Regardless of whether spying on US citizens is good from the standpoint of security or civil liberties, it is a problem when two elected Senators don't know the extent of what they're voting on. This would turn the power of the government from elected officials to appointed ones. Imagine if the US Army wouldn't divulge the capabilities of a new fighter jet to the very people who were authorizing the money for its construction. The civilian-military hierarchy has long been recognized as a cornerstone of American government. I find it hard to accept an NSA (preceded by the DoD) that has the ability to say no to two Senators, and answers only to the President.
This makes me wonder if the Wired article got a little jumpy when it wrote "the National Security Agency won’t tell two powerful United States Senators how many Americans have had their communications picked up." Perhaps they've been told, but are not allowed to disclose the number publicly?
Even if the latter is the case, it is disconcerting that elected officials cannot convey basic information about the laws they vote for to their constituents.
> Imagine if the US Army wouldn't divulge the capabilities of a new fighter jet to the very people who were authorizing the money for its construction.
No need to imagine. This happens. Covert areas of defense spending have always been conducted in the dark, often with blank checks.
The military, NSA, CIA, etc. are in the game of accumulating hidden capabilities. This is the job the American people have given them, and yes, it is a constant arbitrage at odds with, among other things, their own privacy and fiscal responsibilities.
There is a difference in doing things overtly and covertly. If they are doing it covertly they will probably think it through a lot more carefully, since the stakes are higher. And if some things that were previously done covertly but are now done overtly, it doesn't sound so far fetched that other things that were earlier not done at all are now done in secret.
> And if some things that [were] previously done covertly but [are] now done overtly, it doesn't sound so far fetched that other things that were earlier not done at all are now done in secret.
It makes me angry, too. And I'd say the ball is in the legislature's court. They can issue ultimatums, can't they? "'Fess up, or we're cutting your funding."
The system is highly inter-connected when it comes to protecting power. A threat to the NSA is a threat to the CIA and to Homeland Security and the general super state we have. You can't tear one down without vastly reducing the others, as it's all premised on unchecked expansion of government into private lives at every level.
Any member of the House or Senate that attempted to pull the funding for the NSA would either find themselves at the center of a scandal (they know everything about you), or the more powerful politicians on both sides of the aisle that are invested into the super state would go on the attack and bury the person. The NSA is six times the size of the CIA. They own Congress across the board, Hoover would be envious.
This is not a friendly government, they demonstrate that all over the world regularly, it should never be a surprise that it translates domestically.
Not to mention that CIA gets lots of their foundings from drug trafficking and you could cut off 50% of its money/air supply and they would still run on full throttle.
Its an easy Google search so I won't point to sources but at some point I understand CIA owning drug grounds. You see a billion of dollars in profits from something that is illegal on its face: you have too choices: being a good decent human being and shut this entire thing down, or being a greedy evil man and get into the roots of it and run the game getting the biggest cut for yourself.
God only knows how many secret ops / black ops / unknown organisations that even don't have names, the US government (and many others) are running, without other organisations or even the head of organisations knowing. One day we may find out some of those secrets which would be extremely interesting to learn.
The headline is misleading - it's worse. The question isn't "did person X get spied on?", it's "how many people in the U.S. have been spied on?"
The answer to that question cannot possibly violate the privacy of any individual.
>> What’s more, McCullough argued, giving such a figure of how many Americans were spied on was “beyond the capacity” of the NSA’s in-house watchdog...
So, either: 1) They are totally disorganized ("dang, it's not like we keep a database we could SELECT COUNT(*) from, you know...") or 2) there is no way to estimate because they're doing wholesale collection of all the phone calls, web traffic, etc that they can get their hands on.
I tend toward #2.
Also, "The answer to that question cannot possibly violate the privacy of any individual."
It would violate privacy if they were monitoring all web/phone/mail traffic which would effectively bring the number to all american citizens and revealing that would violate everyones individual privacy. Maybe.
I don't even see why "did person X get spied on?" would violate anyone's privacy anyway, especially if person X didn't know about the spying to begin with. They're not asking why anyone got spied on.
Knowing that someone was the target of investigation/spying-on of one particular person would be very damaging to the credibility of a person. It doesn't matter if you don't tell the public why, the mere fact of telling the public that they were spied on is enough to damage someone's carrer & life.
It's debatable whether this falls under "privacy" or general "right not be slandered" etc.
It depends on the quantity of people who were spied on. If it is everyone, then it means nothing. If it is you and a few "terrorists", then people will draw conclusions.
I can sympathize. In my organization we've shipped a lot more code since we stopped writing unit tests. Writing unit tests would just impede our ability to ship LOC.
Facebook and Google are the new Halliburton and Lockheed of the age of behavior tracking and counterterrorism...
Both companies spend millions per year to provide elaborate back doors into their network for the NSA, FBI, and other government agencies.
Both firms are too important not to become members of the military industrial complex... Their behavior tracking technology is trusted, ubiquitous, and has far broader reach than government systems.
It starts with backdoors and warrants, then backdoors without warrants, then massive data mining and "preemptive" search of personal data, then installing government payloads on customer laptops, etc. etc.
