Data and Goliath
Page 44
In 2014, I was invited: Bruce Schneier (16 Jan 2014), “Today I briefed Congress on the NSA,” Schneier on Security, https://www.schneier.com/blog/archives/2014/01/today_i_briefed.html.
There’s also political risk: Peter Wallsten (10 Aug 2013), “Lawmakers say obstacles limited oversight of NSA’s telephone surveillance program,” Washington Post, http://www.washingtonpost.com/politics/2013/08/10/bee87394-004d-11e3-9a3e-916de805f65d_story.html. Glenn Greenwald (4 Aug 2013), “Members of Congress denied access to basic information about NSA,” Guardian, http://www.theguardian.com/commentisfree/2013/aug/04/congress-nsa-denied-access.
Executive Order 12333: John Napier Tye (18 Jul 2014), “Meet Executive Order 12333: The Reagan rule that lets the NSA spy on Americans,” Washington Post, http://www.washingtonpost.com/opinions/meet-executive-order-12333-the-reagan-rule-that-lets-the-nsa-spy-on-americans/2014/07/18/93d2ac22-0b93-11e4-b8e5-d0de80767fc2_story.html. Charlie Savage and Alicia Parlapiano (13 Aug 2014), “Two sets of rules for surveillance, within U.S. and on foreign soil,” New York Times, http://www.nytimes.com/interactive/2014/08/13/us/two-sets-of-rules-for-surveillance.html. Ellen Nakashima and Ashkan Soltani (23 Jul 2014), “Privacy watchdog’s next target: The least-known but biggest aspect of NSA surveillance,” Washington Post, http://www.washingtonpost.com/blogs/the-switch/wp/2014/07/23/privacy-watchdogs-next-target-the-least-known-but-biggest-aspect-of-nsa-surveillance. Charlie Savage (13 Aug 2014), “Reagan-era order on surveillance violates rights, says departing aide,” New York Times, http://www.nytimes.com/2014/08/14/us/politics/reagan-era-order-on-surveillance-violates-rights-says-departing-aide.html.
It is supposed to: Alex Abdo (29 Sep 2014), “New documents shed light on one of the NSA’s most powerful tools,” Free Future, https://www.aclu.org/blog/national-security/new-documents-shed-light-one-nsas-most-powerful-tools.
the president believed: Marcy Wheeler (7 Dec 2007), “Whitehouse reveals smoking gun of White House claiming not to be bound by any law,” Empty Wheel, https://www.emptywheel.net/2007/12/07/whitehouse-rips-the-white-house.
The example the administration: Justin Elliott (17 Jun 2013), “Remember when the Patriot Act debate was all about library records?” Pro Publica, http://www.propublica.org/article/remember-when-the-patriot-act-debate-was-about-library-records.
Eventually they decided to argue: Mike Masnick (17 Sep 2013), “Court reveals ‘secret interpretation’ of the Patriot Act, allowing NSA to collect all phone call data,” Tech Dirt, https://www.techdirt.com/articles/20130917/13395324556/court-reveals-secret-interpretation-patriot-act-allowing-nsa-to-collect-all-phone-call-data.shtml.
Even Congressman Jim Sensenbrenner: Andrea Peterson (11 Oct 2013), “Patriot Act author: ‘There has been a failure of oversight,’” Washington Post, http://www.washingtonpost.com/blogs/the-switch/wp/2013/10/11/patriot-act-author-there-has-been-a-failure-of-oversight.
“It’s like scooping up”: Jennifer Valentino-DeVries and Siobhan Gorman (8 Jul 2013), “Secret court’s redefinition of ‘relevant’ empowered vast NSA data-gathering,” Wall Street Journal, http://online.wsj.com/news/articles/SB10001424127887323873904578571893758853344.
