What's the Big Secret?
Marty, David, Orin,
PRINT
DISCUSS
E-MAIL
RSS
RECOMMEND...
Facebook
MySpace
Mixx
Digg
Reddit
del.icio.us
Furl
Ma.gnolia
Sphere
StumbleUponHere's my problem: We are asking an awful lot of our filters. In a recent New York Times op-ed that I otherwise disagreed with, Philip Bobbitt made an important observation: Whereas in the past the government tended to wiretap in order to gather evidence or intelligence from a foreign agent, today, "the purpose of the interception is to determine whether the person is in fact an agent at all." The threshold question for the NSA is, who should we be listening to? So, Bobbitt continues, they "build from a known element in a terror network—a person, a telephone number, a photograph, a safe house, an electronic dead-drop—to some picture of the network itself." Needles in haystacks make for a slightly misleading analogy here, because the spies don't even have the certainty that it's a single, hidden needle they're after. There might be lots of needles. There might be none.
If, as David hypothesizes, the government gained permission to monitor every call transiting an international switch and calibrated its filters to scan the metadata, and if that scan then flags certain identities, amounting to probable cause for more targeted surveillance of content, then the filters are not only assuming a legal responsibility previously vested in a judge. They're undertaking an exceedingly difficult technical detection job, as well, trying to extrapolate from call-traffic analysis and the links between different phone numbers or ISPs the existence, and location, of terror cells or foreign agents.
And yet one consistent leitmotif in the press leaks over the past couple of years is that our filters suck. Remember that Times report in January 2006 about how the NSA was turning over large numbers of phone numbers and e-mail addresses to the FBI? "Officials who were briefed on the NSA program said the agency collected much of the data passed on to the FBI as tips by tracing phone numbers in the United States called by terrorists overseas, and then by following the domestic numbers to other numbers called." This program has been described as a spider web—and if you imagine the number of contacts you're looking at when you get out to two and three degrees of separation, you're talking about a lot of people.
Sure enough, the FBI started chasing down all those leads, and the vast majority of them were dead ends—innocent people who happened to get snagged in the filter. According to that piece, FBI agents greeted a new batch of "tips" from the NSA by groaning, "More calls to Pizza Hut." And things haven't gotten much better in the interim. The Washington Post had a story over the weekend about how the vast majority of Americans and foreigners whose names are in the federal terrorist screening database have not done something to generate enough probable cause for an arrest.
I talked to Adm. Bobby Ray Inman, former head of the NSA, about precisely this issue last year. He said that eavesdropping is by its very nature low yield: You often have to wade through a lot of noise before you hit on the signal you're looking for. This is understandable, and not a problem at all in the foreign-to-foreign context. But given the lack of transparency here—and the abundance of evidence that whatever predicates our filters have established to identify a possible terrorist are broad enough that they flag a lot of people who aren't in fact terrorists—trusting the filters is a problem.
Here's another: David, you briefly mentioned "minimization," referring to what has traditionally been NSA self-policing when it came to the sometimes-inadvertent collection of Americans' communications. But before the exposure of the Terrorist Surveillance Program at the end of 2005, there was a little-noticed scandal involving John Bolton, of all people, that suggested, to me, at least, that minimization is honored more in the breach than in the execution. During his confirmation hearings to become U.S. ambassador to the UN, in the spring of 2005, Bolton admitted that on a number of occasions when he was at the State Department he had received reports of NSA intercepts between an individual in a foreign country and an individual in the United States. In keeping with minimization guidelines, the identity of the U.S. speaker had been redacted and replaced with the generic "U.S. person." But Bolton wanted to know who those U.S. persons were. So he called the NSA and asked, making no showing of cause other than a general suggestion that knowing who the American was would help him understand the context of the conversation (wouldn't it always?). And the NSA turned over the names, no questions asked. Following this revelation, Newsweek reported that between January 2004 and May 2005, the agency had supplied the names of some 10,000 American citizens in this informal manner to various interested parties in Washington. This story didn't get a lot of play at the time, but I think it's worth revisiting when we weigh the merits of leaving oversight of the NSA's massively expanded capabilities—and false-positive afflicted filters—to the agency itself.
Having said all that, I want to return once again to the Marty Lederman Question and push you a bit on this, Marty. In your first post, you quoted McConnell as saying, "You can go to jail for that sort of thing," and suggested, I think, that this was his response to warrantless wiretapping targeted at the international communications of people in the United States. You then raised the eponymous question: OK, but couldn't the NSA "target" whoever is on the international end of the line, which wouldn't require a warrant, but still manage to collect the U.S. person's international communications? Tell me if I've got this wrong, but my read of McConnell's interview was that he was explicitly answering your question—in the negative. "There's a claim of reverse targeting," he says. "Now what that means is we would target somebody in a foreign country who is calling into the United States and our intent is to not go after the bad guy, but to listen to somebody in the United States. That's not legal … it would be a breach of the Fourth Amendment. You can go to jail for that sort of thing."
So I wonder what all three of you think: Has McConnell explicitly denied that this sneaky targeting-without-"targeting" is going on? Does that put the MLQ to rest?
