The Changing Economics of Surveillance

Cory Doctorow examines the changing economics of surveillance and what it means:

The Stasi employed one snitch for every 50 or 60 people it watched. We can't be sure of the size of the entire Five Eyes global surveillance workforce, but there are only about 1.4 million Americans with Top Secret clearance, and many of them don't work at or for the NSA, which means that the number is smaller than that (the other Five Eyes states have much smaller workforces than the US). This million-ish person workforce keeps six or seven billion people under surveillance -- a ratio approaching 1:10,000. What's more, the US has only ("only"!) quadrupled its surveillance budget since the end of the Cold War: tooling up to give the spies their toys wasn't all that expensive, compared to the number of lives that gear lets them pry into.

IT has been responsible for a 2-3 order of magnitude productivity gain in surveillance efficiency. The Stasi used an army to surveil a nation; the NSA uses a battalion to surveil a planet.

I am reminded of this paper on the changing economics of surveillance.

Posted on March 12, 2015 at 6:22 AM • 44 Comments

Comments

ramriotMarch 12, 2015 7:07 AM

And, as almost a throw away line in the article, he quite rightly points out that all this highly financially efficient surveillance is least effective at its official task, that of finding terrorists. But yet very effective at disrupting civil opposition to the status quo in support of the goals of a wealthy elite.

WmMarch 12, 2015 7:11 AM

No matter how incriminating the evidence might seem, the authorities still must heavily depend upon getting a confession to make a case. If criminals, and especially innocent people, would just keep their mouths shut, immediately recognizing that they are innocent until proven guilty in a court of law, and executing their right to remain silent at the beginning of any and all interrogations, they would save themselves hours of battling with the police, as well as not giving police and prosecutors statements whereby they will use to build a case against them. Such submission to the authorities comes from the mistaken mind set that cops and prosecutors are superior to the American citizen.
The real mind set a citizen should have is to recognize that cops and prosecutors are inherently evil in nature, the enemy of innocent, righteous men and woman, and should never be trusted = spoken to.
I heard a statement concerning a strategy of war recently, advise that law abiding citizens should take to heart when it comes to dealing with cops and prosecutors: "The essence of winning a war is the defeat of the enemy's plan and the imposition of your will upon the enemy." The enemy of innocent Americans today are the corrupt authorities, 'the essence of winning is the defeat of the enemy's plan' that plan is to get you talking and submit to an unwarranted search, giving them evidence and statements they so greatly need and desire to hang you with. Exercising your right to remain silent with cops, refusing all request to meet with the authorities, demanding to speak with a lawyer if arrested or detained at a police station, and taking the 5th to any questions from a prosecutor, will stop all evil and deceitful tactics the authorities have designed for you.

Paul HouleMarch 12, 2015 7:28 AM

@wm I think that is a way to have more trouble with the cops, and attitudes like that are part of the sticky mess that black men are involved in in the US.

You are certainly right that if you have done a major crime you should keep your mouth shut. On the other hand if you have a PMA and you own up to a traffic violation sometimes you will avoid a ticket. Cops can be assholes sometimes, but they are people too.

I remember one of those gamergate people interfered with EMS workers in SF and would not let the cops get the last word and of course she got arrested and spent the night in jail. Similarly I saw a video of some kid on probation who didn't want to get caught with a small amount of pot so he hit a cop. Surplus negativity can get you in plenty of trouble.

Victor EngmarkMarch 12, 2015 7:55 AM

This million-ish person workforce keeps six or seven billion people under surveillance.
No. First, and most importantly, the level of surveillance is completely different. Today, if you're willing to deal with the same inconveniences everybody dealt with on a daily basis 50 years ago (going to the bank & public offices, finding information in books, paying with cash) then for many practical purposes you're off the radar. That is not in any way comparable to having informants in political clubs, cafés and streets. Second, less than half of the world's population are online. Third, they have the in-transit data going through their servers, not the plaintext of everything going between every two computers on the planet. Encryption is getting more common and better, in part thanks to the recent revelations. If the net truly goes dark, with strong encryption being the norm, having petabytes of in-transit traffic counts for nothing.

65535March 12, 2015 8:18 AM

Speaking of police and the law, I am just wondering what will happen when defense lawyers figure out their confidential communication and not confidential – and are caught up in the vast surveillance drag-net as the average Joe's communications.

These lawyers are going to either get very angry - or very scammed. The NSA and all of its tentacles could easily provide the prosecution with said defense lawyers’ game plan!