We saw this in the 1970s: US Senate (23 Apr 1976), “Final report of the Select Committee to Study Governmental Operations with Respect to Intelligence Activities: National Security Agency Surveillance affecting Americans,” US Government Printing Office, http://www.aarclibrary.org/publib/church/reports/book3/pdf/ChurchB3_10_NSA.pdf.
the same thing happened in the UK: Caspar Bowden (23 Aug 2012), “Submission to the Joint Committee on the draft Communications Data Bill,” http://www.academia.edu/6002584/Submission_to_the_Joint_Committee_on_the_draft_Communications_Data_Bill.
It was intentionally drafted: During one recent litigation, one judge called it a “difficult if not impenetrable statute,” and the government’s own attorney called it “convoluted legislation.” Owen Bowcott (18 Jul 2014), “Intelligence services ‘creating vast databases’ of intercepted emails,” Guardian, http://www.theguardian.com/uk-news/2014/jul/18/intelligence-services-email-database-internet-tribunal.
didn’t actually legalize mass surveillance: EU law also applies to the UK, and mass surveillance under RIPA violates the European Convention on Human Rights. Nick Hopkins (28 Jan 2014), “Huge swath of GCHQ mass surveillance is illegal, says top lawyer,” Guardian, http://www.theguardian.com/uk-news/2014/jan/28/gchq-mass-surveillance-spying-law-lawyer.
President Obama tried to reassure: President Obama said that the NSA programs were “under very strict supervision by all three branches of government.” Barack Obama (7 Jun 2013), “Transcript: Obama’s remarks on NSA controversy,” Wall Street Journal, http://blogs.wsj.com/washwire/2013/06/07/transcript-what-obama-said-on-nsa-controversy.
His statement was deeply misleading: Electronic Privacy Information Center (2014), “Foreign Intelligence Surveillance Act court orders 1979–2014,” https://epic.org/privacy/wiretap/stats/fisa_stats.html.
telephone metadata collection program: The ACLU discusses why this needs to be reformed. American Civil Liberties Union (2014), “Reform the Patriot Act Section 215,” https://www.aclu.org/free-speech-national-security-technology-and-liberty/reform-patriot-act-section-215.
bulk records collection: The ACLU also discusses why this needs to be reformed. Jameel Jaffer (19 Mar 2014), “Submission of Jameel Jaffer, Deputy Legal Director, American Civil Liberties Union,” Privacy and Civil Liberties Oversight Board Public Hearing on Section 702 of the FISA Amendments Act, http://www.pclob.gov/Library/Meetings-Events/2014-March-19-Public-Hearing/Testimony_Jaffer.pdf.
There’s just too much secrecy: There was a telling exchange at a US Senate Intelligence Committee hearing between Senator Ron Wyden of Oregon and then NSA director Keith Alexander. Wyden asked Alexander whether the NSA collected Americans’ cell phone location data in bulk. Alexander replied that the NSA did not collect it under the authority delineated in Section 215 of the PATRIOT Act. Wyden then asked Alexander whether the NSA collected it under any other authority. Alexander refused to answer. Robyn Greene (27 Sep 2013), “It’s official: NSA wants to suck up all American’s phone records,” Washington Markup, https://www.aclu.org/blog/national-security/its-official-nsa-wants-suck-all-americans-phone-records.
When companies refuse: Marcy Wheeler (14 Aug 2014), “The majority of 215 orders come from Internet companies that refuse NSLs,” Empty Wheel, http://www.emptywheel.net/2014/08/14/the-bulk-of-215-orders-come-from-internet-companies-that-refuse-nsls.
the NSA has repeatedly threatened: Marcy Wheeler (23 Jun 2014), “The single branch theory of oversight,” Cato Unbound, http://www.cato-unbound.org/2014/06/23/marcy-wheeler/single-branch-theory-oversight.
They produced: Richard A. Clarke et al. (12 Dec 2013), “Liberty and security in a changing world: Report and recommendations of the President’s Review Group on Intelligence and Communications Technologies,” US Executive Office of the President, http://www.whitehouse.gov/sites/default/files/docs/2013-12-12_rg_final_report.pdf.
President Obama agreed: Barack Obama (17 Jan 2014), “Remarks by the President on review of signals intelligence,” US Executive Office of the President, http://www.whitehouse.gov/the-press-office/2014/01/17/remarks-president-review-signals-intelligence.
