Where Does the Eavesdropping Scandal End?
In a commentary some weeks ago I wrote of the danger that the National Security Agency (NSA) might apply the techniques of radio traffic analysis to citizens even as it perceived them as targets. In the New York Times, James Risen and Laura Poitras report that the NSA has been conducting “large-scale graph analysis” against targets, enabling them to map the social networks of individuals. This kind of mapping is precisely what was embodied in traffic analysis in its earlier form. According to the Times report President George W. Bush approved this kind of spying in 2008 and, under the Obama administration, the NSA re-confirmed this authority in a 2010 intelligence directive. Dropping the so-called “minimization rules” that supposedly protect citizens in the NSA’s collection of telephone metadata, the more recent directive allows spooks engaged in social network mapping to discard regulations that confine their eavesdropping to foreign intelligence targets.
The power of this form of espionage is blindingly apparent: the NSA analysts are able to link phone logs with email communications plus “enrichment data,” including bank codes, insurance information, property records, certain tax records, voter registration records, passenger travel manifests, and Facebook profiles. All of this is at the mass level, not that of discrete inquiries or investigations. It represents a monumental intrusion into privacy. The depth of the picture of an individual which can be assembled from the combination of these sources is staggering. In mid-September NSA inspector general George Ellard admitted that since 2003 there have been a dozen documented cases of “intentional misuse” of agency powers -- “LOVEINT,” or love intelligence is the slug -- in which officers had targeted girlfriends, boyfriends, husbands, or wives with the agency’s intrusive monitors. The mass collection encourages abuse. Reputedly Edward Snowden wrote in one email that he could target the President of the United States, if he wanted to, with a few strokes of the keyboard. Apocryphal or not, that makes the same point -- and the social network mapping makes that danger even more potentially damaging.
Nothing better illustrates the proclivity of the intelligence agencies to pick and choose from the legal codes to “justify” their activities. The outdated character of the 1979 Supreme Court decision on “business records,” which remains the sole legal underpinning of this intrusive spying, is apparent here. Even though permitting the use of that information -- for the limited purpose of individual investigations -- that decision framed a requirement for “relevance,” in legal terms a specific need for particular data for a specific investigative purpose. The spooks have construed business records to embody every imaginable sort of “metadata,” and stretched relevance far beyond its legal meaning, to include all records, in an open-ended, general inquiry. That the Foreign Intelligence Surveillance Court accepted this interpretation provided by agency lawyers is a good demonstration of its weakness as an oversight mechanism. All citizens’ data is collected, in the here and now, because some may be relevant, or become relevant in the future. One leaked 2011 memo discloses that, after a court decision narrowing the range of data NSA might permissibly collect, material ruled illegal was “being buffered for possible [later] ingest.” It is quite clear that the intelligence agencies here shunt the Fourth Amendment to the side.
The cynicism involved is appalling. Secrecy mavens at the agencies routinely use the Privacy Act, which provides further protections in this regard, to shield declassifiable information about intelligence officials acting in their official capacities, while with the other hand creating the means to violate the privacy of all citizens on an unimaginable scale. –And the evidence indicates the agencies have continued to press for even more latitude for their data vacuuming. This is a dual-standard and a positive embarrassment.
Even amid this scandal the intelligence agencies continue their charade before the other oversight body, the Congress. To Director of National Intelligence James Clapper’s flat denial this past spring that U.S. intelligence collects any information about Americans can now be added fresh prevarications. The NSA is building a huge facility in Bluffdale, Arizona, to house all this data it collects. Last year, when author James Bamford linked that facility to NSA metadata collection programs, director General Keith B. Alexander denied the agency held data on American citizens. In line with the current administration “solution” for this scandal, last week on Capitol Hill General Alexander talked up the possibility of keeping the data in lockboxes run by the private communications companies. As Senator Ron Wyden put it to Times columnist Maureen Dowd, “Alexander put a lockbox on information he’s told the public he does not have.” Asked if the NSA had ever collected or planned to collect data based on the call tower locations from which cell phone transmissions were detected, Alexander answered that it had not done so as a part of the metadata program, but that a more complete answer would be classified.
Director Clapper told the same hearing of the Senate Select Committee on Intelligence (SSCI) that the leaks “have been extremely damaging” to national security, that “there’s no way to erase or make up for the damage that has already been done.” Clapper and Alexander are shortsighted in attributing all damage to the leak rather than to the intelligence activities themselves. In the case of snooping on individual’s actual positions by recording tower locations, for example, what happens when it emerges the NSA is already doing this, or goes ahead and does this in the face of the current scandal, and the interceptions involve American citizens? Available evidence suggests that eventuality will be nearly impossible to avoid. A report from the NSA inspector general which emerged earlier this summer showed that fully a third of the privacy rule violations admitted for the first quarter of 2012 involved insufficient or inaccurate validation of the legal bases for interception -- and the rules for social network mapping have been diluted.
The SSCI is in a quandary about how to proceed. Senator Diane Feinstein (D-CA), a true believer in this misguided program, is at work on a milquetoast “reform” bill that will create the arrangement General Alexander wants, along with a few more cosmetic measures. It is likely that the lockbox scheme will turn into a mechanism to funnel money to communications providers for spy work, a possibility with ominous implications for citizens everywhere. Senators Ron Wyden and Mark Udall (D-CO) are preparing a bill that will simply prohibit the eavesdropping, which Feinstein promises will never get out of the committee. No one is calling for a full-bore public investigation of this family jewel -- another illustration of the inadequacy of the existing intelligence oversight mechanism. Senator Patrick Leahy (D-VT) of the Senate Judiciary Committee is separately preparing legislation to curb NSA eavesdropping.
Meanwhile the diplomatic price of the NSA scandal continues to mushroom. The latest word is that U.S.-European discussions of an accord to regularize espionage activity are collapsing. At the Group of 20 meeting in Moscow Brazilian President Dilma Rousseff had words with President Obama over the NSA, and she cancelled a planned state visit to Washington. President Rousseff followed with a public lambasting in her speech at the opening session of the United Nations General Assembly on September 23. “Without the right of privacy there is no real freedom of speech or freedom of opinion, and so there is no actual democracy. Without respect for sovereignty, there is no basis for proper relations among nations,” Rousseff declaimed. Brazil is now proposing the United Nations enact rules governing cyberspace, and its government is taking steps to create its own telecommunications channels to complicate NSA intrusion. Brazilian citizens are taking to the email airwaves to flood the NSA monitors with spurious messages deliberately attracting their attention. No doubt others will follow if they haven’t already. Despite the NSA’s enormous capability the signal-to-noise ratio will rise to such levels that discriminating real terrorist messages from innocent lampooning will become increasingly difficult. Even the stalwarts of Fort Meade will be tested.
This is real national security damage. But it is not the leak which caused the damage it is the actions of the National Security Agency. By switching from the discrete, targeted operations it has always conducted to wholesale interception of everything, the NSA not only created conditions that led to moral qualms and encouraged disillusioned officers to become whistle-blowers, it established a mechanism that could readily serve as a target for global opprobrium. If Snowden had not revealed this someone else would have -- or some chink in the system would have blown it into the open. The excess of enthusiasm which drove the constant expansion of the eavesdropping only magnified this probability. The NSA scandal was a time bomb waiting to explode. Other countries will go the way of Brazil and shield their communications. The endpoint will be that American citizens will be the only ones whom the NSA can safely intercept. It is time to end this nonsense.