I don't see how anyone can trust firms that go along with warrantless backdoor policies not to install government payloads on customer machines when asked.
First counterterrorism, then the IRS and immigration policies (better not mention your cleaning lady in a gmail message), then GPS data harvested and speeding tickets retroactively issued.
I remember reading somewhere about the "google aurora hack" that the hackers were able to access gmails built-in backroom and were monitoring email accounts. I cannot find the link right now but here are a couple for google and facebook.
There probably aren't any. But it doesn't take a wild imagination to assume that both Google and Facebook facilitate government requests either with a dedicated staff or through an automated self-service interface or API.
I don't doubt the NSA is spying. I think making the assertion without documentation that Google et al. have huge teams of people dedicated to helping them spy is a bit beyond the pale.
Consider the salary and benefits and office space costs of one employee at Google. Then assume that the backdoor interface requires at least a few employees. You're already at $1M. Now imagine a bit of extra infrastructure, people to deal with communications, legal, etc., and you're in the millions.
>This article describes technical best practices to help achieve compliance with U.S. National Security Agency (NSA) security requirements for equipment used in military installations.
Yes, I know what the content is. My point with showing that particular article is that cisco is not ignorant of securing to NSA's requirements - they have been working directly with them for years.
There are other MISO (psyop) groups embedded with all manners of information exchange. The Intelligence arm has people in all media outlets.
This was revealed multiple times in the last 12 years as we found out that handlers from intel ops were approving stories in the MSM.
This is NOT tinfoil folks - this is the farking reality.
Someone parrots an unsourced tinfoil-esque screed, and backs it up with a citation that doesn't prove anything, and I'm the one getting downvoted. WTF, guys?
the Wikipedia article on this changed over the years (not looking for conspiracy theory here). About 2 years ago the lawsuit section was more detailed. It said something similar in logic to this article's title; the defendant replied that no room of such nature exists, BUT this lawsuit should be thrown out of the court because of National Security :)
If only it were so limited. The government has long co-opted banks, etc. to do their spying. See California Bankers Association v. Shultz (1974) and pay particular attention to Justice Douglass's dissent. This problem has been festering for decades and only now in 2012 (Jones v. United States, re: GPS searches) have a majority on the Supreme Court even expressed concern over the rise of the surveillance state....
Very true. As someone who has considered using InTrade in election season and donating to WikiLeaks, it's incredible how linked government and banking are.
What I find interesting is the thought experiment "how would you act if you wanted to evade the surveillance?" Simply going "off grid" won't work b/c it provides nearly as reliable a signal to those doing the tracking.
I consider it likely that terrorist organizations have thought about this, and wonder what approaches they are using to try to thwart it.
Since it would seem fairly possible to create a convincing appearance of legitimacy via FB and Gmail and even banking, the value of the surveillance must lie in understanding human network topologies so that physical agents can be deployed strategically to do traditional humint.
Since most of the data is obtained w/o warrant it is unlikely to be admissible and used toward a conviction. This would be a problem if convicting the individual whose data was scanned was the goal. The goal is to aid the efforts of traditional law enforcement and intel by generating something like a "suspicion heatmap" over the social network as revealed by our financial, email, and social network transactions.
This helps efficiently deploy agents, but once deployed the agents still need to make friends and infiltrate their assigned network edges. Cover is not always necessary to do this, since many members of the network are upstanding citizens who are happy to help with something security related.
As I've speculated earlier, I would expect that honeypots (large and small) are the preferred way to actually perform experiments on the suspicion graph.
It's fascinating to think about what sort of honeypots probably exist.
In the banking case, the issue was that the data didnt need a warrant and could be used towards conviction. In recent decades the 4th Amendment has been significantly eroded and courts are only now waking up to the fact that there is a major problem. A lot of people thought GPS wouldn't be a problem based on the Knotts and Karo electonic beeper cases either.
Fortunately others provided relevant links and data below my comment.
edit: The immature and offensive comment was posted by the user with username posabsolute (Cedric Dugas), who has fortunately thought better of it and deleted it and has evidently created sock puppet accounts to downvote this comment.
If you want to really get a feel for the situation, read Crypto: http://www.amazon.com/Crypto-Rebels-Government-Privacy-Digit... It's a book about how cryptography was finally accepted and allowed in the U.S., and how the NSA handled the growth of everyday crypto (hint: not without a fight).
It's not about a government agency trying to control everything and turn the U.S. into 1984, it's about an agency getting swept up in their own mission of secrecy and surveillance, and sometimes (in my opinion) using it as an argumentative technique to advance their agenda. This is just another obvious example of that.
We know they do it. They know we know they do it. But they still cannot acknowledge it. It is just how things work.
When the Wikileaks leak happened, there was an article (or comment on HN) about how seemingly obvious things are still classified. Say that US govt. knows about the crimes some dictator is committing against his own people. The locals in that country know it (and experience it). The world, including US citizens know it or can very easily find out, yet the fact that US government knows is classified.