Turning to the relatively low cost of surveillance of all electronic communications [and of the USPS electronic photographing of all mail], won’t this become a double-edge sword where our enemies will be able to use relatively “inexpensive surveillance” to attack America?

Possibly even manipulate USA elections. Maybe, this is why there is some much credit card skimming.

[Please excuse the grammar errors and other errors]

paulMarch 12, 2015 8:20 AM

This is the same (albeit in the opposite direction) as the difference between companies that do real customer service and companies that have "customer service representatives" in a call center somewhere. It's "productivity" -- or, what in the Cold War used to be called "the sharpshooter myth" (the idea that the US could defeat an overwhelmingly larger force by fielding ever smaller numbers of ever superior technoweapons, even though in pretty much all previous wars it had been the ability to produce inconceivable numbers of mostly mediocre weapons that had carried the day).

Which is not to say that ubiquitous mechanized surveillance can't make a lot of trouble for a lot of people. It's just that finding the "right" lot of people without hindsight is apparently still as difficult as it was in the years of informants and carbon paper.

vas pupMarch 12, 2015 9:40 AM

@65535 • March 12, 2015 8:18 AM. You pointed to very sensitive and important issue related to surveillance. In an era of mass surveillance there is no difference for snoopers who you are: lawyers, judges, doctors, shrinks, priests, senator or governor. Mass surveillance made 'all us equal'. Cases of Spitzer, Petreus(initial) just example.
The difference is that probably for high level officials or involved in protected communication parallel construction would be mandatory for the court, but 'leak' to the media would be enough to ruin that person's life and reputation.

SamMarch 12, 2015 9:46 AM

@Victor Engmark:

> Second, less than half of the world's population are online.

What percentage of Terrrrrrists are online? Because that's the justification for all of this.

> Third ... in-transit data ... not the plaintext

They have basically any plaintext they want. I could google for specifics or I could direct you to the immediately prior article on this very blog.

MikeAMarch 12, 2015 10:21 AM

Agree that just running off at the mouth to LEOs is a bad idea. Also agree that copping an attitude right off is a bad idea. I do want to highly recommend

http://lawcomic.net/

"The Illustrated Guide to Law", which is pretty much what it says on the tin, with two caveats:

1) Based on U.S. law
2) Based in an alternate reality where law enforcement and the judiciary actually try to avoid breaking the law themselves. YMMV.

Begin at the beginning, and when you reach the end, stop.

Gilberto Valle, Gourmand extraordinaireMarch 12, 2015 10:22 AM

Paul Houle tells you, don't exercise your rights or you'll get in trouble. Instead, throw yourself on the mercy of the asshole cops. Asserting your rights constitutes an attitude of inappropriate blackness, which explains why cops kill black guys whenever they feel like.

With morons like this for cops, we are safe under ubiquitous electronic surveillance. They will watch their fusion-center monitors with tongues lolling out, and fall asleep. Unless there's porn.

BoppingAroundMarch 12, 2015 10:22 AM

> I am just wondering what will happen when defense lawyers figure out their confidential communication and not confidential – and are caught up in the vast surveillance drag-net as the average Joe's communications.
Does anybody here have lawyer acquaintances? Would be interesting to get some input from them on the situation.

Sam,
> What percentage of Terrrrrrists are online?
He said it. Less than half of the world's population.

DGMarch 12, 2015 11:18 AM

Now the question is whether or not you can attack the economics of a third party gaining value from monitoring less that perfectly secure communications.

HermanMarch 12, 2015 11:23 AM

Don't talk to me, talk to my lawyer.

The American 'Miranda Rights' basically tells every arrestee to 'shut up'. Fortunately most crooks don't and can't stop blabbing when they are arrested, thus making things much easier for the police.

The problem with ubiquitous surveillance is that it makes the right to 'shut up' and be quiet obsolete and useless, since the police already knows everything.

The frightening thing is that much of what they know can be totally wrong/contrived/fabricated/misattributed to you...

DanielMarch 12, 2015 11:49 AM

I think the numbers game played by Doctorow overlooks a crucial point that poster "Wm" implies but doesn't state explicitly--regardless of what the eye in the sky is doing for most people most of the time the realities of the American police state don't become actual into they interact with an officer of the law. Because this interaction happens infrequently--especially if one is white and upper class--the scope of the panopticon is vastly underestimated and unappreciated.

The result is that the surveillance state is not only massive it is also operates with more precision. This is where Victor Engmark goes astray. 50 years ago one did not have to worry about a cell phone tracking one's every move or an array of license plate readers knowing every stop one's car makes. It is folly to suggest that if one "tries really hard" one can live in the past. Nonsense. Bruce utterly destroys that argument in his new book.

