Spinning, Sinning and Spying

From Israel’s Benjamin Netanyahu to Germany’s Angela Merkel to… er… you and me, the National Security Agency has engaged in the most intensive (known) electronic eavesdropping campaigns in history. Edward Snowden’s revelations snowball with each passing day. Most Americans seem not to care, but legislators from both sides of the aisle seem to be beginning to take notice. We have completely alienated so many international leaders that our foreign policy even to our allies has transformed into damage control. Rumors have it that Boeing lost a huge, multi-billion dollar order for Brazil’s national airline to Europe’s Airbus immediately after disclosure that the NSA had and was tapping the phone calls even within the Brazilian president’s phones. We haven’t even proved that we’ve gleaned any useful anti-terrorism information from such high-level surveillance.

On December 15^th, CBS’ once-respected 60 Minutes program presented a puff-piece under the guise of an “inside” look at NSA’s surveillance operations, with special interviews and a whole pile of self-serving statements by a soft-spoken NSA Director, General Keith Alexander, and others from within the agency. The entire interview process was conducted by John Miller, a former intelligence community official (who once worked for the Office of the Director of National Intelligence, which oversees the NSA). The interviewees stressed that while they may have targeted named individuals overseas, unless there was a warranted and targeted American, all that was being collected domestically was metadata: times, dates and locations of communications without names or other identifying characteristics.

Alexander stressed that in order to concentrate information that might involve different telephone carriers or Internet Service Providers (on each side of a communication, since different companies might represents different consumers), it was much more efficient to store all that data on one set of central servers, all to be examined in the future should there ever prove to be any relevant links, rather than require the carrier to store that information for possible future retrieval. He kept stressing how anonymous the process was and how individual communications were simply not examined at all. Was this an infomercial or a paid program by the NSA? It might as well have been.

But one of the statements from the good General seemed began to haunt me. Exactly how “anonymous” were those stored “metadata” communications? The December 26^th, theVerge.com address how accessible this data really is: “To supporters, the metadata collection is a limited system that's rarely queried and doesn't contain enough information to be considered an invasive search: the NSA has said it doesn't collect either the content of calls or the names attached to phone numbers. As many technology and legal experts on the other side say, though, metadata matters, and a Stanford Security Lab project demonstrates that removing names from a database doesn't effectively mean much.

“[In November], Patrick Mutchler and Jonathan Mayer released an Android app called MetaPhone that allowed them to pull phone records — with permission — from users' phones. In an ongoing series, they're now showing what can be gleaned from that information: most recently, how easy it is to correlate numbers with names. First, they simply pulled 5,000 numbers from their MetaPhone dataset and checked them against Facebook, Yelp, and Google Places; these three services let them match 27.1 percent of the numbers with a name or business. From there, they looked at a smaller set of 100 numbers, approximating what might happen if a team of analysts manually searched through metadata. A Google search of each number pulled up an individual or business name for 60 of the 100 in under an hour; running the numbers through the Intelius public records database identified 74 of them. By combining the results of all searches, Mutchler and Mayer could identify 91 of the numbers — and, as they rightly point out, they have access to much less information than the NSA, though 100 numbers is a tiny, nonrepresentative fragment of the full database.”

This is based on the efforts of folks with limited resources. If you add the number of analysts and the supercomputers to the ultra-sophisticated software that are the essence of the NSA’s surveillance operation, the ability to crack into that anonymous information and secure all of the identifying information as well as the contents is a total slam dunk that can be accomplished in minutes if not seconds by any inquiring technician who knows how to bypass the passwords in the system. And if the inquiry is mandated from “upstairs,” those passwords are simply provided. The NSA has already abused the system, and there are numerous reports (specifics have been provided in earlier blogs) where information on local criminal activity was “leaked” to local police who could then feign a reason to stop and search without revealing how the inquiry was motivated.

The issue, unless resolved by a rather dramatic restructuring currently under consideration by the Obama administration, has created conflicting decisions at the federal district court level, which is likely to wend its way up to the U.S. Supreme court for final determination: “A federal judge on [December 28^th] found that the National Security Agency’s bulk collection of millions of Americans’ telephone records is legal and a valuable part of the nation’s arsenal to counter the threat of terrorism… U.S. District Judge William Pauley said in a written opinion that the program ‘represents the government’s counter-punch’ to eliminate al-Qaida’s terror network by connecting fragmented and fleeting communications…

“Pauley’s decision contrasts with a ruling [on December 16^th] by U.S. District Court Judge Richard Leon [in the District of Columbia], who granted a preliminary injunction against the collecting of phone records of two men who had challenged the program. The Washington jurist said the program likely violates the U.S. Constitution’s ban on unreasonable search.” Washington Post, December 28^th.

For those who support the system, they argue that who knows what terrorist attack might be thwarted by having this information readily available? Possibly. But exactly what price do we pay in freedom and privacy along the way? Are we so jaded that we really don’t believe that privacy is even possible anymore, so who cares? In the end, are we becoming more like the enemies we seek to contain than the free and democratic nation we purport to be under the guise of national security? Are we maintaining such intrusive surveillance systems because we can and they might be useful someday or because if we do not, we will be repeated attacked and decimated? Who exactly are we anymore?

I’m Peter Dekom, and from the showmanship of airport security to the sweeping surveillance activities from the NSA, are we really the America we all once believed in?