The initial response to news, delivered by The Washington Post last Thursday and followed up by The Guardian UK, that the NSA has employed massive data mining operations to spy on US citizen’s technological transactions came as a shock to some. To others, it was surprising that this information garnered such a reaction. There were cries of “Big Brother is watching you!” and “National Security!”. Bottom line: the conversation that should have happened when the FISA amendment was set to be renewed in 2012 is happening now, outside the climate of post 9/11 panic, the tragedy which is now a decade behind us. The devil is in the details, as usual.
In 2001, the United States suffered a crushing blow…to morale, to a sense of security, and to anti-isolation sentiment at large. A year earlier, while the NSA was watching one of the hijackers at a house in San Diego, the system crashed. The NSA was not fully operational until three to five days later. Did they miss something during those five days? Could 9/11 have been avoided? The FBI argued yes, but because the NSA holds it’s tongue (an industry joke is that NSA stands for “Never Say Anything”) in protection of the fourth amendment of the Constitution, the FBI was not privy to information that could have been used in conjunction with surveillance that the NSA had put into anti-terrorism investigations. The NSA needed to update. The FBI and the CIA needed the information the NSA had. Mark Rossini knew but could not reveal. Chuck Hayden was very frank on the matter. “Keep America free by making Americans feel safe again.” The balance is so fine.
The 9/11 Commission Report did not feel it necessary to go further with investigation into NSA activity prior to the events that would change foreign and domestic surveillance in the United States forever. The NSA was following INMARSAT satellite phone calls from Osama bin Laden to his outposts in the world three years prior to 9/11. Everyone thought that the attack would be off of US soil. In Yemen, where the bin Laden Op Center was being surveilled. The NSA did not communicate with the jurisdictions of American shores based on that presumption. The powers that be did not pay attention to the fact that in Laurel, Michigan, ,the terrorists who hijacked the planes that ultimately changed everything, were staying in a motel right next door to NSA headquarters. And neither parties knew it.
The old brand of NSA surveillance operated on Cold War strategy. Using fiber optics became a challenge of tactical maneuvering. Internet cafes and public pay phones were being used to wage war on America. How could they define an enemy who operates without borders? Ultimately, the disaster of 9/11 fell under jurisdictional tangled wires. If the NSA had the ability to reveal their information without violating the fourth amendment, the FBI and the CIA would have been privy to the other piece of the story. Even had they been privy, under the law, they could not make whatever information gleaned from NSA known without violating the fourth amendment. Indeed, after the Cold War, funding for the NSA was cut drastically.
Ted Kennedy penned the original letter of FISA in 1977 during the Carter administration. As the years passed and America remained at war in the middle east after 9/11, the Bush administration policy of wiretapping without warrants in the interest of national security became less popular and more like an Orwellian step in the wrong direction. The thing is, that policy never went away. As so many things are in D.C., it was shuffled like a deck of cards and renamed. The rumor was that warrantless wiretaps were being utilized as early as June of 2000 (Bloomberg), though that claim has not been corroborated. If private corporations are in the market to get your information and use it to sell you products, the government was going to get a piece of the action.
The Patriot Act became the Republican sponsored Protect America Act in 2006. This gave amnesty to wiretaps obtained without warrants under presidential authority with limited congressional oversight. It also allowed the NSA access to any data they felt would aide in the interests of national security. It was signed into law by George H.W. Bush on August 5, 2007. It gave the government authority to operate under the jurisdiction of the FISA court and to issue directives to private providers to obtain data that can be utilized “in the interest of national security”. Failing to cooperate with these mandates can find a company in contempt of the FISA courts. Whether or not a company wants to protect the information of its consumers is irrelevant. If a company chooses to utilize its own software development strategies to implement additional privacy was up to them. The NSA would still get what it wanted, and do it under the protection of federal law.
This version of FISA (Section 702) was renewed under the Obama administration in December, 2012 with overwhelming support from a Republican congress and is presided over by a court of 11 judges. Since 2009, Congress has been briefed 13 times regarding the government collection of data. Whatever data collection occurs is done with oversight from the executive, judicial, and legislative branches of government. The question remains: Does absolute power and knowledge corrupt, and will it corrupt absolutely?
Many people feel that FISA, the NSA and it’s utilization of PRISM, a data collection software meant to filter content to monitor “anti-U.S. interest” is a catch all for spy activity wholesale. Data mining operations are currently a $5 billion industry in the U.S. alone, employing upwards of 35,000 while accessing servers at Microsoft, Apple, Facebook, Google, and most notably in this instance, Verizon. “Directives” can be mandated to provide that access to the government. The whistleblower to this news, 29 year old Edward Snowden, a former technical assistant for the CIA and employed for the last four years with the NSA, told the story and leaked documents only a day after groundbreaking on a new U.S. spy agency building in Fort Meade, Maryland (headquarter site of the NSA) relegated to data collection operations. The project is slated to cost in excess of $500 million.
