Washington Is Trapped in Its Own Prism of Data-Mining Self-Defense

The Atlantic Wire
Washington Is Trapped in Its Own Prism of Data-Mining Self-Defense
.

View gallery

Washington Is Trapped in Its Own Prism of Data-Mining Self-Defense

The defenses of the National Security Agency's program to collect and store records of every phone call and every email have not been very impressive. The NSA defenders point to a secret court that rarely says no. They point out congressional oversight, even though it's clear intelligence agencies have misled Congress. And some even dismiss the information being collected on Americans as unimportant, it seems because they do not know what "metadata" is. With the revelation of domestic surveillance on a scale that's hard for the human brain to conceive of — a Library of Congress's worth of data every six hours — you'd expect something more stirring than Trust us and Who cares about metadata anyway?

RELATED: Zero Dark Verizon: Why D.C. Hates Leaks Until It Loves Hunting Them Down

On Wednesday night, The Guardian's Glenn Greenwald reported a secret court order to give the NSA metadata on every Verizon call made over three months. Subsequent reporting and statements from senators revealed that it's a regular, quarterly thing to collect the data from several major telecom companies. Further, the NSA's PRISM program, The Guardian also revealed on Thursday night, allows the government to grab emails, chats, what you've searched for, and what files you've shared, thanks to the apparent cooperation of Yahoo, Google, Microsoft, PalTalk, YouTube, Skype, AOL, Apple, and possibly more, and definitely abroad. A career intelligence officer revealed a PowerPoint about PRISM to The Washington Post's Barton Gellman and Laura Poitras because of concerns about privacy. The officer said, "They quite literally can watch your ideas form as you type."

RELATED: Don't Believe Lindsey Graham's Phony Leak Outrage

And what is the response to that panopticon from the government and the NSA surveillance program's supporters? It is ridiculous. This ridiculous:

RELATED: PRISM Companies Start Denying Knowledge of the NSA Data Collection

It's just metadata — no eavesdropping!

RELATED: NSA Spying Appears to Stem from 550-Word Section of PATRIOT Act

Metadata reveals the phone numbers, and the time, length, and location of calls. "The program does not allow the Government to listen in on anyone's phone calls," Director of National Intelligence James Clapper (right) writes in his two-page response to The Guardian article. California Sen. Dianne Feinstein assured reporters on Thursday, "As you know, this is just metadata. There is no content involved. In other words, no content of a communication." The Wall Street Journal's editorial board is sure there's nothing to be worried about. "We bow to no one in our desire to limit government power, but data-mining is less intrusive on individuals than routine airport security," the Journal says, in an editorial titled "Thank You for Data-Mining." Yes, it can be embarrassing to know that when you go through the body scanner at the airport, one person will be able to see the fat deposits you're sensitive about. But it is not more intrusive than collecting metadata on all your calls and your emails.

RELATED: The NSA Is Funneling Your Internet Life from Silicon Valley to Obama's Desk

The metadata is more revealing than the content, mathematician and former Sun Microsystems engineer Susan Landau explained to The New Yorker's Jane Mayer. "If you can track that, you know exactly what is happening—you don’t need the content," Landau says. Take this example: "You can see a call to a gynecologist, and then a call to an oncologist, and then a call to close family members." Geolocation can reveal a reporter's sources, or an extra-marital affair, or when political leaders are meeting.

A 'robust legal regime' acts as a check on this power.

"There is a robust legal regime in place governing all activities conducted pursuant to the Foreign Intelligence Surveillance Act, which ensures that those activities comply with the Constitution and laws and appropriately protect privacy and civil liberties," Clapper writes. "This renewal is carried out by the FISA Court under the business records section of the Patriot Act. Therefore, it is lawful. It has been briefed to Congress..." Feinstein said.

Clapper has a different definition of robust than many people. "This is a court that meets in secret, allows only the government to appear before it, and publishes almost none of its opinions," Jameel Jaffer, deputy legal director of the American Civil Liberties Union, explained to the Post. The Guardian's Spencer Ackerman notes, "critics have pointed out that the Fisa Court has almost never, in its 35-year history, rejected a US surveillance request." And there's reason to doubt the FISA court is rigorously scrutinizing each government request. Wired's Kevin Poulsen points out that the Verizon Business Services court order posted by The Guardian "demands cell phone data, like customers' IMSI (International Mobile Subscriber Identity) number and another identifier that reveals the make and model of the phone." But Verizon Business Services isn't a mobile carrier — it is a landline business. It's obvious, Poulsen writes, that the FISA court "uses the same catchall boilerplate order over and over again, just changing the company name and the date. The court that’s supposed to be protecting Americans from abusive domestic surveillance is not only failing in that duty, it’s also lazy."

As for congressional oversight, Bruce Schneier explains at The Atlantic, "We know that the NSA has many domestic-surveillance and data-mining programs with codenames like TrailblazerStellar WindandRagtime — deliberately using different codenames for similar programs to stymie oversight and conceal what's really going on." And Poulsen argues that the NSA has been able to trick Congress by manipulating numbers, too. Each year, the Justice Department is required to give Congress a tally of how many times it requested classified wiretaps and "business records" under the Patriot Act. The Obama administration only went to the FISA court 200 times to request Americans' "business records" in 2012, Poulsen notes. In 2011, it was 205 times; in 2010, it was 96 times; in 2009, it was 21 times. But the Verizon court order — demanding metadata on all phone calls for three months — counts as one request.

"The Department's testimony left the Committee with the impression that the Administration was using the business records provision sparingly and for specific materials," Rep. Jim Sensenbrenner wrote on ThursdayWhen a reporter asked Sen. Feinstein if the program was limited to Verizon or other companies got similar court orders, she replied, "We cannot answer that. Fortunately, I don’t know."

It won't affect you!

"The court only allows the data to be queried when there is a reasonable suspicion, based on specific facts, that the particular basis for the query is associated with a foreign terrorist organization," Clapper says. The Obama administration told The Washington Post, "extensive procedures, specifically approved by the court, to ensure that only non-U.S. persons outside the U.S. are targeted, and that minimize the acquisition, retention and dissemination of incidentally acquired information about U.S. persons." South Carolina Sen. Lindsey Graham said on Fox and Friends on Thursday, "I don't think you're talking to the terrorists. I know you're not. I know I'm not. So we don't have anything to worry about."

The PRISM program is only supposed to go after foreigners. But The Washington Post reports:

Analysts who use the system from a Web portal at Fort Meade, Md., key in 'selectors,' or search terms, that are designed to produce at least 51 percent confidence in a target’s 'foreignness.' That is not a very stringent test. Training materials obtained by The Post instruct new analysts to make quarterly reports of any accidental collection of U.S. content, but add that 'it's nothing to worry about.'

Foreign or foreignish, no big deal. The NSA looks at everyone in their terror suspects' contact list, and at everyone in their contact lists' contact lists. That's how a good deal of "incidental" American data can be swept up in a search, the Post reports. And we have plenty of reason to be skeptical that the government won't use this trove of Americans' communications, even though it has it, and the Brits, too. There is public record of the NSA abusing its surveillance power, when, under the Bush administration, warranetless wiretapping was allowed on calls in which at least one person was overseas. NSA analysts told ABC News in 2008 they had a good time listening to soldiers' phone sex.

(Top photo by ourcommon via Flickr; Dark Side of the Moon photo by Solapenna via Flickr; Clapper photo via AP PRISM slide via The Washington Post; NSA headquarters via the U.S. government.)

View Comments