For all that, people everywhere need better ways to rebut damaging conclusions that may be drawn from automatic analysis of electronic information. It would not be acceptable if, for example, an innocent non-American landed irrevocably on an international no-fly list, or were deprived of a bank account, just for being a pious Muslim who studies chemistry and likes aeroplanes.[11] Though such worries are widespread, especially about how such capabilities might be abused in future, examples of things actually going wrong right now are remarkably scanty. Snowden has claimed:
I, sitting at my desk, could wiretap anyone, from you or your accountant to a federal judge or even the president, if I had a personal e-mail.[12]
That is a shocking claim. But it depends heavily on the world ‘could’. He ‘could’ also have set fire to his desk. Neither form of behaviour is condoned by the NSA. Both arson and warrantless wiretaps of random Americans are punishable. With a million-plus stolen documents at their disposal, the worst case involving deliberate intrusion into individual privacy—in America or abroad—that the Snowden camp has been able to come up with so far involves six radical Muslims (one of them with American connections) whose penchant for online pornography and contact with under-age girls had come to the attention of the NSA. The agency appears to have been mulling a leak of this information, as a possible means of discrediting them and their role as propagandists for violent and extremist forms of Islam.[13]
Another slide (actually highlighting the need to stay within the law, however irksome or inconvenient it might be) implied that an unnamed ‘restaurant in Texas’ might be the subject of surveillance if drug runners were meeting there.[14] The context was not a recommendation, but a warning to NSA staff not to repeat the errors of Minaret, a warrantless wiretapping programme in the 1960s and 1970s whose targets included Martin Luther King and Senator Howard Baker.[15]
That story of the targeted Muslims (if true) raises some serious questions: who would make the decision about initiating such official smears; how would they be conducted; what level of threat or nuisance would be sufficient to trigger this tactic; and what redress would someone have if the smear turned out to be incorrect? Such hypothetical questions are more troubling than—so far—the reality.
The legal framework for counter-terrorism, government hacking, data and meta-data collection, and rules on searches and seizures when international travel is involved is a work in progress. That is not the same as a closed system in which no challenge is possible. Checks and balances in a free, law-governed society do not depend on perfection for their legitimacy. The actions of the NSA and other agencies are directed by elected leaders and subject to scrutiny by lawmakers and by judges. That oversight could be better. But it is not negligible or useless (as it is in the authoritarian countries about which the Snowden camp is so strangely silent). Outcomes vary. At the time of writing, a judge in the District of Columbia had ruled that meta-data collection was illegal, while another judge in New York, in a different case, had given an opposite ruling.
As Inkster argues, even the term ‘mass surveillance’ is a misnomer. It implies that governments systematically monitor the content of the communications of their citizens—reading e-mails, listening to phone calls—and take actions against them as a result. In fact, he says:
The NSA and its partner agencies have been running huge quantities of communications meta-data through computer programmes designed to identify extremely small target sets on the basis of very strict criteria… searching the haystack for fragments of needles.[16]
An American blogger, Dan Conover, puts it like this:
The public media freak-out over NSA data collection misses the primary point of those systems entirely: the NSA’s e-mail meta-data campaign is designed to efficiently collect and then discard information. Not because the NSA is a civic-minded agency that wants to protect our theoretical privacy, but because your personal e-mail isn’t the target… The NSA sucks in massive amounts of meta-data because it’s searching for a subtle signal (some indication of covert terrorist communication) in a vast sea of static (like me e-mailing a fantasy football trade offer to my buddy). Got it? The system isn’t designed to care about you and your private data. It’s designed to efficiently eliminate anything it determines to be ‘not bad guy’.[17]
Even Snowden himself justifies his leaks not by alleging that we live in a world akin to Orwell’s 1984,[18] but by claiming that we are heading that way. I dispute that. But what is hard to deny is that in their attempts to forestall this hypothetical threat, he and his friends have done huge, practical damage right now.