The net result is that most people don't care about exposure until the predator has them by the throat and by then its too late.

AlanSMarch 12, 2015 12:08 PM

Interesting article.

Foucault was lecturing about the relation of neoliberalism to surveillance 35 years ago. There are actually two types one should consider. There's surveillance for the have-nots and surveillance for the haves. I think Cory is wrong about the costs because he's  just looking at a subset. "Guard labor" in the US is extensive because it includes the police and prison system (and more) that mostly targets young black men in poor communities. The US has one of the highest incarceration rates in the world and it's not cheap. What has unfolded recently in Ferguson is symptomatic of this larger reality. For discussion see Punishment and the Myth of Natural Order. This type of power is along the lines of that described in Foucault's earlier work, Discipline and Punish. The lectures describe a type of power, focused not on individuals but populations, that's more characteristic of modern consumer society. It's much more pervasive, efficient and sophisticated than disciplinary power. It's expository rather than panoptic. For discussion see Digital Security in the Expository Society.

MartinMarch 12, 2015 1:05 PM

I have no confidence in this stuff. It reminds me of all the articles about how companies don't care about security because it's cheaper to just pay out in the unlikely event of a breach. (duh...I can't think of any other reasons there are breaches so that must be it).

Numerous holes in the surveillance math too.

The Earth can't possibly be turning on it's axis everyday. The wind would be so strong birds couldn't even fly.

One day all this garbage analysis will a distant memory.

SoWhatDidYouExpectMarch 12, 2015 3:21 PM

Speaking of which:

OpenSSL To Undergo Massive Security Audit

http://tech.slashdot.org/story/15/03/12/1928259/openssl-to-undergo-massive-security-audit

From the post...

"Now that its codebase is finally viewed as stable, OpenSSL is getting a good top-to-bottom once-over in the form of a sweeping audit. As part of the Linux Foundation's Core Infrastructure Initiative, the foundation and the Open Crypto Audit Project are sponsoring and organizing what may arguably be the highest-profile audit of a piece of open-source software in history. The audit itself will be conducted by the information assurance organization NCC Group, and its security research arm, Cryptography Services, will carry out the code review of OpenSSL's 447,247 line codebase over the next several months."

How far into this security audit will the spook agencies be reaching to install their obfuscation or minimalize the results?

WalksWithCrowsMarch 12, 2015 3:27 PM

When I read of Cameron's plans to outlaw encryption, my response was, "My God, they are really bringing down an iron curtain over democratic states".

Doctorow is very well read on the rise and formation of totalitarian states. I think anyone who is, and who is also up on the domestic surveillance rise - the drastic rise - coupled with being well read on domestic legal problems will come to the very same conclusions: at the very least, the "five eyes" are on a direct path towards totalitarianism.

Last night, I finished an episode of "House of Cards" where a very intriguing statement was made, "Anyone who ever imagines themselves in the position of the President will never turn back". In context, she was meaning any politician who actually had a chance of doing so.

The same tendency is true with power and individuals in any manner of power scenario: if they imagine themselves increasing their power and it is possible - even remotely - to do so, this they will do.

This is definitely the case with the invisible, ruling elites. Those in government. I do believe they partly are actually serving others causes, such as the "wealthy elite" or "1%'ers" as Cory outlines. But, eventually, if things come to head: they will go and those in unelected capacities in government with true power over information, and so knowledge, will take the helm.

And their money and resources.

A kleptocracy, then, is the real wave of the future, exactly as is happening in China and Russia.

This is not to say I have no optimism, I do. But this surely is the "worst case scenario", and if not properly pulled out at the roots, it will continue to flourish.

I also agree, where this money, and where these resources should be spent, is in building up the economy and the marketplace of technology, especially.

*The focus, if there must be any, should be in defense, not offense*.

A technologically more advanced nation is best put at sticking to defending what they have, if they are ahead, and not waste much time on spying on technologically behind nations. All promise will lead to little results, and the backdoor is left open while doing so.

Right now, the reverse is happening, which is troubling: despite all of the exposed outrages over the past years, the USG is not backtracking in the slightest. Worse, they are standing up with their foremost allies and altogether demanding backdoors in all of their country's products. While, at the very same time, also demanding the right to spy on everyone, especially those in other countries. This, altogether, is a potentially catastrophic message to send to all of the customers or would be customers of American (for instance) products. They might as well be saying, "Never buy our technology".

Like how terrorism actually works for the aims of anti-terrorists, this manner of attitude helps force the issue: the more destablized America gets because of factors like their government sending such a negatively impactful message, the more chance they have to take over.