In 2004, Congress created: Garrett Hatch (27 Aug 2012), “Privacy and Civil Liberties Oversight Board: New independent agency status,” Congressional Research Service, http://www.fas.org/sgp/crs/misc/RL34385.pdf.
The group’s 2014 report: Privacy and Civil Liberties Oversight Board (2 Jul 2014), “Report on the surveillance program operated pursuant to Section 702 of the Foreign Intelligence Surveillance Act,” http://www.pclob.gov/All%20Documents/Report%20on%20the%20Section%20702%20Program/PCLOB-Section-702-Report.pdf.
It was widely panned: American Civil Liberties Union (2 Jul 2014), “Government privacy watchdog signs off on much of NSA warrantless wiretapping program,” https://www.aclu.org/national-security/government-privacy-watchdog-signs-much-nsa-war
rantless-wiretapping-program. Jennifer Granick (2 Jul 2014), “Did PCLOB answer my eight questions about Section 702?” Just Security, http://justsecurity.org/12516/pclob-answer-questions-section-702.
We need meaningful rules: Frederick A. O. Schwarz Jr. (12 Mar 2014), “Why we need a new Church Committee to fix our broken intelligence system,” Nation, http://www.thenation.com/article/178813/why-we-need-new-church-committee-fix-our-broken-intelligence-system.
Contrary to what many: This is one example. Gregory Conti, Lisa Shay, and Woodrow Hartzog (Summer 2014), “Deconstructing the relationship between privacy and security,” IEEE Technology and Society Magazine 33, http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=6824305.
Secret warrants don’t work: Jameel Jaffer (19 Mar 2014), “Submission of Jameel Jaffer, Deputy Legal Director, American Civil Liberties Union,” Privacy and Civil Liberties Oversight Board Public Hearing on Section 702 of the FISA Amendments Act, http://www.pclob.gov/Library/Meetings-Events/2014-March-19-Public-Hearing/Testimony_Jaffer.pdf.
Some surveillance orders bypass: Privacy SOS (10 Dec 2013), “No evidence, no worries: on the use of secret subpoenas,” http://www.privacysos.org/node/1263.
Start with the FISA Court: Andrew Nolan, Richard M. Thompson II, and Vivian S. Chu (25 Oct 2013), “Introducing a public advocate into the Foreign Intelligence Surveillance Act’s courts: Select legal issues,” Congressional Research Service, http://fas.org/sgp/crs/intel/advocate.pdf. Stephen I. Vladeck et al. (29 May 2013), “The case for a FISA ‘Special Advocate,’” Constitution Project, http://www.constitutionproject.org/wp-content/uploads/2014/05/The-Case-for-a-FISA-Special-Advocate_FINAL.pdf. Covington & Burling (May 2014), “The constitutionality of a public advocate for privacy,” http://www.insideprivacy.com/files/2014/07/The-Constitutionality-of-a-Public-Advocate-for-Pri.pdf.
more steps are needed: Joel Reidenberg (2 Nov 2013), “The data surveillance state in the US and Europe,” Wake Forest Law Review (forthcoming), http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2349269.
Snowden was rebuffed repeatedly: Edward Snowden (7 Mar 2014), “Statement to European Parliament,” http://www.europarl.europa.eu/document/activities/cont/201403/20140307ATT80674/20140307ATT80674EN.pdf.
Other law enforcement agencies: Merrick Bobb (16 Nov 2005), “Internal and external police oversight in the United States,” Police Assessment Resource Center, http://www.parc.info/client_files/altus/10-19%20altus%20conf%20paper.pdf.
more transparency, the better: Michael P. Weinbeck (3 Jun 2010), “Watching the watchmen: Lessons for federal law enforcement from America’s cities,” William Mitchell Law Review 36, http://www.wmitchell.edu/lawreview/documents/12.weinbeck.pdf. Eduardo L. Calderon and Maria Hernandez-Figueroa (Jan 2013), “Citizen oversight committees in law enforcement,” California State University Fullerton Center for Public Policy, http://cpp.fullerton.edu/cpp_policeoversight_report.pdf.
