Schneier on Security

RGP Security • October 7, 2014 11:21 PM

                                                HUMAN FACTORS IN EAVESDROPPING

Is Eavesdropping Necessary?

  Human factors are strongly at play in signals intelligence collection.  One could say, perhaps justifiably, that the motivations of the collectors will often determine the success or failure of an intelligence effort. But to talk in such simplistic terms does not do justice to the complex and murky human reality. From a professional viewpoint, the collectors and technicians should care if their work succeeds or if their efforts mean anything beneficial to their country.  One presumes that they do care, but this is not always the case. Promotions, careers, posh assignments, foreign travel, expense accounts, self-interest of every sort, all contribute to whether anything will be said in the face of senseless activities or plain illegality.  The self-interest of the people in the organization is not always in the interests of the country.

 Many think of eavesdropping as fundamentally corrupt and dishonorable.   Its current manifestation in the United States has been likened to a self-licking ice cream cone that just gets bigger and bigger.  Constant eavesdropping, even against friends, is saying that no one is a real friend, and that other people do not matter.  It is the practice of denying people their dignity and their right to express themselves freely, and it is now big business.  If eavesdropping activities are legal, then this is bad enough, but if the activities are illegal, then a culture of fear and silence breeds within the eavesdropping organization because someone may someday be held accountable.  But most of this can be subsumed under an easy-going, and swollen, self-interest.  Self-interest and denial are seen at every level of the organization.

 There is a fundamental division here:  eavesdroppers have to trust each other to do their jobs well, but the longer that stay in that line of work the less they trust anyone (to include each other) as denial increases.  A robust inward-looking counter-intelligence operation also shows that no one is absolutely trusted in the organization.  People inside the eavesdropping organization end up divided off from others even though they can tell themselves they are doing the right thing in the world, even when the deaths of innocent people are involved.  In the act of eavesdropping, the disregard for the rights of others only begins.  Those others can be people one works with, people down the street, or someone on the other side of the earth.

 These fractures are indicative that something is rotten:  lying to legislators, not trusting people in your own organization, appealing to greed, and denying responsibility.

 Take the example of another very similar swollen bureaucracy:  the U.S. Army.  At some point after 9-11 the U.S. Army noticed that soldiers with high scores on standardized foreign language proficiency tests often did not want to stay in the military.  Those soldiers, cryptologic linguists, had usually learned a foreign language at the prestigious DLI in Monterey, California.  Those with lower scores were more often eager to stay in the military.  Those with higher scores were looking for the exits despite generous bonuses.  Leaders scratched their heads.

 What the leaders never figured out, or never admitted, was that the Army most emphatically did not want to have highly skilled soldiers.  The Army just did not care.  Having highly skilled soldiers had nothing to do with the boss being promoted.  Pure obedience would trump job skill, and the former required less effort from all concerned.  Appearances would suffice.  The analogy here is that a large eavesdropping organization (also hierarchical, also given to obedience, and also militarized) does not necessarily care if it is doing anything truly effective.  It just needs to look as if the world depends on them.  Also, smart people can be a threat: look at Snowden.  The organization wants to expand and function without hindrance and without anyone voicing other opinions. 

 Budget growth is not hindered by the high turn-over of employees, dumb policies, or pursuing senseless activities like spying on people who play Angry Birds (even though professionalization is reduced).  It is like promotion in the Army not being linked to job skill.  It does not matter who gets promoted, or how hallow things get, as long as appearances are kept.  It used to matter, but the Army did away with those tests because a perception existed that soldiers from certain racial groups would be disadvantaged during test-taking.  In other words, like finding a kind of camouflage to wear that is visible at all times in all places (the infamous DCU), the Army created a kind of reverse Darwinism:  the selection of the unfittest.  White trash never had it so good.

 Eavesdropping at the national level works in the same way.  It does not have to make sense, be efficient, or be done by anyone special. It just has to spend money and stay secret.  One hesitates to consider the track record and the amount of money spent.  9-11 was not foreseen.  The Russian invasion of Ukraine was missed.  The war in Iraq was not won.  The war in Afghanistan is the longest one in American history.  The invasion of Libya was, and is, a fiasco.  The Tsarnaev brothers had red flags all over them, but they were not stopped in Boston. Terrorism is not declining. Is anyone responsible?  Has eavesdropping done anything effective to make the world safer?  Is it necessary?