a process and not the ethical standard of the mechanisms by which the outcome occurs.
To critique this sort of bottom-line economic analysis, McPherson and Hausmann demonstrate that there is a difference between what one is willing to do and what one ought to do. This is a similar concept to the notion of conspiracy put forward in work on mass administrative murder when the crime is too great for normative judicial reactions (Osiel, 10-15). Instead, automatic insolvency of the perpetrator upon realization of the consequence determines predicate behavior such as planning or coordinations must be aggressively confronted. In the same way many police departments save money by focusing on high profile criminal cases because it can be assumed that whether confronted or not, criminals who are successful on a lower level will reoffend more seriously in a way that can be feasibly tracked, when an outcome is preventable it may be infeasible to respond to a more serious outcome.
As such the premier defense of such “mechanical solidarity” as is described in the event of mass administrative murder demonstrated in the case examples from Osiel’s work is especially apt for use in terms of modern slavery (Osiel). The two incidents share an extreme level of societal harm and are unique to modern industrial societies. The second of these two similarities will necessitate a distinct understanding and definition of the term complicity.


Culpability as Legal Term of Distributed Guilt



The responsibility for the forced and coerced labor of tens of millions of global citizens lies squarely on the capable. Genocides cannot be compared to conflicts similar per capita in ancient times, and slavery also must be viewed in absolute terms. As a response to a term that bridges the civil and political spheres, solutions to slavery must underscore cooperation in different sectors of a community. The answer is not governmental alone: “Governance emphasizes cooperation between the civil and political spheres of society, whereas government is usually thought of in terms of the formal political structure of the nation state” (Zureik, 114).
Once the crisis has been established as one of paramount importance that must be viewed in absolute terms, a definition of security is necessitated: “Human security as a complementary concept that concerns itself with human rights, protection of the environment, and guaranteeing of basic needs related to health, education, and personal needs”. This definition delineates the point at which the agency responsible for ensuring this level of safety and security for citizenry is identified: the crisis must be viewed as a military one pursuant to this new definition of security that steps outside of the bounds of personal security and was established with legislation during the war on terror. To delegate or subsume the consequences of slavery upon the population or any other form of governance violates the logical induction of security into a basic dialogue pursuant to the basic civil bonds and contract all members of a civilized society are responsible for.


Waiting for the “Invisible Hand” as a Determinant Factor in Assigning Culpability


It is be necessary to look at unsuccessful efforts to reform labor standards in nations that have long since banned slavery, but have attempted to revolutionize against industry standards that may be treated as such in today’s world. Mexican solutions to corporate exploitation have given rise to “corporatism” and seen an ideological solidarity with the worker that was unique to this country at the time. Even in comparison to Russia, where an agricultural revolution would transform the nation in coming decades, at the time of World War One, the revolutionary Mexican government was unique in the industrial focus of their constitution. Labor rights would set standards for limits on not just workplace exploitation, but also for environmental exploitation and the natural rights of citizens in that country (MacDonald, 139).
Understanding how and why the goal of protecting labor rights were compromised in the legislation also implies a subtle mechanical understanding of the tri-party political system in Mexico. Unlike the United States, with a two-party system of majority rules (gerrymandering cheating aside) and a three-way system of checks and balances, it must be argued that the Mexican constitutional protection of the worker was compromised by an inverse system. In this case, a number of policies held by the governing party, or perhaps even all of them, may not reflect the will of the majority. That guarantees an invitation for corruption and corporate influence on an executory level of the political system.
What resulted was a junta system of arbitration, termed the Juntas de Conciliation y Arbitraje intended to reflect the distinct features of Mexican politics that made recognition of the rights of the worker difficult. A logical procedure of the demonstration of rights as a forceful blow against the corporate interests bent on destroying those rights was established, but never ultimately fulfilled in practice as the revolutionaries had been promised in words. As the terminology of the legislation was lax, a loophole allowed the measure to fall behind standards of success generally warranted in such a matter of human security; rather than articulating an ultimatum as the climax of individual and collective rights, the legislation became the mechanism of mass administrative slavery as federations of ghost unions became the norm and forced an automated suppression of autonomous cultural expression in conflict with the natural solidarity originally espoused in the constitution of 1917.
Some of these unions continue to take bribes of up to a million dollars a day in a pre-negotiated contract with local law enforcement as part of an effort to circumvent the law of the land. In doing so, by implication many of the rights guaranteed in amendments to Article 123 are nullified or directly eliminated, “the official labour movement was therefore able to save the institutional bases of its power while bargaining away workers’ individual rights and traditional workplace norms” (MacDonald, 142). Obviously this includes the individual rights to associate and due to obstruction of the collective rights to bargain, strike, represent employees on behalf of unions, international treaties have been cast aside.
This is exemplified well by the violation of the 40-hour work week. Empty board rooms locked during time set aside for union meetings in these organizations obsolete the right to collect dues or to participate in boards. The outcome of judicial action is guaranteed by the contract: because there is already a “ghost” union in effect, there can be no calling of the tripartite junta conciliation and arbitrage action.
The problems described here are not unique to Mexico, and in fact there has been an international resolve to institutionalize the reality of global slavery in a fashion never before faced by the forces of good in mankind. In order for the system described above to succeed, monetary interests are critical. Realization of institutional evil was made possible by a loophole in American statutes, another democracy with a complicated and somewhat delinquent history of slavery and union movements.
The tariff act of 1930, introduced by a Republican, was intended to end American involvement in the slave trade. It had become apparent by that point that in fact following the Civil War, due to a combination of changing international politics and persistent expansion of raw and finished product importation pursuant to the “miracle” of modern industrialization, that both the economics and reality of American slavery had actually grown in a frighteningly global sense. Unfortunately, a loophole in that legislation still limited legal enforcement to the United States and this was not effectively closed or confronted through other means until 2016 when President Obama signed legislation introduced by Democrats to officially end all American involvement and profit in and from the slave trade.
It should be clear now through the logical expansion of this argument of containment and intent that the extent to which legislation has been effected is not always as directly apparent as it may seem. In fact, there are frequently trade-offs present between the stated goals and objectives of legislation and the enforceable reality of the work implicit in the work. Understanding the necessity to gain political support for a measure in addition to popular support, even in democracies, is a tricky concept it will be necessary to master in order to effectively instigate a regime of change in regards to global human slavery. These tradeoffs should be considered fundamental to the discussion rather than tangential qualifications as they occur pre-enforcement rather than post-dedication of qualified resources.