The flurry of conflicting statements from the private tech sector in Silicon Valley came shortly after the revelation as damage control kicked into high gear. “This was done without cooperation. No wait, we knew about the whole time.” This can go on for days. In the meantime, private browsers like DuckDuck GO are touting “true internet privacy”, wooing Google and Microsoft consumers in the interest of browsing under the radar. Bottom line is, if the government wants data, they are going to collect the data. The business of data mining is booming and information isn’t cheap. If Americans are going to protect the interests of the fourth amendment, overall consumption would have to change. What does this mean for private tech, government surveillance, and the average consumer?
The fallout from the released information has earned so much attention that the Director of National Intelligence, James Clapper, issued a formal statement on Saturday, outlining what PRISM is and what it is not. Whether this is an accurate account is now a matter of scrutiny, earned by what many people feel is a lack of transparency existing in the FISA courts.
During a congressional election year, less than half the population turn out to vote. Does this indicate general apathy or lack of interest or are people willing to accept the invasive and invisible mining of their personal data in exchange for low/no cost apps and services in the interest of the consumer? As a consumer of technology, what does this mean for you and ultimately how will this effect the landscape of tech in Silicon Valley? The ball is in play. Whose court it lands in is up to all of us; businesses, consumers, and constituency alike.
Our in-house tech, gaming, and culture experts take a crack at translating the fine print of data mining in the United States.
Yoma Edwin, founder of CultureMass: NSA surveillance won’t determine how I vote or buy tech. This issue is a double-edged sword and it’s up to the American public to decide which edge they prefer. On the one hand, you are allowed your personal information, financial information, and other information about you to be open to people that may not have America’s best interest in mind. On the other, you give up your privacy to an organization that claims to protect the level of freedom and comfort that we enjoy in the US. This program is not necessarily a tool to limit internet freedom but a method to control the potential high risk dangers of having a open form of communication like the internet. Just think about this: if everything was open but private, meaning the US government could not take preventive measure to ensure our safety, we would be open to all kind of attacks because of how America is structured. You can get in you car and drive to the next state without getting approval, you can open a business without fear that a government owned company will blow you away, you can post whatever you want online, disrespect the leaders, choose to practice a religion or not and live anywhere within the US borders that you want. The current NSA surveillance, though necessary, seems to be a little extreme at it’s core. We Americans tend to go for broke and this is no different. The message should not be “kill the messenger”, it should be about letting our government and the NSA know it’s time to calm down.
Cameron Cook, Editor In Chief: When the news broke my first reaction was, “I thought they’ve been doing that since the Patriot Act was passed in 2001”. This recent stuff didn’t bother me because I always assumed the practice was going on. And I’m just white noise at the bottom of a graph somewhere. I’m, of course, uneasy about being spied on, but I’ve had over a decade to come to terms with it.
Rachel Helie: What is alarming about NSA data-mining is not so much that it’s happening but at what scale it is happening on. That information on me, you and everyone else is a commodity is not news to anyone. Private companies mine every mouse click and keystroke to better suit ads directed for more precise audiences. The government was bound to get into the business eventually. And the public sector capitalization of that information in collaboration with the private sector contractors and service providers blurs lines. If so inclined, the federal government has the capacity to know what you eat for breakfast and how you shampoo your hair, and make a pretty bundle hiring a slew of private contractors and using insider information to compile data. That’s alarming. There’s a fine line between security and invasion of privacy. It’s up to an informed constituency and voting populace to decide who they vote into office to manage the oversight of things like Section 702. President Obama stated Friday that ““We can’t have 100 percent security and also have 100 percent privacy and zero inconvenience,” he said. “We’re going to have to make some choices as a society.” Either we commit to 21st century technology and all of its consequences or we don’t but the choice is up to the vote.
Nate Humphries, Tech/Science Editor: I think there are a few premises to this discussion: 1. People in general and governments in particular can have small to large errors in judgment. 2. People in general and governments in particular can desire power and/or money, leading to many of those errors in judgment. 3. The US government in particular has been data mining in some form or fashion for a while. 4. Both major political parties have participated in data mining. 5. Citizens can view data mining through the lens of their political party (cf. post referencing a Pew Research Center poll here). 6. Governments at some level should interact with their citizens’ lives, with the goal of bettering those lives and the country as a whole. 7. Despite premise #6, citizens have a right to some measure of privacy on principle alone (being individual human beings), irregardless of governmental desire. If we accept those premises, I think we can arrive at a couple viable conclusions: 1. The government may have had the right idea with Section 702 (protecting citizens), but went about it the wrong way. Considering it took a whistle-blower to expose what was going on, it was obviously a secret they weren’t willing to disclose. The government should be more open about questionable decisions that possibly violate their citizens’ rights. 2. The government was way off course with Section 702. At no point should the government be allowed to mine private data, no matter the justification. Especially mining without a warrant. The purpose of a warrant is to provide government entities with access they wouldn’t normally have in the interest of public safety. If we can accept that, then the government should be required to use a warrant to mine any private data, if it wants access for anti-terrorist, etc. reasons. Personally, I fall under accepting point #2. I think the government should use warrants to access data instead of mining without repercussion.