Best,
Patrick
What It Will Cost You To Deny Illegal Immigrants Health Insurance
Stupid Drug Story of the Week: NBC's Today Show Discovers Huffing
Can the Government Call God Jesus? What About Allah?
How Twilight Made Goth Fashion Mainstream
Is Disney's The Suite Life Making Your Child Into an Evil Lothario?
What Sarah Palin Wrote in Obama's Facebook Feed
Remarks from the Fray:
How quickly we forget, it seems, that the executive, legislative, and executive are all part of the 'government.' What we have here is an argument not about what the government can and can't do, but who in the government can do it. Various people favor various branches, in large part, it seems, because they believe that certain branches share biases they trust and others share biases they don't trust.
All in all, though, a sensible person could question the independence of a bunch of ex-lawyers (judges) and a bunch of ex-lawyers (legislators) - in fact, it is mostly the executive where some variety enters into it; whether we trust them or not is yet another story. In the end, you'd think that judges, cops and lawmakers tend to be in the same camp vis a vis the freedoms of the people.
So, why bother with all this judicial review? Basically to involve more people and slow things down. But do we really want to just gum up the works in fighting terrorism, with the hope that a less powerful government will treat us better? Frankly, if we want a less powerful government, we should probably cut all sorts of mandates, privileges, and so on - eliminate state charity, subsidies, federal regulation of intrastate commerce, etc - and leave the NSA and CIA to do their work fighting terrorism, at least for the moment. The long arm of government into our personal lives starts with the pocketbook, health care, taxes, etc and ends with law enforcement, not the other way around.
--BenK
(To reply, click here.)
Imagine that the government is clever enough that it can come up with a filter that has a 99.99% chance of tagging a non-terrorist communication as non-terrorist, and a 99.99% chance of tagging a terrorist-related communication as terrorist. I think we'd all be impressed. Further guess that as many as 1 out of 10,000 (0.01%) of all the communications under surveillance are terrorist-related.
If you do the math, out of 100,000,000 communications, you'll have 10,000 genuine terrorist communications, 9999 of which you'll correctly tag as terrorist (the other one will slip through the cracks). Of the 99,990,000 non-terrorist communications, you'll correctly tag 99,980,001 of them as non-terrorist, leaving 9999 as false positives. So because terrorist communications are rare, even this very good filter will produce a false positive for every true positive.
And if that 1 out of 10,000 calls is in fact an overestimate, the number of false positives will outnumber the true positives. If only 1 out of 100,000 calls were terrorist-related, then the false positives would outnumber the true positives by about 10 to 1.
And that's ignoring the manpower issue of who's going to drill down into those 19,998 communications tagged as terrorist by the filter, half of which will be a frustrating waste of time.
--StatNerd
(To reply, click here.)
David Kriss says that there is widespread agreement that it is okay for the U.S. government to intercept "foreign-to-foreign" communications without any oversight or accountability. Why is it that Americans, even those who are strong advocates for the right to privacy, can dismiss the privacy expectations of non-Americans without a thought?
Not all foreigners are terrorists hiding out in mountain caverns. Canada is your nearest neighbour, largest trading partner, and a strong friend and ally. When your government closed all U.S. airports on September 11, hundreds of aircraft were diverted to Canada. At the time, no-one knew that there were only four planes involved in the attack, and for all we knew we could have been putting ourselves in harm's way. The authorities in Canada agreed to admit these aircraft into our airspace anyway, and hundreds of Canadian families took stranded American travellers into their homes. Our soldiers have been fighting in Afghanistan since shortly after the invasion, and are suffering casualties at a higher rate than any other forces, including your own.
The NSA has the capacity to monitor the communications of our security services, government officials, businesses, and private individuals. The U.S. Congress has given them free reign to do so, and there is "widespread agreement", among Americans anyway, that this is "appropriate". Why?
--ovation
(To reply, click here.)
What you're doing is a legal analysis of how these programs comport with the jurisprudence and legislation of the past (FISA) and also more recent legislation. This analysis occurs in a relative vacuum.'
It's my understanding that during WWII our security agencies took substantial latitude with privacy protections. If so, were these legal then given wartime conditions? Or was there legislation, since rescinded, that legalized these actions? Or would subsequent jurisprudence make these actions questionable?
Rights cannot be absolute but must be the result of a weighing of threat vs the value of privacy. It would seem obvious that in wartime this balance shifts. Obviously this isn't WWII. But its also not the Cold War. In fact its easy to argue, from a homeland security point of view this situation is more dire than either WWII or the Cold War. Our opponents are indelibly organized to try to kill us in large numbers!!!! They already have.
Then we had other means, more appropriate to the circumstances (armies, planes) to protect us. Now surveillance has gone from a useful auxiliary activity to a primary weapon. So the balance of threat vs. privacy rationally must shift against privacy.
To do so requires action, some of it secret, necessarily on the part of the executive. Such considerations seemingly play no part in your analysis, yet they seem to me to be critical. Obviously in such circumstances we end up relying on the discretion of the executive more than we're used to. Yes there is a greater potential for abuse. But there is a check still.
If discretion is abused in a functional sense that hurts innocent people there will be victims with a cause of action. So far the surveillance programs seem to be victimless "crimes". Or maybe the administration is in fact being reasonable with the program.
--Breaker
(To reply, click here.)
(9/2)