Inadequate Action is Culpability


This is a historical case, in which the outcome is apparent. Effective because of the close ties to factory environmental regulations, the detraction from initial attempts to regulate slavery and improper work conditions relies on minutiae in terminology. Reality of bribable juntas intended to protect workers today is more clear than any hypothetical analysis about actions to fight slavery.
The most apparent reality that comes to mind in the evaluation of these labor standards surfaces through analysis of the initial goals of the article, “Article 123 of the 1917 Constitution established the most progressive labor code of its time… workers rights were conceived of paternalistically and defended through a nationalist and even racial rationale” (MacDonald, 142). Opposition to these goals would have been infeasible at the time, and only “Anarchosyndicalist organizations rejected state intervention” on the topic (MacDonald, 143). They would later be joined by dark and powerful corporate interests.
It is not enough to simply embrace ideals through legislation and to cast them aside in actuality. “This coincidence of interest between capital, the state and official labour has proven decisive in safeguarding the legal latticework of corporatism well into the neoliberal era”, establishing what seems to be an appropriate delineation between the demands of workers and the exploiters (MacDonald, 156). Yet still the bribes indicate a failure of the system, the question that should be taken from this example and this section is that culpability necessitates the monetary flow normal in corruption, and regulatory action must use bureaus independent of financial, or immune to the influence of potential corruption.


Estes’ 7 fundamental Concepts:


As an act of violence currently unenforced and even supported in recent legislative actions by the GOP, a currently major political force in the USA, a review of the 7 fundamental Concepts civilization must embrace will prove useful (Ledwith):
Unity of humanity and life on Earth
Minimisation of violence
Maintenance of environmental quality
The satisfaction of minimal world welfare
Primacy of human dignity
Retention of diversity and pluralism
Universal participation


Qualifications in Action

Emancipatory Action Research - “ideological hypocrisy for community developers to resort to research methods that are based on inequality, culturally invasive relationships, while claiming an emancipatory approach… studying the way people behave without relating it to the whole person, let alone their social and political context is a dehumanising act” (Ledwith, 149). The topic must be approached with solidarity and in earnest. It can be easy to detract from the original goal with sardonic failures to identify problems. A failure in contemporary efforts to end slavery lends to a slippery slope that is as dangerous as inaction, it could be argued.


Culpability in Regulation

Actions could be effective, but taken too far could create a level of harm that outweighs the crimes currently perpetrated. Such a phenomena has been noted historically as, “A panic campaign is orchestrated by state agents of social control, supported by a media-simulated depiction of the enemy as a shadowy, external ‘other’” (Zureik, 115). This seems unlikely, but should be evaluated using an economic evaluation of the freedom indices in nations, or at least point to such an evaluation as improbable to support the objection, and indeed would probably strengthen the thesis of the paper.
Such a concern is easily addressed in the terms of slavery. The state of involuntary coercion to engage in labor is one that transgresses political rights. Instead of being viewed as a checklist of states that must all be present in order to qualify as a slave, any one of the economic, political, or social deprivations natural to the state must be viewed as qualifiable and action-worthy.