As just one "for instance", how hyperinflation and the burning of the Reichstag both helped rise Germany's Nazi power into office.


WalksWithCrowsMarch 12, 2015 3:45 PM

@Martin

I have no confidence in this stuff. It reminds me of all the articles about how companies don't care about security because it's cheaper to just pay out in the unlikely event of a breach. (duh...I can't think of any other reasons there are breaches so that must be it).Numerous holes in the surveillance math too.The Earth can't possibly be turning on it's axis everyday. The wind would be so strong birds couldn't even fly.One day all this garbage analysis will a distant memory.

Oh, you very well may be correct. This said, I knew Cory Doctorow from a bit of a distance way back when, and the man is scarily prescient in his observations. He also has a scary way of underplaying his understandings. As a good "for instance", look at OpenCola a bit, and notice how they were on tech which then was considered a bit silly, but today is underpinnings of modern social media, modern file sharing systems, modern "darknet" systems, and modern ways of internet television. Yet, most anyone will remember about that company is they made a cola after the name, and an open source cola, at that.

The questions are very serious ones, and I do not believe any of this is any manner of game.

While I do find it unlikely that Cory's "Rapture of the Nerds" dystopian futures will come true, I do find his forward thinking in his writings also likely incredibly prescient, albeit in much more distant terms: as metaphor tends to be. Often, these sorts of works are very much on the "here and now" as opposed to the future.

But, one question raised is: can the jingoism of Democracy disguise the movement to totalitarian power exactly as the jingoism of Communism did? I think, this very well may be true.

Or not.

Maybe it all serves some other social purpose in the grand scheme of things.


Data (I'm Importa nt)March 12, 2015 4:46 PM

"Data has always been important. But with new surveillance technologies, it’s possible to automate huge swathes of economic activity. Have a Baxter robot watch a worker long enough, and the robot can perform the worker’s tasks. Record enough traffic and road data, and a driverless car becomes a reality. Phone trees replace call center workers. Track everything a person does online, and you’ll be able to predict ever higher percentages of what they’ll do next. Filmmakers imagine that, out of the billions of conversations captured by phone companies (or Google, DOD, or DARPA), an OS perfectly imitating a girlfriend will emerge.

The big questions now are: who will have the chance to analyze all that data? Who will raise the capital to build immense computing centers and hire the best workers? (Rumor has it that Google paid one employee $100 million to keep him from moving to Twitter, while colluding with other tech giants to tamp down rank-and-file engineer pay.)"
http://balkin.blogspot.com/2014/09/interview-on-black-box-society_19.html

The new secure BitchLocker will be out in June. Look forward to more driving and less fun and lower pay.

BoppingAroundMarch 12, 2015 5:38 PM

AlanS,
Some French philosophers' works are notoriously complex regarding to interpretation and understanding. Is this the case with Foucault?

Daniel,
> It is folly to suggest that if one "tries really hard" one can live in the past.
> Nonsense. Bruce utterly destroys that argument in his new book.
Perhaps you can cite as to how Mr.Schneier destroys the argument? Thanks.

WalksWithCrows,
> This, altogether, is a potentially catastrophic message to send to all of the
> customers or would be customers of American (for instance) products. They might as
> well be saying, "Never buy our technology".
Do these customers have any real choice? As long as, I quote comp.lang.c++ FAQ, 'business decisions dominate technical decisions' and as long as the 'business decision' remains that security is an afterthought and even then more of a hogwash poured onto ears of ignorant ones, the situation will persist. Multiply by the economics of surveillance this very blog entry is about. US have a pretty good grip on computing. What are the alternatives?

AlanSMarch 12, 2015 7:02 PM

@BoppingAround

I find his books quite readable. I can't say I read a lot of other French philosophers of that period but some of them do have that reputation for being obscure and difficult to read. The problem is that the lectures were given to large public audiences. His thoughts skip around, he's playing with ideas that are not fully formed. There are days he lectures while sick. And the books were put together from tapes of varying qualities that audience members recorded. They were only translated into English significantly later. The two series of lectures I cited have been very influential. There is an interesting secondary literature that interprets, critiques, expands and elaborates the ideas in those lectures. Harcourt's work, which I also linked to, falls into that category.

AlanSMarch 12, 2015 7:41 PM

Doctorow:

This implies that productivity gains in guard labour will make wider wealth gaps sustainable. When coercion gets cheaper, the point at which it makes “economic sense” to allow social mobility moves further along the curve. The evidence for this is in the thing mass surveillance does best, which is not catching terrorists, but disrupting legitimate political opposition....The neoliberal answer to this is: so what? If the rich can be richer than ever without the poor having to starve, doesn’t that mean that the system is working? Boris Johnson’s big cornflakes have been sorted to the top of the packet, and have produced so much efficiency that everyone is better off for it, just as market theory predicts.

