Entries Tagged "surveillance"
Page 84 of 93
If the NSA Surveillance Happened in the European Union
Fascinating essay about how EU law would treat the NSA’s collection of everyone’s phone records.
The Ultimate Net Monitoring Tool
You too can spy on the Internet, just like the NSA.
(And while we’re on the topic, you really should read about the equipment the NSA installed at the AT&T switches. Wow.)
Winkler on NSA Spying
Ira Winkler on why the NSA spying hurts security.
The Value of Privacy
Last week, revelation of yet another NSA surveillance effort against the American people has rekindled the privacy debate. Those in favor of these programs have trotted out the same rhetorical question we hear every time privacy advocates oppose ID checks, video cameras, massive databases, data mining, and other wholesale surveillance measures: “If you aren’t doing anything wrong, what do you have to hide?”
Some clever answers: “If I’m not doing anything wrong, then you have no cause to watch me.” “Because the government gets to define what’s wrong, and they keep changing the definition.” “Because you might do something wrong with my information.” My problem with quips like these—as right as they are—is that they accept the premise that privacy is about hiding a wrong. It’s not. Privacy is an inherent human right, and a requirement for maintaining the human condition with dignity and respect.
Two proverbs say it best: Quis custodiet custodes ipsos? (“Who watches the watchers?”) and “Absolute power corrupts absolutely.”
Cardinal Richelieu understood the value of surveillance when he famously said, “If one would give me six lines written by the hand of the most honest man, I would find something in them to have him hanged.” Watch someone long enough, and you’ll find something to arrest—or just blackmail—with. Privacy is important because without it, surveillance information will be abused: to peep, to sell to marketers and to spy on political enemies—whoever they happen to be at the time.
Privacy protects us from abuses by those in power, even if we’re doing nothing wrong at the time of surveillance.
We do nothing wrong when we make love or go to the bathroom. We are not deliberately hiding anything when we seek out private places for reflection or conversation. We keep private journals, sing in the privacy of the shower, and write letters to secret lovers and then burn them. Privacy is a basic human need.
A future in which privacy would face constant assault was so alien to the framers of the Constitution that it never occurred to them to call out privacy as an explicit right. Privacy was inherent to the nobility of their being and their cause. Of course being watched in your own home was unreasonable. Watching at all was an act so unseemly as to be inconceivable among gentlemen in their day. You watched convicted criminals, not free citizens. You ruled your own home. It’s intrinsic to the concept of liberty.
For if we are observed in all matters, we are constantly under threat of correction, judgment, criticism, even plagiarism of our own uniqueness. We become children, fettered under watchful eyes, constantly fearful that—either now or in the uncertain future—patterns we leave behind will be brought back to implicate us, by whatever authority has now become focused upon our once-private and innocent acts. We lose our individuality, because everything we do is observable and recordable.
How many of us have paused during conversation in the past four-and-a-half years, suddenly aware that we might be eavesdropped on? Probably it was a phone conversation, although maybe it was an e-mail or instant-message exchange or a conversation in a public place. Maybe the topic was terrorism, or politics, or Islam. We stop suddenly, momentarily afraid that our words might be taken out of context, then we laugh at our paranoia and go on. But our demeanor has changed, and our words are subtly altered.
This is the loss of freedom we face when our privacy is taken from us. This is life in former East Germany, or life in Saddam Hussein’s Iraq. And it’s our future as we allow an ever-intrusive eye into our personal, private lives.
Too many wrongly characterize the debate as “security versus privacy.” The real choice is liberty versus control. Tyranny, whether it arises under threat of foreign physical attack or under constant domestic authoritative scrutiny, is still tyranny. Liberty requires security without intrusion, security plus privacy. Widespread police surveillance is the very definition of a police state. And that’s why we should champion privacy even when we have nothing to hide.
A version of this essay originally appeared on Wired.com.
EDITED TO ADD (5/24): Daniel Solove comments.
NSA Eavesdropping
This is the line that’s done best for me on the radio: “The NSA would like to remind everyone to call their mothers this Sunday. They need to calibrate their system.”
NSA Creating Massive Phone-Call Database
There’s other NSA news today: USA Today is reporting that the NSA is collecting a massive traffic-analysis database on Americans’ phone calls. This looks like yet another piece of Echelon technology turned against Americans.
The NSA’s domestic program, as described by sources, is far more expansive than what the White House has acknowledged. Last year, Bush said he had authorized the NSA to eavesdrop—without warrants—on international calls and international e-mails of people suspected of having links to terrorists when one party to the communication is in the USA. Warrants have also not been used in the NSA’s efforts to create a national call database.
[…]
The government is collecting “external” data on domestic phone calls but is not intercepting “internals,” a term for the actual content of the communication, according to a U.S. intelligence official familiar with the program. This kind of data collection from phone companies is not uncommon; it’s been done before, though never on this large a scale, the official said. The data are used for “social network analysis,” the official said, meaning to study how terrorist networks contact each other and how they are tied together.
Note that this database does not just contain phone calls that either originate or terminate outside the U.S. This database is mostly domestic calls: calls we all make everyday.
AT&T, Verizon, and BellSouth are all providing this information to the NSA. Only Quest has refused.
According to sources familiar with the events, Qwest’s CEO at the time, Joe Nacchio, was deeply troubled by the NSA’s assertion that Qwest didn’t need a court order—or approval under FISA—to proceed. Adding to the tension, Qwest was unclear about who, exactly, would have access to its customers’ information and how that information might be used.