Complicity in Regulation


In noting that American and Canadian anti terrorism legislations extend beyond immediate, temporal concerns to deal with immigration and other issues of personal and public nature, we end up with ‘governance through security’” and detract from the original goals and objectives or even exacerbate targeted regions. Original goals are obscured by failures in implementation or enforcement. This is the outcome in which objectives are achieved or at least negative outcomes avoided, but the goal is overshadowed by a non-related, positive or not, change politically or otherwise that is not intended.
Pro tempore there are no grounds to assume that this would be the case, and in order to show that, legislation from 2016 that prohibited slavery by closing a loophole allowing importation of forced labor products into the USA should be cited as evidence that workable solutions can be implemented.  A potent critique or accolade of how effective such legislative measures will prove lies in the future. The question of whether a governing body who ineffectively regulates a product or more problematically actually does regulate the product but does something else as well (such as an effective policeman who only arrests people with red hats who voted for a local politician he does not like) becomes culpable or complicit in nature needs further research and theoretical expansion.


Complicity in Consumption

Consumers must be emphasized to include companies purchasing inputs from slave-owners as well as individuals who import their goods from a slave-owned factory. In turning a blind eye to slavery, consumers are becoming complicit in numerous harms. Showing that the consumer can prevent slavery expands the defacto complict behavior into culpable behavior, though with ignorance. A marginal response by consumers can be guaranteed to have efficacy in instances of corporate greed, because the corporate greed is dependent on the multitude by definition. Without a multitude being exploited, the nature of the crime would change, and an individual response can be guaranteed to be magnified by the number impacted.


Successful Solutions in Action


One effective method companies with moral considerations towards the idea that the global market has ensured that investments or products they make may contribute to slavery is to offset the negative impact they endorse or create by investing in potential solutions. In order to ensure avoidance of hypocrisy in legislative actions, immediate action on international slavery is by definition pertinent as, “Cultural diversity [and social justice] thus becomes essential for biological diversity, and histories based on local economic development offer alternatives for the future that reflect values other than consumer lifestyles: a harmonious co-existence between social justice and environmental justice” (Ledwith, 149). The top three contributing foundations or companies represent a massive share of the overall funding for those efforts that fight global slavery. One massive company, Google, has donated over 11 million dollars to fight slavery with the Google Innovation Award (Ucnikova). Currently only about 1% of the over ten billion dollars needed to eradicate global slavery is actually budgeted towards that endeavor. So rather than being just a drop in the bucket, as a company that sees nearly 5% of the nation’s GDP pass through its revenue stream, this award actually signifies a proportional contribution to fight human trafficking and slavery.
“The death of nature was fundamental to the rise of patriarchy” and it follows that the success of feminism is dependent on resurrection of environmental goals (Ledwith, 150). There should be a general understanding implicit in this definition that the protection of social justice is fundamental to protection of the environment. Sufficient evidence has been shown that this is a snowball or critical mass that are being enacted to enforce liberal ideals and that a trade-off is not the reality of the political arena in question.
There is a responsibility for more than remaining competitive in company efforts to purge associations with slavers and slaveholders. Unlike the discussion in culpability and complicity that demonstrated the legal distinction between cooperation in commercial wrongdoing and complicity, in this case the law prohibits the item being manufactured from its genesis. As a prohibited item, one might have no level of complicity or even knowledge the item is counterfeit and still be legally responsible for engaging in reckless commercial behaviors that resulted in the distribution of such a “hot” item. This terminology is used because at the root of it, slavery is stealing, a view that perhaps demonstrates under what circumstances ancient Hammurabi dictated the removal of a hand for robbery.


References:
Hausman, D. M. and M. S. McPherson. Economic Analysis and Moral Philosophy. Cambridge University Press (1996).
Ledwith, Margaret. Community development: A critical approach. Policy Press, 2011.
MacDonald, Ian Thomas. "Negotiating Mexico’s Labour Law Reform: Corporatism, Neoliberalism and Democratic Opening." Studies in Political Economy 73, no. 1 (2004): 139-158.
Osiel, M.J. Ever again: Legal remembrance of administrative massacre. University of Pennsylvania Law Review, 144(2), (1995). 463-704.
Ucnikova, Martina. "OECD and Modern Slavery: How much aid money is spent to tackle the issue?." Anti-Trafficking Review 3 (2014).
Zureik, Elia, and Karen Hindle. "Governance, security and technology: the case of biometrics." Studies in Political Economy 73, no. 1 (2004): 113-137.