This strategy doesn't seem to be working too well for the "big cornflakes" in the UK at the moment. They are in a bit of a panic as the UK comes apart over neoliberalism (although whether there is a genuine alternative on offer is an open question). A large section of the Scottish population, who have detested the Tories since Thatcher was PM and now detest New Labour, almost succeeded in breaking up the UK last September but that was just round one. Round two is the UK election in May. Polls currently promise a hung parliament with the SNP trouncing both the main UK parties in Scotland to become the third largest UK party. The mainstream British media is dishing out fear and lies as fast as it can go (e.g. Tartan Stalinists are going to descend on London and the Thames will foam with blood!). So much for "Better Together". Among other things, the SNP are promising to opt-out of the UK's nuclear deterrent and implement land reform. Less than 0.01% of the population own 50% of the land in Scotland. The Scottish government abolished feudalism a few years ago so who knows what Stalinist atrocities they'll commit next.

BalMarch 12, 2015 7:56 PM

Bruce, I doubt people who monitor publicly posted data need a TS clearance. Unless you don't consider monitoring information that people unwittingly make public online to be surveillance, the USG is likely using more people to spy than you give them credit for.

65535March 12, 2015 8:13 PM

@ vas pup

“Mass surveillance made 'all us equal'. Cases of Spitzer, Petreus(initial) just example.”

Yes, sensitive is the word. These cases of Spitzer, Petreus are showing the “tiered system of justice” that we have. They both were probably caught by the NSA, yet got off with a slap on the wrist. The average Joe would get the 20 to life.

What happens when?

1] A lawyer loses the majority of his client’s cases because of the NSA's communications drag-net?

2] A judge is blackmailed into changing the out-come of a case against the NSA?

3] A doctor or shrink is relieved of his DEA license/medical license for helping a judge who has been has had is decisions manipulated by the NSA’s communications drag-net?

4] A key Senator is loses his seat because he wanted to change certain nasty NSA practices?

5] A Governor loses a race because his position on the Fourth Amendment that conflicts with the NSA?

All of the above will cause pressure on the NSA to either come clean or double their dirty tricks.

NoseThatGrowsMarch 12, 2015 9:02 PM

From the article: "Why would the US continue to wiretap its entire population, given that the only “terrorism” they caught with it was a single attempt to send a small amount of money to Al Shabab?

One obvious answer is: because they can. Spying is cheap, and cheaper every day."

This argument is equivalent to explaining a murder by pointing out that bullets happened to be on sale that day.

In other words, cheaper means do not explain the motive for using them in the first place.

What could be the reason for violating the Constitution on such a shocking scale?

Because it was cheap???

WalksWithCrowsMarch 12, 2015 9:57 PM

@BoppingAbout

WalkingWithCrows:
> This, altogether, is a potentially catastrophic message to send to all of the
> customers or would be customers of American (for instance) products. They might as
> well be saying, "Never buy our technology".

Do these customers have any real choice? As long as, I quote comp.lang.c++ FAQ, 'business decisions dominate technical decisions' and as long as the 'business decision' remains that security is an afterthought and even then more of a hogwash poured onto ears of ignorant ones, the situation will persist. Multiply by the economics of surveillance this very blog entry is about. US have a pretty good grip on computing. What are the alternatives?

:-) Yes.

Well, I talk around things, and often say things by what is not said. Though, what I am really very interested in, I never say, and just talk around.

I think the US has a strong tech industry, and other very good industries, such as cinema.

But, there is something else "not said" in all of these very many disclosures over the years, from really, very many sources. One can quickly notice that from comparing Russian or Chinese hacks to these.

The elephant in the room that is not really there.


BuckMarch 12, 2015 10:18 PM

@65535

All of the above will cause pressure on the NSA to either come clean or double their dirty tricks.
You think? I'd bet that what with all the parallel-construction, it'd be quite difficult to 'prove' any of the above without 'privileged' information... I think it will necessarily take an insider (by accident or conscience) to bring any of those potential issues to light.

WalksWithCrowsMarch 12, 2015 11:15 PM

@NoseThatGrows

Oh, I get it. "NoseThatGrows" "WalksWithCrows". A personal attack. A slur.

