Fear and Loathing and the NSA

In the couple of months since the flood of revelations about National Security Agency internet snooping was unleashed by Edward Snowden, we have seen a great deal of knee jerk reactions on all sides punctuated by an occasional burst of sanity. We have seen some genuinely frightening things, such as the NSA is collecting metadata on every phone call in the U.S. and the hints that the government is trying to get the master keys from services that offer encrypted email. We have even seen the odd moment of black comedy, such as the announcement by The Guardian that UK officials, in some strange bit of kabuki, had forced the staff to smash hard drives containing one of many copies of material obtained by Snowden.

But we have reached the point where some people are beginning to suffer what I can only call NSA derangement. The best example to date was a post by founder Pamela Jones that she was shutting down a blog called Groklaw because of NSA snooping. She wrote:

And the simple truth is, no matter how good the motives might be for collecting and screening everything we say to one another, and no matter how “clean” we all are ourselves from the standpoint of the screeners, I don’t know how to function in such an atmosphere. I don’t know how to do Groklaw like this.

Groklaw did yeoman service for years covering every detail of the epic litigation in which a relatively obscure software company called SCO tried to claim that it owned the UNIX operating system and was entitled to vast damages from IBM, Novell, and countless others. After SCO lost on nearly all its claims and went through bankruptcy and liquidation, the lawsuits linger with a sort of half-life and, until today, Groklaw lingered with them (Jones actually announced she was killing Groklaw in 2011, but it refused to die.) But Groklaw is of no more interest to the NSA than is, say, Tech.pinions. To think otherwise is a bit megalomaniacal.

But the fact that someone as knowledgable about the law and technology as Jones (who does, it should be noted, have a somewhat conspiratorial frame of mind, especially where Microsoft is concerned) goes this far off the deep end is an indication of the impact of the NSA story. She’s hardly the only one. Keith Devlin, an eminent Stanford mathematician, has been filling my Twitter feed with over-the-top political posts, including the claim that the U.S. has become East Germany, a state that not only spied on its citizen’s in far more offensive ways than anything we have heard about in the U.S., but regularly murdered them:


On an even odder note, he suggested that he might face prosecution if a terrorist enrolled in his Coursera “Introduction to Mathematical Thinking” course, since knowledge of math might allw them to become codebreakers (or something):


When really smart people start talking like this, it is time for everyone to stop and take a deep breath. I am horrified by what we have learned about the extent of government spying on its own citizens and I am disgusted by knee-jerk defenses from the likes of Senator Diane Feinstein (D-Calif.) and Representative Peter King (R-NY) that it’s all OK because it is just protecting us from terrorists. Some perspective is desperately needed.

At one level, what the government (NSA is convenient shorthand, but it is much broader than that) is doing has caused some fundamental changes in thinking about the relationship between citizens and a democratic government. But unless you deal in leaks of classified information (an important unless, but one beyond the scope of this article), the effect of knowing what you now know on your daily life is minimal to non-existent. For example, I have been preaching for 20 years that email should not be regarded as secure or even private. The fact that the NSA might snoop on it changes very little–and nothing that has come to light shows that the government routinely reads domestic email. I don’t like the government collecting my call data, but it’s not going to change my behavior.

What we need right now is a lot less hysteria and a lot more pressure for a serious political debate on striking a new balance between legitimate investigative needs and the need for privacy and freedom from intrusion, and moves the needle a long way back toward privacy and transparency. Although the leadership of Congress is generally standing behind government spy programs, there is broad support for change among the congressional rank and file of both parties.  This could be a rare moment when it is actually possible to get something done, but only if we focus on what is real and what is important, and avoid sinking into wild charges and paranoia.



NSA Spying: Why So Little Outrage?

Since the revelations about the extent of telephone and internet surveillance by the National Security Agency first broke a couple of weeks ago, I’ve been struck by how little outrage there has been aside from activists at the left and right end of the political spectrum. Today, my wife Susan, who is tech savvy but doesn’t live and breathe this stuff the way I do, answered the question:

I assume that whenever I type something on a computer somebody is watching. How is the government different from Google?“

The fact is that most of us have, without really thinking about it, surrendered our assumptions of privacy. Someone–it may be Big Brother, or a private company that can be forced to share the information with Big Brother without telling us–is watching and we no longer much care. This attitude has seriously interfered with our ability to work up much outrage.[pullquote]Someone–it may be Big Brother, or a private company that can be forced to share the information with Big Brother without telling us–is watching and we no longer much care.[/pullquote]

There’s another factor. The NSA/CIA/FBI abuses of the 1960s and 70s, revealed in detail by the Church Committee and other investigations did real harm to real individuals and groups. People and groups were targeted for surveillance and sometimes harassment based on their constitutionally protected opinions, speech, and actions. People were outraged because the government’s behavior was outrageous.

So far, at least, no one has been able to point to any harm to individuals or groups that has been caused by NSA surveillance. Most Americans regard their government as mostly benign and the threat raised by government information collection is very abstract. As Matt Blaze of the University of Pennsylvania pointed out at the Computers, Freedom, Privacy conference in Washington, most Americans are comfortable with the government having the information as long as Barack Obama or George W. Bush wan in charge (though few people are equally comfortable with both), but almost no one would trust Richard Nixon with it. Nixon is safely out of the picture.
Personally, I am far more bothered by NSA vacuuming up records on every phone call made in the U.S. than I am by the PRISM program for collecting internet data. There is still much we don’t know, and probably never will know, about PRISM, but it sounds mainly like a streamlined system for NSA to retrieve targeted information, officially only on ”non-U.S. persons,” from internet companies.

On the other hand, the collection of phone data gives the government a shockingly complete record of our lives. In many ways, this so-called metadata is more useful than the content of the calls themselves because the data can be parsed by computer. Courts have long imposed a much weaker standard for the collection of call data, which requires only a subpoena, than for content, which requires probably cause and a wiretap warrant. But those rules were written before computers made the analysis of data far more powerful and potentially far more destructive of privacy.

At the CFP conference, NSA whistleblower Thomas Drake has a friendly audience for his attacks on NSA suspicionless surveillance. His bitterness at the agency is understandable, since it hounded and (unsuccessfully) prosecuted him for revealing financial mismanagement more  than any intelligence secrets. But he went over the line when he compared the NSA to the Stasi, the East German secret police that set the Warsaw Pact standard for spying on its own citizens.

But the Stasi destroyed lives by the thousands for sins, real or imagined, turned up by its snooping. So far, there is no evidence NSA’s  collection of information has been abused, again accounting for the lack of any real public outrage. But it is sitting there on the NSA’s computers and that is dangerous, given our own history of abuse. Maybe this information has been useful for disrupting some terror plots, but we need a discussion of whether it was worth the price–a discussion in which the government has been unwilling to engage.