democracies need to be leaky: David Pozen (20 Dec 2013), “The leaky leviathan: Why the government condemns and condones unlawful disclosures of information,” Harvard Law Review 127, http://harvardlawreview.org/2013/12/the-leaky-leviathan-why-the-government-condemns-and-condones-unlawful-disclosures-of-information. Rahul Sagar (20 Dec 2013), “Creaky leviathan: A comment on David Pozen’s Leaky Leviathan,” Harvard Law Review Forum 127, http://cdn.harvardlawreview.org/wp-content/uploads/pdfs/forvol127_sagar.pdf.
whistleblowing the civil disobedience: These two essays make this point. danah boyd (19 Jul 2013), “Whistleblowing is the new civil disobedience: Why Edward Snowden matters,” apophenia, http://www.zephoria.org/thoughts/archives/2013/07/19/edward-snowden-whistleblower.html. William E. Scheuerman (Sep 2014), “Whistleblowing as civil disobedience: The case of Edward Snowden,” Philosophy and Social Criticism 40, http://psc.sagepub.com/content/40/7/609.abstract.
The NGO Human Rights Watch: G. Alex Sinha (28 Jul 2014), “With liberty to monitor all,” Human Rights Watch, http://www.hrw.org/reports/2014/07/28/liberty-monitor-all-0.
whistleblowers provide another oversight: Rahul Sagar (2013), Secrets and Leaks: The Dilemma of State Secrecy, Princeton University Press, http://press.princeton.edu/titles/10151.html.
Just as we have laws: Mary-Rose Papandrea (Mar 2014), “Leaker traitor whistleblower spy: National security leaks and the First Amendment,” Boston University Law Review 94, http://www.bu.edu/bulawreview/files/2014/05/PAPANDREA.pdf.
Once they are in place: Bruce Schneier (6 Jun 2013), “What we don’t know about spying on citizens: Scarier than what we know,” Atlantic, http://www.theatlantic.com/politics/archive/2013/06/what-we-dont-know-about-spying-on-citizens-scarier-than-what-we-know/276607.
The clever thing about this: Yochai Benkler delineated criteria that the courts can use to decide this. Yochai Benkler (Jul 2014), “A public accountability defense for national security leakers and whistleblowers,” Harvard Review of Law and Policy 8, http://benkler.org/Benkler_Whistleblowerdefense_Prepub.pdf.
Someone like Snowden: Yochai Benkler makes the case that the smartest thing the US could do is to give Edward Snowden immunity and let him return to the US. Yochai Benkler (8 Sep 2014), “Want to reform the NSA? Give Edward Snowden immunity,” Atlantic, http://www.theatlantic.com/politics/archive/2014/09/want-to-reform-the-nsa-give-edward-snowden-immunity/379612/2.
We encourage individuals: US Department of Labor (2014), “The Whistleblower Protection Programs,” http://www.whistleblowers.gov.
we need to protect whistleblowing: Glenn Reynolds has some ideas on how to maximize the benefits of whistleblowing while minimizing the harm. Glenn Reynolds (15 Sep 2014), “Don’t fear the leaker: Thoughts on bureaucracy and ethical whistleblowing,” Social Sciences Research Network, http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2496400.
Axel Arnbak said about: Axel Arnbak (30 Sep 2013), “The question lawyers don’t ask: Can law address total transnational surveillance?” Congress on Privacy and Surveillance, Lausanne, Switzerland, http://ic.epfl.ch/privacy-surveillance.