I say plenty of things and you are perfectly free to respond to anything I say. I am not exactly easy to understand, and do not pretend to be so. But, I am sensing hatred here. That is what happens when people call others names instead of engaging them in thoughtful dialogue.

I can be indirect, opaque, oblique, sarcastic, and I can also be entirely direct. I do not think I need to make apologies for that, to people who insist others be easy to understand and not fall under the ire of their bigotry and desire to dominate and exert power entirely apart from their capabilities for argument.

Why not get it out? What is your charge, hrm? Why would I lie? And, about, what, exactly? A witch? A Jew? A Christian? An Atheist? Gay? Straight? Muslim? Arab? For what would you burn me to the stake for, not bothering with evidence? Maybe I am an alien? A spy? A traitor? A criminal? Set up the witch nooses, get up the rack, call me to the showtrial! We have a real witchhunter online.

P/KMarch 13, 2015 1:43 AM

Sorry but those numbers mentioned by Cory Doctorow are nonsense. NSA has some 35,000 employees and then there are some 12,000 uniformed members for tactical SIGINT collection. Other Five Eyes agencies don't even come close to that number.

But most ridiculous is that the NSA and the Five Eyes are keeping 6 or 7 billion people under surveillance. There's not a single piece of evidence for that, let alone that NSA would ever want that.

They would drown in data, and they are the first to know that.

vas pupMarch 13, 2015 9:28 AM

@Buck • March 12, 2015 10:18 PM:
"I think it will necessarily take an insider (by accident or conscience) to bring any of those potential issues to light." You are right! The case is that
Ed Snowden (his luck) had experience with CIA before (he knew tactics to prevent being compromised before he could get to "safe" heaven and his intentions disclosed and movements trigger suspicious). NSA's mathematicians are brilliant, but could be gagged before they could do anything similar in your posting due to lack of those skills.

Clive RobinsonMarch 13, 2015 10:18 AM

@ P/K,

But most ridiculous is that the NSA and the Five Eyes are keeping 6 or 7 billion people under surveillance. There's not a single piece of evidence for that, let alone that NSA would ever want that.

Put simply "Wrong assumption".

The NSA and Five Eyes, realy do want to catch everything, their aim is not to keep everybody under what you would consider surveillance, but to build the equivalent of a "time machine". So that they can in effect go back in time and see what you have said to whom and when, as and when you become a "person of interest" now or in the future.

As for the 6-7billion blink twice and there will be 8billion people people in the world. Go check how long it took for the US population to increase by ten percent in the past few years.

As I've noted before the only people not being recorded are third world goat herders without communications, but then the NRO is probably watching where the goats go any way to find caves.

The simple fact is that "personal" communications outside of the first world and increasingly so even there is done by radio waves. It's just to expensive to put copper or fiber in in low population density areas which is actually quite a large part of the worlds surface. Likewise it's nolonger possible to put more copper or fiber into everywhere in high population density areas at anything close to the rate required, the cost is to high and the reliability to low, and people want what they see as the freedom of mobility which neither copper or fiber give.

All of these "last mile" radio links are in the UHF and microwave bands and go up into space rather more easily than they go round the corner of the street in your local town. One of the original reasons for the five eyes is where they are in the world with regards satellite downlink foot prints and subsea cable nodes.

We know that geting into subsea cable comms is practiced by rather more than just the Five Eyes these days.

We also have good reason to belive that the US has access into most if not all major backbone routers.

We also know that for a long time the NSA were the worlds leaders in storage technology. Likewise in voice / video / audio compression, and we belive that they also may be the worlds leaders on "voice to text" and automated translation.

We also know that "what the NSA gets the NSA stores forever" VENONA told us that, and their appetite for both is as insatiable as ever.

Whilst I will grant you none of this is "proof positive" it would be wise to consider it so.

esMarch 13, 2015 11:58 AM

>But most ridiculous is that the NSA and the Five Eyes are keeping 6 or 7 billion people under surveillance. There's not a single piece of evidence for that, let alone that NSA would ever want that.
>They would drown in data, and they are the first to know that.

What is PRISM? Why do you think the NSA Utah Data Center with storage in excess of 1 billion gigabytes, exists?

>While I do find it unlikely that Cory's "Rapture of the Nerds" dystopian futures will come true,

If you have the means, you only lack a motive.

eyes.for.the.heatMarch 13, 2015 12:41 PM

@Clive

The NSA and Five Eyes, realy do want to catch everything, their aim is not to keep everybody under what you would consider surveillance, but to build the equivalent of a "time machine". So that they can in effect go back in time and see what you have said to whom and when, as and when you become a "person of interest" now or in the future.

