Irreal

The revelations from the NSA scandal are coming so fast and furious that it’s easy to become confused. Now, the EFF has come to our rescue with Timeline of NSA Domestic Spying. It starts with the ratification of the bill of rights and ends with the release of the FISA Court ruling on NSA’s violations of the Fourth Amendment.

Take a couple of minutes out of your busy life to peruse the timeline. It will probably be a revelation to you.

Jennifer Granick has an excellent article, My Dinner With NSA Director Keith Alexander, in Forbes. Unlike most reporters, Granick doesn’t waste her (and our) time with sideshows such as the whereabouts of Edward Snowden. Instead, she zeros in on the real issues.

She takes the balanced view that Alexander is a good man but one who is badly mistaken. Although he believes he is doing good—and, of course, to the extent that he protects us from terrorists his work does have some merit—he is, in fact, systematically destroying the democracy that’s he’s sworn to protect.

Unlike almost every other reporter, Granick understands the dangers that metadata represents and, most importantly, what a serious, serious danger the collection and storing of all this information represents. She shows how anemic the safeguards the government keeps touting really are and how many completely innocent citizens have their data swept up and examined at will simply because they know somebody who knows somebody who knows a target. Unmentioned by the government—until the recent release of the “primary order” controlling NSA data collection—is the fact that if you’re within 3 hops of an NSA target your records go into a pool, the “corporate store,” that can be accessed at any time by NSA analysts without any showing of probable cause or other supervision. Read this ACLU article for more about the corporate store and how it works.

Granick understands and carefully explains how this data, once collected under the aegis of protecting us from terrorists, is subject to mission creep and future abuse. We’re already seeing mission creep. The DEA and IRS have started tapping into the NSA data and other agencies are eager for a place at the trough. As Granick and the New York Times article at the last link remark, even those investigating copyright violations want access to the data.

As for possible abuse, our recent history paints a dismal picture. One needn’t believe in a cataclysmic event such as the Nazi takeover of the German government to be concerned. In the lifetime of many of us, the FBI spied on Martin Luther King, discovered that he was having an extramarital affair and threatened to expose him unless he committed suicide. When he didn’t, they sent the tapes to his wife. A little closer to today, President Nixon famously insisted that the IRS go after those on his enemies list. If all that seems like ancient history to you, consider that there’s reasonably compelling evidence that the current administration used the IRS to target nonprofit organizations that opposed their policies.

It should be clear to anyone who cares to know that no government can be trusted with this sort of data. If they have the data, two things are guaranteed:

1. No matter the reason for its collection, it will be used for more and more purposes.
2. It will inevitably be abused.

Read Granick’s article. It’s one of the few serious analyses by the Press on what the NSA scandal means.

President Obama, General Alexander (the Director of the NSA), and Senator Dianne Feinstein (Chairman of the Senate Select Committee on Intelligence) have all assured us that we needn’t worry about NSA snooping on Americans because the NSA has several systems in place to monitor and prevent abuse. Putting aside for the moment what future governments might choose to do with this information, should we feel reassured by these assurances?

Those of you familiar with Betteridge’s Law of Headlines already know the answer. Anyone familiar with problems arising from restricted data know that one of the most frequent abuses is the tracking of spouses, ex-spouses, and love interests. One frequently hears, for example, of someone abusing police databases for these very purposes. It turns out that the NSA is not immune. These abuses are, the NSA apologists assure us, very rare and harshly dealt with.

What to make of, then, this AP story? It appears that Edward Snowden had no problem defeating the logging and monitoring systems that should have alerted the NSA to what he was doing. The truth is that the NSA has no idea what documents Snowden took because he made sure to leave minimal footprints.

These two stories together suggest that NSA management really has no idea who’s abusing the system and that all their assurances are worthless. These are smart people and they surely know this. That makes it worse because it means they’re lying to us and that leads to the next question: what else are they hiding.

It seems that, once again, Betteridge was right.

Update: needed → needn’t

A while ago I wrote about Prism Break, a site dedicated to helping you choose private and secure alternatives to many popular proprietary systems and programs. Now Laurent Eschenauer has posted a description of his personal Prism Break.

Some of his choices (such as those involving email) seem less than optimal to me if you’re trying to ensure that your online activities remain private but it’s very interesting to read about the choices he made and why he made them. I really like posts like this because they illustrate approaches to preserving your privacy.

If you haven’t visited the Prism Break site yet, you should take a look. There’s lots of good ideas and information there.

Update: Added link to Eschenauer’s post.