Sunday, June 09, 2013

Person of Interest

I’m going to venture some observations about the metadata mining/PRISM scandal. There are some commentators on the “right” (e.g. Karl Rove, Andy McCarthy, John Yoo, Marc Thiessen, Lindsey Graham, WSJ editorial board) who defend the NSA programs.

i) It’s hard to evaluate the programs since many details remain shrouded in secrecy. And gov’t–especially this administration–has a habit of lying to the public.

In addition, the issue is specialized in terms of legal and technological distinctions.

ii) One assurance we’ve been given is that gov’t surveillance is still subject to Fourth Amendment protections via Supreme Court precedents.

A prima facie problem with that assurance is that FISA court rulings are classified. To my knowledge, the Federal judiciary isn’t privy to FISA court rulings. So the FISA court isn’t accountable to SCOTUS, beyond the initial appointment process. It operates like a shadow government. At least, that’s my understanding.

iii) We’re also told that this is necessary for national security, but because we’re also told that we must protect our methods and sources, officials won’t explain how this is necessary for national security. Hence, one can only speculate.

iv) I’m just guessing, but I suppose the basic principle is that if you monitor everyone, you thereby snare the subset who are terrorists. By screening everyone, we catch the bad guys.

Assuming that’s the principle, I wonder if it’s really sound.

a) Although I’m no expert, insufficient information is not the only way to miss connections. Information overload is another way to miss connections. You can fail to connect the dots because you sample too many dots. The more dots you have, the more ways they can be connected. Random connections.

Now, one counterargument we often hear is that we have supercomputers that sift the data to detect patterns. But even making allowance for that fact, if we’re collecting data on billions of electronic transactions and communications every day, then even if we have supercomputers to boil that down, I still wonder if the residual isn’t too much for human agents to process.

b) In addition, isn’t it possible for savvy terrorists to evade surveillance? As one commenter put it:

The NSA programs mainly gather data about US citizens and residents. Terrorists can avoid being ensnared by using multiple burner phones (used no more than twice, power off until used in unrelated locations) random public phones, multiple email address used infrequently, multiple WiFi sites from McDonalds to Starbucks, internet access in libraries, and stenography to contact cells. Only private citizens and really dumb terrorists will be in this system.

v) But let’s assume, for the same of argument, that the dragnet approach is effective. The rationale for mass surveillance would apply to criminality as well as terrorism. Why confine it to counterterrorism? Why not let the FBI and local police intercept all of our electronic transactions and communications? They’d catch more criminals as well as preempting some crimes.

The answer, of course, is that we’re supposed to be living in a free society rather than a police state.

vi) This is often cast in terms of the perennial balance between liberty and security. But that’s a false dichotomy. Terrorists usually fit a familiar profile. You don’t have to monitor everyone to catch the terrorists. Therefore, we don’t have to cede civil liberties for greater security. We just need to focus our resources on the demographic high-risk groups. Indeed, counterterrorism is less effective if you are spread too thin.

3 comments:

  1. Steve, thanks for looking at this. I think you're right about all of this. I just have one comment:

    Information overload is another way to miss connections. You can fail to connect the dots because you sample too many dots. The more dots you have, the more ways they can be connected. Random connections.

    Now, one counterargument we often hear is that we have supercomputers that sift the data to detect patterns. But even making allowance for that fact, if we’re collecting data on billions of electronic transactions and communications every day, then even if we have supercomputers to boil that down, I still wonder if the residual isn’t too much for human agents to process.


    I don't think this is a real problem. They're not looking directly at the data, but at patterns within the data. That is, they know how some terrorists "behave" online - that's a pattern. And there is software that can find "pattern matches". That's how they are able to say they're not actually listening to your phone calls or reading your emails. If they were to find some "pattern", then it would be incumbent upon the government to get another warrant to go deeper.

    Regarding iv. b., this too is a pattern. They can detect patterns much more finely ground than this, especially if this is the sort of thing they're looking for, and if they're looking for it, they can find it, and combine it with other factors (i.e., it's connecting frequently with other patterns like that, etc).

    Of course, you have to understand, everything that anything writes on the Internet, via email, voice on a cell phone -- all of that is being captured, and *can be* accessed at some point. And so all of us need to be careful of our Internet activities. But I don't think, yet, that the fourth amendment is being violated.

    ReplyDelete
    Replies
    1. Metadata isn’t necessarily neutral. One can often infer content from metadata. If the NSA has a record of my calling Dominos’s Pizza, they don’t have to eavesdrop on the actual conversation to know that I was probably ordering pizza.

      That’s a trivial example, but it’s easy to come up with more serious examples: a record of a call to the NRA, or www.mittromney.com, or a local chapter of the Tea party, or my oncologist, or a gun shop.

      Delete
  2. Full article: https://www.eff.org/deeplinks/2013/06/why-metadata-matters

    Relevant excerpts:

    They know you rang a phone sex service at 2:24 am and spoke for 18 minutes. But they don't know what you talked about.

    They know you called the suicide prevention hotline from the Golden Gate Bridge. But the topic of the call remains a secret.

    They know you spoke with an HIV testing service, then your doctor, then your health insurance company in the same hour. But they don't know what was discussed.

    They know you received a call from the local NRA office while it was having a campaign against gun legislation, and then called your senators and congressional representatives immediately after. But the content of those calls remains safe from government intrusion.

    They know you called a gynecologist, spoke for a half hour, and then called the local Planned Parenthood's number later that day. But nobody knows what you spoke about.

    ReplyDelete