That's one of several uses for spying on everyone. Others are to measure the progress of propaganda operations, and to conduct psychological experiments on the one or more individuals.

Basic situational awareness concerning what people are thinking and doing enables the intelligent application of zersetzung. By focusing on a few influential thinkers, the government can acheive what censorship does without making big waves. Economic spying is another reason.

ChrisMarch 13, 2015 1:10 PM

@eyes for the heat:
That's one of several uses for spying on everyone. Others are to measure the progress of propaganda operations, and to conduct psychological experiments on the one or more individuals.

Basic situational awareness concerning what people are thinking and doing enables the intelligent application of zersetzung. By focusing on a few influential thinkers, the government can acheive what censorship does without making big waves. Economic spying is another reason.
the changing economics of surveilance
--
Hi now this is i think very intresting! because it makes alot of sense, if you have the whole picture of things, you can measure all sorts of things going on almost realtime.
I think there might be one of the biggest aha moments for me in a while
Thanks for the insight

Nick PMarch 13, 2015 1:13 PM

@ Bruce

His numbers are way off. They basically assume the whole TS-cleared community keeps the world under surveillance. I'd only count those who participate in the programs: tool development, maintenance of the systems, operators in the field, analysts with access. Anyone like that. It's probably a very small subset of TS community given tools are developed in SAP's and using them is TS/*SCI* (higher clearance). So, his point remains and is even amplified: a mere tens of thousands of people keep billions under surveillance.

re guard labor

Section was good.

re why spy

"Our networks have given the edge to the elites, and unless we seize the means of information, we are headed for a long age of IT-powered feudalism"

Aha! Good to see someone agree with me while specifically mentioning elites. Their effects on this situation can't be underestimated. Given they control the state via proxy, anything developed for "terrorists" will support the elites work to get rid of competition one way or another. This has virtually always been the case. I'd like to see more smart people connecting these dots and exploring the potential consequences.

65535March 13, 2015 1:30 PM

@ Buck

“I'd bet that what with all the parallel-construction, it'd be quite difficult to 'prove' any of the above without 'privileged' information... I think it will necessarily take an insider (by accident or conscience) to bring any of those potential issues to light.” - Buck

Yes, that is a good observation.

Parallel-construction involves a group of high level players. That is out of the cards. It’s down a well informed insider to blow the whistle this. I hope it happens soon.

Nick PMarch 13, 2015 1:37 PM

@ P/K

Nice propaganda piece. Funny that someone who read Bamford thinks they worry about drowning in data or don't aim to do mass collection. Between Echelon and his books, we knew that they captured as much radio and satellite traffic as possible to be analyzed by acres of computers. Echelon was so overwhelmed by the explosion of email use that their systems crashed a few times. Then, Binney showed that they favored mass interception of all phones systems over his decentralized, selective Thinthread program (at first). Then they used his program but with same dragnet goal as Trailblazer. On top of the billions of communications they intercept from Iraq and India, each.

So, the data in both pre-9/11 and post-Snowden disclosures totally contradict your position. They want to Collect It All to see anything and everything that might be a threat. They already intercept communications by the billions and trillions of bytes. They do this in Five Eyes and with European partnerships. The encrypted stuff they store for 5 years just in case. And so on. People's assumptions about whatever they're doing now should be consistent with what they've already done... just in case.

Their real position seems to be to maximize collection under the assumption that they'll develop the necessary analytical capabilities *eventually* and when they do the collection tools will already be in place. That they're programs running in parallel is further evidence of this. They'd do it to justify continued funding and employment if nothing else.

P/KMarch 13, 2015 10:40 PM

@ Clive Robinson:

I don't deny that NSA and its partners have vast intercept capabilities all over the world, but that's different from surveilling all people. But NSA uses that in a targeted way: they look at things that can be useful for the goals set out in documents like the Strategic Mission List, which contains the common topics for such an agency: supporting military operations, diplomatic advantages, protecting US interests etc. That only affects a very small number of people (except in Iraq and Afghanistan).

Creating databases to look back in time would be nice, but we have only seen very few examples of that practice: the domestic phone metadata collection, the Dishfire text message database and probably a few others, but that is still far from what Google and Facebook are doing: they try to collect everything and also store that forever. On the other hand, that makes it easy for NSA: they don't need to collect it themselves anymore, they just have to ask Google and Facebook when they need something.

Regarding storage, people always mention the Bluffdale data center, but until now there was not a single Snowden-document about this place, which is remarkable if it would really be the repository for the whole world. It would also be interesting to compare its capacity to data centers of Facebook and Google. My impression so far is that it is 'just' for NSA's new computer clouds.