Financial implications were also a concern, the sources said. Carriers that illegally divulge calling information can be subjected to heavy fines. The NSA was asking Qwest to turn over millions of records. The fines, in the aggregate, could have been substantial.
The NSA told Qwest that other government agencies, including the FBI, CIA and DEA, also might have access to the database, the sources said. As a matter of practice, the NSA regularly shares its information—known as “product” in intelligence circles—with other intelligence groups. Even so, Qwest’s lawyers were troubled by the expansiveness of the NSA request, the sources said.
The NSA, which needed Qwest’s participation to completely cover the country, pushed back hard.
Trying to put pressure on Qwest, NSA representatives pointedly told Qwest that it was the lone holdout among the big telecommunications companies. It also tried appealing to Qwest’s patriotic side: In one meeting, an NSA representative suggested that Qwest’s refusal to contribute to the database could compromise national security, one person recalled.
In addition, the agency suggested that Qwest’s foot-dragging might affect its ability to get future classified work with the government. Like other big telecommunications companies, Qwest already had classified contracts and hoped to get more.
Unable to get comfortable with what NSA was proposing, Qwest’s lawyers asked NSA to take its proposal to the FISA court. According to the sources, the agency refused.
We should also assume that the cellphone companies received the same pressure, and probably caved.
This is important to every American, not just those with something to hide. Matthew Yglesias explains why:
It’s important to link this up to the broader chain. One thing the Bush administration says it can do with this meta-data is to start tapping your calls and listening in, without getting a warrant from anyone. Having listened in on your calls, the administration asserts that if it doesn’t like what it hears, it has the authority to detain you indefinitely without trial or charges, torture you until you confess or implicate others, extradite you to a Third World country to be tortured, ship you to a secret prison facility in Eastern Europe, or all of the above. If, having kidnapped and tortured you, the administration determines you were innocent after all, you’ll be dumped without papers somewhere in Albania left to fend for yourself.
Judicial oversight is a security system, and unchecked military and police power is a security threat.
EDITED TO ADD (5/11): Orin Kerr on the legality of the program. Updated here.
NSA Warrantless Wiretapping and Total Information Awareness
Technology Review has an interesting article discussing some of the technologies used by the NSA in its warrantless wiretapping program, some of them from the killed Total Information Awareness (TIA) program.
Washington’s lawmakers ostensibly killed the TIA project in Section 8131 of the Department of Defense Appropriations Act for fiscal 2004. But legislators wrote a classified annex to that document which preserved funding for TIA’s component technologies, if they were transferred to other government agencies, say sources who have seen the document, according to reports first published in The National Journal. Congress did stipulate that those technologies should only be used for military or foreign intelligence purposes against non-U.S. citizens. Still, while those component projects’ names were changed, their funding remained intact, sometimes under the same contracts.
Thus, two principal components of the overall TIA project have migrated to the Advanced Research and Development Activity (ARDA), which is housed somewhere among the 60-odd buildings of “Crypto City,” as NSA headquarters in Fort Meade, MD, is nicknamed. One of the TIA components that ARDA acquired, the Information Awareness Prototype System, was the core architecture that would have integrated all the information extraction, analysis, and dissemination tools developed under TIA. According to The National Journal, it was renamed “Basketball.” The other, Genoa II, used information technologies to help analysts and decision makers anticipate and pre-empt terrorist attacks. It was renamed “Topsail.”
DHS Releases RFP for Secure Border Initiative
The Department of Homeland Security has released a Request for Proposal—that’s the document asking industry if anyone can do what it wants—for the Secure Border Initiative. Washington Technology has the story:
The long-awaited request for proposals for Secure Border Initiative-Net was released today by the Homeland Security Department, which is calling the project the “most comprehensive effort in the nation’s history” to gain control of the borders.
The 144-page document outlines the purpose and scope of the border surveillance technology program, which supplements other efforts to control the border and enforce immigration laws.
AT&T Assisting NSA Surveillance
Interesting details emerging from EFF’s lawsuit:
According to a statement released by Klein’s attorney, an NSA agent showed up at the San Francisco switching center in 2002 to interview a management-level technician for a special job. In January 2003, Klein observed a new room being built adjacent to the room housing AT&T’s #4ESS switching equipment, which is responsible for routing long distance and international calls.
“I learned that the person whom the NSA interviewed for the secret job was the person working to install equipment in this room,” Klein wrote. “The regular technician work force was not allowed in the room.”
Klein’s job eventually included connecting internet circuits to a splitting cabinet that led to the secret room. During the course of that work, he learned from a co-worker that similar cabinets were being installed in other cities, including Seattle, San Jose, Los Angeles and San Diego.
“While doing my job, I learned that fiber optic cables from the secret room were tapping into the Worldnet (AT&T’s internet service) circuits by splitting off a portion of the light signal,” Klein wrote.
The split circuits included traffic from peering links connecting to other internet backbone providers, meaning that AT&T was also diverting traffic routed from its network to or from other domestic and international providers, according to Klein’s statement.
The secret room also included data-mining equipment called a Narus STA 6400, “known to be used particularly by government intelligence agencies because of its ability to sift through large amounts of data looking for preprogrammed targets,” according to Klein’s statement.
Narus, whose website touts AT&T as a client, sells software to help internet service providers and telecoms monitor and manage their networks, look for intrusions, and wiretap phone calls as mandated by federal law.
More about what the Narus box can do.
EDITED TO ADD (4/14): More about Narus.
Sidebar photo of Bruce Schneier by Joe MacInnis.