2014 UN report concluded: Ben Emmerson (23 Sep 2014), “Report of the Special Rapporteur on the promotion and protection of human rights and fundamental freedoms while countering terrorism,” United Nations General Assembly, Sixty-ninth session, Agenda item 68(a), https://docs.google.com/document/d/18U1aHmKx9jfDQjCZeAUYZdRjl6iF4QjuS_aJO2Uy7NY/edit?pli=1.
a baby step in this direction: Kim Zetter (22 Oct 2013), “Court rules probable-cause warrant required for GPS trackers,” Wired, http://www.wired.com/2013/10/warrant-required-gps-trackers.
another in 2014: Robert Barnes (25 Jun 2014), “Supreme Court says police must get warrants for most cellphone searches,” Washington Post, http://www.washingtonpost.com/national/supreme-court-police-must-get-warrants-for-most-cellphone-searches/2014/06/25/e2ff1326-fc6b-11e3-8176-f2c941cf35f1_story.html.
we need to overturn: Orin Kerr and Greg Nojeim (1 Aug 2012), “The data question: Should the third-party records doctrine be revisited?” ABA Journal, http://www.abajournal.com/magazine/article/the_data_question_should_the_third-party_records_doctrine_be_revisited. Colleen Maher Ernst (Jan 2014), “A proposed revision of the third-party doctrine,” Harvard Journal of Law and Public Policy 37, http://www.harvard-jlpp.com/wp-content/uploads/2014/01/37_1_329_Maher.pdf. Richard M. Thompson II (5 Jun 2014), “The Fourth Amendment third-party doctrine,” Congressional Research Service, http://fas.org/sgp/crs/misc/R43586.pdf.
The police should need a warrant: Currently, Justice Sotomayor is the only Supreme Court justice who has written in favor of making these changes. Richard M. Thompson II (5 Jun 2014), “The Fourth Amendment third-party doctrine,” Congressional Research Service, http://fas.org/sgp/crs/misc/R43586.pdf.
also hoarding vulnerabilities: In 2014, the Russians used a zero-day vulnerability in Windows to spy on both NATO and the Ukrainian government. Ellen Nakashima (13 Oct 2014), “Russian hackers use ‘zero-day’ to hack NATO, Ukraine in cyber-spy campaign,” Washington Post, http://www.washingtonpost.com/world/national-security/russian-hack
ers-use-zero-day-to-hack-nato-ukraine-in-cyber-spy-campaign/2014/10/13/f2452976-52f9-11e4-892e-602188e70e9c_story.html.
Some people believe the NSA: Cory Doctorow (11 Mar 2014), “If GCHQ wants to improve national security it must fix our technology,” Guardian, http://www.theguardian.com/technology/2014/mar/11/gchq-national-security-technology. Dan Geer (2013), “Three policies,” http://geer.tinho.net/three.policies.2013Apr03Wed.PDF.
Others claim that this would: David E. Sanger (29 Apr 2014), “White House details thinking on cybersecurity flaws,” New York Times, http://www.nytimes.com/2014/04/29/us/white-house-details-thinking-on-cybersecurity-gaps.html.
President Obama’s NSA review group: It’s recommendation 30. Richard A. Clarke et al. (12 Dec 2013), “Liberty and security in a changing world: Report and recommendations of The President’s Review Group on Intelligence and Communications Technologies,” US Executive Office of the President, http://www.whitehouse.gov/sites/default/files/docs/2013-12-12_rg_final_report.pdf.
I have made this point myself: Bruce Schneier (19 May 2014), “Should U.S. hackers fix cybersecurity holes or exploit them?” Atlantic, http://www.theatlantic.com/technology/archive/2014/05/should-hackers-fix-cybersecurity-holes-or-exploit-them/371197.
This is what the NSA: Michael Daniel (28 Apr 2014), “Heartbleed: Understanding when we disclose cyber vulnerabilities,” White House Blog, http://www.whitehouse.gov/blog/2014/04/28/heartbleed-understanding-when-we-disclose-cyber-vulnerabilities. David E. Sanger (28 Apr 2014), “White House details thinking on cybersecurity flaws,” New York Times, http://www.nytimes.com/2014/04/29/us/white-house-details-thinking-on-cybersecurity-gaps.html. Christopher Joye (8 May 2014), “Interview transcript: Former head of the NSA and commander of the US cyber command, General Keith Alexander,” Australian Financial Review, http://www.afr.com/Page/Uuid/b67d7b3e-d570-11e3-90e8-355a30324c5f.