@ es:

PRISM is very targeted collection: NSA only requests the communications related to specific addresses and identifiers from those nine internet companies.

@ Nick P:

Propaganda are those Snowden-stories published by the mainstream media. It would be interesting to look at why they are so willing to forward those anti-NSA activist stories again and again....

But like you said: NSA experienced over and over how difficult it is to keep pace with the enormous amounts of communications, and also a number of Snowden docs show how they are struggling with these volumes. Therefore they are not trying to collect as much as possible, but to collect things in a way that makes it as easy as possible to find what they want. And that is certainly not always collecting everything. What we have learned from the Snowden docs is that NSA is actually shifting away from such mass collection effeorts in favour of hacking operations.

(btw: that phrase "Collect it All" is from a presentation about the Menwith Hill satellite intercept station, and therefore cannot be seen as the ultimate goal for NSA as a whole - it was once again presented in a misleading way)

esMarch 14, 2015 2:41 AM

@P/K
>PRISM is very targeted collection: NSA only requests the communications related to specific addresses and identifiers from those nine internet companies.

Citation needed.

>Propaganda are those Snowden-stories published by the mainstream media. It would be interesting to look at why they are so willing to forward those anti-NSA activist stories again and again....

Man, I sure hope someone's job was to stop the covert manipulation of US interests.

Nick PMarch 14, 2015 11:21 AM

@ P/K

"and also a number of Snowden docs show how they are struggling with these volumes. Therefore they are not trying to collect as much as possible"

No, the documents indicate this is exactly what they're doing. They have taps and implants all over the world. They grab all the satellite stuff. They were intercepting Facebook and Google's datacenters live. They also were intercepting at least a fifth of all domestic, Internet traffic. None of this is a targeted, comprehensible way of doing collection. Instead, it's part of a goal to collect as much as possible whether they can understand it or not.

Further, that they're building datacenters like the one in Utah supports my point. Even Facebook (at one point) and Walmart didn't need that much capacity to store data on their whole operation. Facebook stores crazy amounts of data on hundreds of millions of accounts going back 3-5 years. That NSA needs twice that capacity in *one* datacenter suggests their "targeted" efforts are truly massive. That they haven't accomplished jack with it suggests it's mass collection for the reasons you mentioned: they can't make sense of it.

P/KMarch 14, 2015 4:39 PM

@ es:

There's an extensive report about PRISM collection by the Privacy and Civil Liberties Oversight Board: http://www.pclob.gov/library/702-Report.pdf

@ Nick P:

If it is as you say, why is there no hard evidence for that? Until now there's not a single Snowden document that proves such an ambition of collecting everything (apart from that phrase "Collect it All" for the Menwith Hill satellite station).

Regarding the Utah data center, I repeat my question: provide us with numbers about how much Google and Facebook are storing, compared with the NSA data centers.

Scott "SFITCS" FergusonMarch 14, 2015 7:39 PM

@P/K

I don't deny that NSA and its partners have vast intercept capabilities all over the world, but that's different from surveilling all people. But NSA uses that in a targeted way:

Interesting - do you have some evidence that this is the case, and that it will always be the case (in the latter instance, some sort of legislative, enforced, destruction of data both meta and content held by the NSA and it's partners).

Creating databases to look back in time would be nice, but we have only seen very few examples of that practice: the domestic phone metadata collection, the Dishfire text message database and probably a few others,

Agreed. So far so good (as the bloke who jumped off the tenth floor said as he passed the second). Perhaps that desire is not unique to you, and might be classified "above top secret" (not to be on a digital record)?

..but that is still far from what Google and Facebook are doing: they try to collect everything and also store that forever. On the other hand, that makes it easy for NSA: they don't need to collect it themselves anymore, they just have to ask Google and Facebook when they need something.

That's a dual edged weapon. I can access some of Google's data and now have similar access to satellite imagery that previously was unavailable to private individuals.

Regarding storage, people always mention the Bluffdale data center, but until now there was not a single Snowden-document about this place, which is remarkable if it would really be the repository for the whole world. It would also be interesting to compare its capacity to data centers of Facebook and Google. My impression so far is that it is 'just' for NSA's new computer clouds.

There are a number of things wrong/flawed with that belief: it's places too much stock in the idea that a lack of evidence is proof of a negative; I suspect the capability would be either "above top secret" or politically insane; organisationally it'd be better tactics to geo-distribute; you compare apples and oranges - Google, Bing, and Ffffacebook have different requirements (think archival rather than constantly accessible - meta data is the key to data records).

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.