By David K. Shipler
In the rush
after the Paris attacks to step up surveillance, the usual arguments are being
heard on one side about violations of civil liberties, and, on the other, about
obstacles to monitoring because of what CIA director John Brennan derides as “hand-wringing”
over government intrusion. But there is a less visible problem, often mentioned
by former intelligence officials: Excessive, unfocused surveillance has
produced floods of information beyond what the professionals can digest and
analyze.
At an
illuminating panel in Washington two months ago, three former officials of the
National Security Agency—Thomas Drake, William Binney, and J. Kirk Wiebe—made
precisely that point, and if you talk to others who have been in the business, many
of them will tell you the same thing. The petabytes of data that have been
vacuumed up almost indiscriminately since 9/11 are stored untranslated, unread,
and unsifted in digital files, well off the radar of the agents who are charged
with spotting radicals before they commit the next atrocity.
The
American Civil Liberties Union, whose overriding goal is to protect
constitutional rights, came up with the perfect metaphor after the Patriot Act
diluted the Fourth Amendment’s protections in 2001: You don’t find a needle in
a haystack by increasing the size of the haystack. Yet expanding the haystack
is what was done, and is what is now being proposed.
“Each
analyst has to look at 200,000 people,” said William Binney, a
crypto-mathematician who was pressured into retirement after complaining about
NSA practices. As a result, he said, a good deal goes unnoticed, and few terrorist
plots in the United States have been prevented by surveillance.
One example was the attack by two gunmen
last May on an anti-Muslim contest of cartoonists drawing blasphemous caricatures
of the Prophet Muhammad. Police outside the meeting hall in Garland, Texas,
killed the two after one shot a private security guard. “Two days before,”
Binney said, “a member of Anonymous [the hacker collective] tipped off the
police. Our intelligence community said absolutely nothing. They were too
buried in data.”
One of the gunmen, Elton Simpson, had posted a
Tweet earlier that day promoting the Twitter account of Junaid Hussain, a
British hacker who joined the Islamic State in Syria two years before. That
should have been a tip-off, because Simpson was not unknown to authorities. The
FBI began investigating him in 2006, The New York Times reported; he had been charged with lying to agents and in
2011 was sentenced to probation.
But if the NSA had a warrant to
monitor him—legally required because he is an American citizen—it didn’t bear
fruit. Without being inside the agency, it’s impossible to know why, except to
speculate along Binney’s line of reasoning: “buried in data.” Several other
misses or near-misses can be added to that list, including the Boston Marathon
bombing; the underwear bomber in an airliner over Detroit, whose explosives
fizzled; and the aborted bombing in Times Square.
Binney helped develop a sophisticated NSA
program called ThinThread, which “eliminated the need to accumulate and store
all the data,” he said. It had two key properties: It filtered out irrelevant
information, unrelated to people who were not legitimate targets, and it
encrypted the communications of “United States persons,” defined by law as American
citizens anywhere in the world and non-Americans who are permanent, legal
residents of the U.S. Decryption would have been possible only with a key provided
by the Foreign Intelligence Surveillance Court upon granting a warrant.
“We can recognize all the U.S.
citizens right up front—the content flowed right by,” Binney explained. From “the
rest of the world,” where warrants were not required, he said, “we pulled out
only those on the target list.”
So ThinThread could automatically
focus and protect. It was ready eight months before the 9/11 attack, but it was
not deployed. Instead, the NSA went with a much more expensive program,
Trailblazer, developed by a private contractor. It never worked properly, and
after 9/11, the Bush Administration authorized the NSA to monitor Americans
without warrants, using components of ThinThread without the filters that would
guard their privacy.
Binney joined with Wiebe and Drake
to complain to Congress, and then to the Defense Department’s Inspector General,
about both the wasteful outside contract and the warrantless surveillance of
Americans. They were then hounded by the NSA, and after leaks about the
warrantless surveillance to the press, the FBI conducted brutal searches of
their homes. Drake was forced to leave the NSA without his government pension,
was indicted, and was financially ruined before the case against him collapsed.
If there is a vague impression among
Americans that the surveillance has foiled lots of terrorist attacks, it is
incorrect. Many of the most spectacular terrorist plots prevented by law
enforcement in the United States have not relied on NSA surveillance but have
been concocted during sting operations by the FBI, using undercover agents or
informants who have tread close to the line of instigating the crimes.
The FBI equipped a would-be bomber
with a disarmed suicide vest as he headed to the Capitol, offered a dummy
missile to a hapless fellow in New York, and provided an Oregon college student
with a van he thought contained explosives—six 55-gallon drums of inert
material, inoperative blasting caps, and a gallon of diesel fuel to give the
van just the right smell. The FBI even gave him a cell phone, which didn’t
trigger anything except his arrest when he punched in a number.
Granted, intelligence agencies need
to keep track as well as they can without shredding the Constitution.
Encryption apps that seem to stay ahead of the NSA are compounding the problem.
But if officials don’t look squarely at their own processes, they will fail us
again and again.
They are already deflecting blame by
pointing to Edward Snowden’s disclosures in 2013 of the NSA’s massive
collection of meta-data, meaning every phone number and email address contacted
by virtually everyone in the U.S. The revelation prompted the Obama
administration to curtail the program, which had invaded everyone’s privacy but
had never interrupted a single terrorist attack. And major assaults had
occurred before Snowden leaked the documents, so the allegation that he’s
responsible is unsupported.
More serious is the fact that the
culture of massive collection has gone unrecognized and unaddressed. By shining
too many lights on too many innocents, it creates blindness.
The collection mania was even a
problem for the Soviet KGB in pre-Internet days, much to the benefit of political
and religious dissidents. Once, a small group of Christian fundamentalists passed
the word to American correspondents, face-to-face, that they planned a
demonstration in Red Square to demand the right to emigrate to the West, where
they could practice their religion freely.
As we reporters arranged with one
another to cover the protest, we talked only in person, usually outside and
away from the microphones we assumed were planted in our offices and
apartments. We avoided the phones, of course, which were surely tapped. But an
hour or so before the appointed time, my office phone rang, and a colleague
from another news organization asked if I would be going to the demonstration
in Red Square at noon. I was stunned by his carelessness, told him I had
planned to, but doubted that it would happen now, with the KGB alerted.
Still, a few of us set off in a car,
past the KGB guard at the entrance to our apartment house, and down to Red
Square. Surprisingly, there was no police contingent in the square except for
the one or two officers who usually patrolled lazily. We saw the small cluster
of demonstrators, waiting for the correspondents. When we arrived, they
unrolled a huge cloth banner they’d been hiding and stood with it for what
seemed like an age, until one of the uniformed cops saw them, did a double
take, and rushed over to grab the sign. A few plainclothes agents, also stationed
routinely in the square, ran to provide reinforcements, but too late. The
banner was ripped away, and the demonstrators were arrested. But they’d gotten
their message out to the world, as they had intended.
I’ve thought since that the KGB must have had so many reels of taped conversations from our phones that translators and
transcribers were way behind. I wonder whether anybody in the agency took a
lesson from the incident about the indiscriminate collection of too much
information.
No comments:
Post a Comment