Chapter One: Real Intelligence
Every country with the capability to spy does so. Dictators like to control their subjects and bully their neighbours. Democracies want to stay safe, free and prosperous. In each case, decision-makers like to have the best available information, which includes where possible knowing adversaries’ secrets. Good intelligence minimises surprises, widens choice and strengthens negotiating positions. It can come from inference, from open-source material, from electronic snooping, and from human sources: getting people to break promises and betray secrets.
Intelligence is collected in the full knowledge that the other side is doing just the same thing. Complaining that intelligence officers steal secrets is like complaining that diplomats dissemble, or that journalists simplify and exaggerate: it is what they are paid to do. Big countries do it more than small countries, and America, the richest and most powerful country in the world, does it most of all.
When it comes to collection of electronic information about their own citizens, however, other countries adopt practices which leave America looking like a bunch of milquetoasts. Russia’s extensive and intrusive system of internet monitoring is both widely known and attracts little controversy.[19] France allows surveillance of internet users, in real time and without prior legal authorisation, by public officials including police, intelligence and anti-terrorist agencies as well as government ministries.[20] A law expanding these powers was passed in December 2013, just weeks after France expressed outrage that the NSA had allegedly been engaged in similar activities there. Spying is necessarily conducted in secret, partly for operational reasons but also to save face (among victims and practitioners). Espionage is not glamorous, despite its Hollywood depictions. It is just another government bureaucracy—albeit one which involves behaviour that is always disreputable (telling lies) and often illegal (using false identities, bribing, bullying, breaking into buildings, tapping phones). Ruses, stunts, mischief and gadgets may look rather ridiculous in the cold light of day, so espionage is a tempting target for outside suspicion, investigation, denigration and ridicule.
Any politician or senior official involved in international negotiations knows that spying is routine. You have to be careful what you put in texts or e-mails, and what you say on any kind of phone, unless you have some advanced security measures in place. Even then, electronic communications are vulnerable to a sophisticated attacker. That is why serious governments have special venues for their important meetings. These typically have no windows (which are vulnerable to the use of long-range microphones involving the clever use of lasers). They are usually deep within secure government buildings. Mobile phones and other gadgets must be left outside in lead-lined lockers. This is annoying, but it is a fact of life.
11
See http://www.lawfareblog.com/2014/01/a-game-changing-ruling-in-the-no-fly-list-case.
It is worth noting that the plaintiff, a foreigner contesting the Department of Homeland Security’s decision to put her on a no-fly list, launched her lawsuit well before the Snowden revelations, and seems to be heading for vindication.
12
The claim was first made in his video interview on June 10th, available at: http://www.theguardian.com/world/video/2013/jun/09/nsa-whistleblower-edward-snowden-interview-video and elaborated here: http://www.theguardian.com/world/2013/jul/31/nsa-top-secret-program-online-data
13
‘Top-Secret Document Reveals NSA Spied on Porn Habits as Part of Plan to Discredit “Radicalizers”’, http://www.huffingtonpost.com/2013/11/26/nsa-porn-muslims_n_4346128.html
14
‘In 2009, NSA Said it Had a “Present Example” of Abuse Similar to Project Minaret’, http://www.emptywheel.net/2013/11/27/in-2009-nsa-said-it-had-a-present-example-of-abuse-similar-to-project-minaret
15
A collection of documents on these and other past intelligence abuses can be found at http://www.maryferrell.org/mffweb/archive/docset/getList.do?docSetId=1014
17
18
In his novel
19
From July 2014, for example, Russian ISPs may be obliged to store records of all data and users’ activities for a period of 12 hours, providing direct and immediate access by the FSB. This will be a costly burden on the ISPs, and will also raise security concerns. Andrei Soldatov and Irina Borogan, a brave husband-and-wife couple, have tried their best to write about the Russian security state. I strongly recommend their website, agentura.ru, and their book