A lot has already been written and said about PRISM and other related NSA surveillance programs since their existence was leaked by former NSA contractor Edward Snowden. While the media continues to engage in their own version of “The Amazing Race,” trying unsuccessfully to follow Snowden around the globe (so maybe its more a real-life version of “Where in the World is Carmen Sandiego?”), the policy and political discussions have continued back home.
One of the more interesting things to observe has been the radical switch that has happened amongst Democrats regarding domestic surveillance programs like this one. From just a casual scroll down my Facebook feed, it seems that opposition to such surveillance is now more characteristic of maverick libertarians than of usually-privacy-loving liberals.
The two most common counter-arguments I have seen to “libertarian” objections about NSA surveillance have been these:
- The “If you aren’t doing anything wrong, what are you afraid of?” Defense: The NSA is only supposed to be monitoring the activities of those inside the United States regularly communicating with individuals outside the US who are suspected of terrorist activities or people overseas who are suspected of engaging in such plots. So if that isn’t you, this theoretically means, your data might be in some database somewhere, but it isn’t actually being looked at.
- The “It isn’t as bad as you think” Defense: Proponents of NSA surveillance quickly point out that, according to them, due process isn’t really being subverted because to access the records that are collected into the PRISM database, the NSA (or any other investigating agency) has to get a warrant for a specific individual’s data. So while the government might have all the records on hand, they can’t look at them unless a judge signs off on it.
There are a few problems with both of these counter-arguments, however, that are what motivate my own concerns with the existence of programs such as these:
First, the thresh-hold for who qualifies as a legitimate subject of investigation is frighteningly low. It has been well documented that to qualify for surveillance the NSA needs only to have a 51% assurance that one of the persons they are targeting is outside the United States and involved in terrorist activities, which Jon Oliver famously mocked in this bit.
Second, I think this article is right to point out that the kinds of technology being targeted for mass surveillance by the NSA (Verizon phone records, Google, Microsoft, and Facebook account data, etc.) are technology that truly dangerous terrorists who are attempting to avoid detection are extremely unlikely to use, meaning most of the data collected is actually about ordinary citizens. So what exactly is all this information being used for?
Well, third, that seems to still be unclear because there are some suspicious inconsistencies in the public testimony of NSA officials regarding these programs. NSA chief General Keith Alexander, when testifying before the House Intelligence Committee, claimed that over 50 terrorist plots in countries around the world had been prevented by PRISM and related programs, including 10 domestic plots. But on closer examination, several of those domestic plots seem to have not involved actual plots to commit acts of terror so much as US persons transferring money to individuals suspected of terrorism overseas. While there is certainly still a state interest in stopping such money transfers, the inconsistency in the testimony raises questions about the necessity of the sweeping programs the NSA is using. In another bit of inconsistency, General Alexander claimed in his testimony that the NSA only requested FISA court approval for information from the database about 300 times last year. In a separate statement, however, the NSA acknowledge that over 24,000 communications collected by PRISM were flagged as suspicious and targeted for further investigation. What exactly the relationship between these 24,000 and the 300 requests for court approval are, or even what triggered these communications to be flagged, is unclear at best.
Fourth, the warrants that are supposedly needed to actually use any of the collected data are secret warrants obtained from a secret court which, records indicate, has only refused 11 of more than 39,000 requests over the course of its history. Furthermore, according to General Alexander’s testimony before Congress, such warrants do not actually have to be given individually. Instead, an “aggregate number of searches” is submitted each month to the FISA courts for approval. So “due process,” in this instance, is actually just a bureaucratic rubber stamp. Which is wonderfully comforting in light of concern 3 (above) and concern five (below):
Fifth, the meta-data that is being collected en masse plays on a “degrees-of-separation” like concept that allows investigators to put together lists of persons of interest as is wonderfully illustrated in this post “Finding Paul Revere.” The reason I have used the term “degrees-of-separation” is that the data being collected– phone call data, e-mail and contact lists, etc.– works a bit differently from the “group membership” data that the Paul Revere article deals with in that it shows more explicitly individual-to-individual connections. From data such as that, it is very easy to then compile lists of someones first-level of contacts, next-layer of contacts (friends-of-friends), and so on in a way pretty similar to how Facebook recommends friends or how Linked-in arranges a persons’ “network” into numbered layers. And similarly to how we all have probably had the experience of Facebook recommending to us “friends” we have never even heard of before (despite having 87 friends in common), so likewise this “meta-data” can quickly show associations or connections between individuals who in actuality have little or no connection to one another. In other words, the data that is being collected, without our consent, may very well be creating portrayals of us that are patently false!
Combining these concerns together, we get a pretty scary image: A false picture of our associations/connections/activities, combined with an extremely low thresh-hold for determining that someone is a legitimate target of investigation; a secret, rubber-stamp system of “due-process”; and the fact that all of the data necessary has already been collected into a government database from which it can easily be retroactively retrieved for an “investigation” combines to paint in my mind a very scary picture of the erosion of civil liberties even for those of us who “have nothing to fear.”
- Senators Ask if NSA Collected Gun Data… (freebeacon.com)
- 26 Senators Demand NSA Release Information About Its Spy Programs (webpronews.com)
- NSA director claims leaks damaged US security as Senators question legality of surveillance (theverge.com)
- Here’s everything we’ve learned about how the NSA’s secret programs work (washingtonpost.com)
- Telecom exec: NSA can’t distinguish between Americans and foreigners during data sweeps (theverge.com)