Edward Snowden, current fugitive and former government intelligence employee, gave the press classified information about a surveillance program known as PRISM. Snowden’s motivations, justifications, credulity and credentials are all being heavily scrutinized, and his global game of Carmen San Di-leaker has turned him into a high-profile man, his ethics picked apart.
Snowden’s decision to release information should be — and is being — examined. But the amount of scrutiny leveled at Snowden’s choice to leak has been more intense than the amount of scrutiny aimed at the program itself. This is problematic, since the program itself is a flagrant violation of the U.S. Constitution, and a disturbing indicator that the government has prioritized an agenda to ensure all possible data is collected regarding terrorist activity before an agenda that protects personal freedoms.
Initial reports surrounding the NSA’s surveillance programs painted a positively dystopian portrait, with op-ed writers comparing the U.S government to George Orwell’s omnipresent Big Brother.
Reading passages from “1984,” it’s not hard to see why the leak piqued the interest of readers: “It was even conceivable that they watched everybody all the time,” Orwell wrote. “But at any rate they could plug in your wire whenever they wanted to. You had to live — did live, from habit that became instinct — in the assumption that every sound you made was overheard, and, except in darkness, every movement scrutinized.”
Now, every movement is not being scrutinized, and there is no malevolent team of Thought Police lurking menacingly over projections of your diary, contemplating your arrest for critical entries. But the amount of information the NSA has access to through the PRISM program — and other programs, including UPSTREAM, which monitors telephone metadata and offers the NSA direct access to Internet and phone traffic data — is certainly robust enough to inspire shivers in the spines of speculative fiction writers as well as ordinary citizens opposed to living under what amounts to a digital panopticon.
So to what extent is the NSA spying on American citizens? The Electronic Frontier Foundation provides a comprehensive portrait of the program’s depth on its website, using information provided by former AT&T technician Mark Klein.
“It works like this: When you send an email or otherwise use the Internet, the data travels from your computer, through telecommunication companies’ wires and fiber optics networks, to your intended recipient. To intercept these communications, the government installed devices known as “fiber-optic splitters” in many of the main telecommunication junction points in the United States (like the AT&T facility in San Francisco). These splitters make exact copies of the data passing through them. Then, one stream is directed to the government, while the other stream is directed to the intended recipients.”
But who is the NSA spying on?
While proponents of the program took pains to note that there weren’t eyes on every single person’s Facebook pages or phone records at all times, remarks made by NSA deputy director Chris Inglis made it clear that this surveillance network is extensive. In Congressional testimony, Inglis revealed that the NSA looks at information from people “two or three hops” away from a suspected terrorist.
“Two or three hops” might not sound like much, but it can amount to up to 27 million people under the surveillance umbrella due to just one suspect. Assuming there is more than one person of interest, this means the whole nation could reasonably fall under the umbrella. It’s ludicrous scope creep, in which the original objective of targeting terrorists is completely superseded by a program that paints almost anyone on a computer in the U.S. as a potential suspect worthy of examination without warrant.
Because the current “three hop” system gives the NSA permission to look at basically anyone with a computer or phone, the amount of data the agency has would be impossible to analyze on a case-by-case basis. This is deeply problematic, even if the NSA only resorts to these “hops” if they have a concrete lead. It is unclear how often the agency pursues connections to suspects, so the exact level of data collection and analysis is unknown.
James Bamford delves into the history of the NSA’s surveillance programs in an excellent article in The New York Review of Books. In it, he points out that PRISM and UPSTREAM may merely be smaller programs within an even more comprehensive surveillance apparatus. This line of thinking fits in with claims made by Sen. Ron Wyden, D-Ore., that the program’s boundaries extend beyond what was previously thought. As a member of the Senate Intelligence Committee, Wyden is privy to classified information about PRISM.
Bamford also cites the information Snowden released to paint a picture of the scope of PRISM. “According to a recent slide released by Snowden, the NSA on April 5, 2013, had 117,675 active surveillance targets in the program and was able to access real-time data on live voice, text, email or Internet chat services, in addition to analyzing stored data.” Now, the NSA is supposed to be required to contact the Federal Intelligence Surveillance Court if it wants to delve into the contents of an email, Facebook message or other personal communication — but that step is waived if dealing with a person under suspicion or someone connected to that person.
Keeping in mind the “three hops” policy, that number of active surveillance targets suggests that the NSA could justify keeping tabs on just about anybody. And for people outside of the U.S., the NSA doesn’t even have to justify their surveillance methods with hops, so the possibility for electronic eavesdropping is nearly ever-present.
So we know who the NSA has the ability to spy on, and it’s pretty much everyone.
That we do not know how they use the information they are able to collect, or their methods for selecting targets, is largely irrelevant. The fact that this agency is equipped to continuously monitor the digital movements of so many people is morally problematic.
The NSA is violating the Fourth Amendment just by exercising its ability to engage in this type of surveillance, whether or not its actual analysis is as in-depth on an individual basis as many fear. This kind of mass surveillance denigrates civil liberties and establishes a baseline in which ordinary citizens can have their private communications examined as evidence of wrongdoing without a warrant or their knowledge.
And make no mistake: This kind of mass surveillance is happening. The Associated Press makes that very clear in an article examining the larger history of surveillance in the United States:
“The NSA is prohibited from spying on Americans or anyone inside the United States. That’s the FBI’s job and it requires a warrant.”
Despite that prohibition, shortly after the Sept. 11 terrorist attacks, President George W. Bush secretly authorized the NSA to plug into the fiber optic cables that enter and leave the U.S., knowing it would give the government unprecedented, warrantless access to Americans’ private conversations.
Tapping into those cables allows the NSA access to monitor emails, telephone calls, video chats, websites, bank transactions and more. It takes powerful computers to decrypt, store and analyze all this information, but the information is all there, zipping by at the speed of light.
“You have to assume everything is being collected,” said Bruce Schneier, who has been studying and writing about cryptography and computer security for two decades.
This level of surveillance obliterates the concept of privacy by asking people to accept that their actions may be recorded and monitored at any time, regardless of what kind of behavior they are engaging in. This is a controversial concept when you bring in the CCTV installed in many major cities, but those cameras only point at public places. The NSA’s program looks at communications that are explicitly meant to be private, such as emails between lovers. The idea that people do not deserve or have a right to privacy when they are using an electronic device is absurd, especially as these devices become primary means of communication.
And this level of surveillance is clearly at odds with the Fourth Amendment, which requires that the government demonstrate valid individualized suspicions before collecting information on a subject. If these programs are allowed to continue they will undermine the value of the entire Constitution, not just the Fourth Amendment.
Kenneth Roth, a former federal prosecutor, puts forth a cogent outline for what needs to change.
“The government’s new and intrusive capacities should prompt a rethinking of the law. The rationale that we have no privacy interest in our metadata because we share it with phone or Internet companies to route our communications was always a fiction. After all, this routing information is in the same stream of electrical data that includes the contents of our communications. Both are shared with phone and Internet companies by necessity, but for a purpose: to enable our communications in the modern era, not to share them with anyone but their intended recipients. These companies should not be understood as random third parties to whom in choosing to expose our electronic activity we can be said to forego legitimate expectations of privacy. Instead, they should be viewed as custodians of today’s dominant forms of communication with a duty to protect their confidentiality. Only if the government has been able to demonstrate extraordinary circumstances — generally, by obtaining a targeted court order reflecting probable cause to believe that the communications in question contain evidence of criminal activity to which access is needed — should this confidentiality be broken.”
Roth’s statement is especially important because it identifies the technology companies as information custodians. Google, Facebook, AT&T and the other companies the NSA taps for data are on the hook with their users. It is a reasonable statement to make that people who use these services did so in the past understanding that their information may have been monitored in some way, but the scope of the NSA program far exceeds the amount of potential surveillance one would expect (now that we know about PRISM, of course, people may have to change their assumptions).
Companies like Google and Facebook, which frame themselves as progressive, people-oriented agents of innovation, have engaged in their own extensive data brokerage that collects information from users and bundles it in a way that makes the information meaningful to marketers — an ethically dubious practice.
But however problematic their private data collection practices are, these technology companies are now a citizen’s potential ally when it comes to putting up a buffer between the NSA and data. Unfortunately, considering the history of many of the major telecommunications and digital companies involved in the PRISM program and other government surveillance programs, a robust defense from these companies is unlikely. Google, for instance, does not believe that Gmail users have a legitimate reason to expect privacy.
There are two ways the NSA’s program can be neutered to protect citizens: Companies can resist cooperation, and legislators can change laws to prohibit the current level of surveillance.
Unfortunately, the people of the United States cannot count President Obama as a champion of their right to privacy, as the president has hemmed and hawed on the subject, using what New Republic writer Jeffrey Rosen called “Clintonian equivocations” to explain away the depth of these programs.
Legislators attempted to fix the situation by introducing the Justin Amash Amendment to shut down the surveillance programs, but the bill was voted down. Still, Congress’ continued high level of interest might spur similar bills that make it through and re-establish the importance of upholding the Fourth Amendment.
Until then, American citizens and people all over the world who use the Internet need to assume that the U.S. government has access to a disturbingly broad swath of personal information about them based on emails, browsing histories and other online activity.
Kate Knibbs is a writer and technology news analyst from the southwest side of Chicago. Reach her at email@example.com, or check out her Twitter at @kateknibbs.