The reason is because an official acknowledgement would also demand some sort of official denouncement or some other similar action in order to maintain a certain propaganda-ready image (universal support for human rights, democracy & freedom promotions etc etc)
There are seemingly obvious things that are classified for valid reasons, too. Sometimes the motivation is not to shield the information itself or propaganda-driven feigned ignorance, rather what matters is protecting the classified source from which the information was obtained.
This still only applies to a small portion of classified material, much of which is simply subject to classification inflation.
I personally assume that they're collecting everything, but analyzing very little. Just a quick grep on some key terms for some communications of interest, for some possibly very odd value of "interest".
They can always go back and analyze later.
Old-time "usenet" users have to assume that all of usenet got hoovered up while it was going on, and that material is pretty carefully indexed and categorized. Any participants of "alt.tasteless", for example, should never run for major office, as whatever they posted will come back to haunt them. By "haunt them", I mean that once elected, they may get their arms twisted on critical issues. Let's recall what happened to Representative Jane Harman (http://www.thedailyshow.com/watch/tue-april-28-2009/your-gov...) - Harman "was caught on wiretap, but not punished, so as not to erode her support for wiretaps."
That guy that posted all that gay pr0n to the straight-pr0n groups in the early 90s had better watch his back, too.
Yeah, you run into a fundamental noise:signal issue.
The idea is probably there is a small subset that is analysed pretty heavily and a lot else that's just retained on the theory it might be of interest someday.
The danger though is it allows a bit of a "show me the man and I'll find you the crime" mentality....
Well, we know about Jane Harman, and we know about J. Edgar Hoover's files on just about all USA Congress members. I believe your "danger" is an actual problem. That sort of thing really undermines representative government.
It is the actual problem. It is what is supposed to separate a government of laws from a government of men. Indeed, the quote came from Stalin's government....
I assume they're collecting everything, but I'm not quite sure if I'm ready to buy that they're analyzing everything (beyond maybe a cursory inspection to classify traffic type very generally).
I think we can safely assume the answer to "how many US citizens" is "all of them". The fact they're not even willing to give a suggestion of magnitude speaks volumes.
This really makes me want to launch a new "Government Information Awareness"[1] initiative. The tagline should be "Snoop unto them as they snoop unto us." Seriously, if these assholes are gonna spy on us, we should spy back.
This is probably not a great idea due to the difference in capabilities at work. For instance, they can get big corporations to cooperate and offer them indemnity, while you can't. Even more importantly, their ability to lock you up and smack you around with a pipe wrench when they catch you spying greatly exceeds your ability to do the same to them.
Doesn't matter, somebody still needs to do it. I mean, if you look back at the American Revolution, you'd have been nuts to bet on the revolutionaries, right? At some point it becomes simply a matter of principle and you accept the consequences, hoping it leads to a better day in the future.
I'm not eager to go out as a martyr, but with every passing day I'm closer and closer to saying "fuck it" and accepting that that may happen anyway.
But, then again, I've always been a bit of a radical and a hot-head.
The American leaders had an endgame planned. "Let's spy on them" is not an endgame. Unless it's part of a much more detailed plan, I don't think the comparison holds up. Spying on your own government is more akin to a couple of 18th-century Americans saying, "Hey, I know, let's go shoot a couple of British soldiers." Outside the context of a revolution, it's only good at getting you killed.
The point is, doing it, and the resulting fallout, may be part of what it takes to instigate a revolution. And, to be honest, I'm leaning more and more towards the idea that it's going to take a revolution to fix the problems with the American government... I still hold onto a little bit of faith in the democratic process, but it's fading.
It's hard to say. And I have mixed feelings about saying "I hope so" or "I hope not." On the one hand, I think freedom is it's own end, and that we have sacrificed far too much and given our government way too much power, and that it'll take a revolution to roll things back a bit. But, I sure hate the idea of a bloody armed revolution and all the death and suffering that would entail. sigh I dunno man, I just don't know...
Well, then, if that's the only sticking point, allow people to waive this "privacy" matter and thus indemnifying the gov't. Something like how patients can release their own HIPAA data, if they so choose.
[edit] of course provisions for being of sound mind (as with any contract) and being of age of majority (i.e. an adult capable of consenting)
I don't really agree with the whole thing but it sort of makes sense and the headline is quite mis-leading. The violation of privacy supposedly would occur when they go do the research to figure out the answer to the question. The "saying" is irrelevant.
I completely agree. There are two important points here. First, they don't currently know the answer to the question, so they would have to figure it out, probably by examining a bunch of the conversations to identify who is and who is not a US Citizen. That examination would mean violating the privacy of US Citizens. (Collection does not equal examination.) Second, the wording in the article is a bit misleading. The article says that the NSA "won't" give this information to the Senators. Technically, that is true, but it would probably be more accurate (and less inflammatory) to say that they "can't" provide the information. Won't and Can't imply very different intentions. I'm not saying it is right/acceptable that this info is not known, just saying that the way the article is written is a bit misleading.
Wasn't that also the justification at one point for not releasing details about the interrogations of Gitmo detainees? That it would violate the prisoners' rights to privacy?
Am I the only one that noticed the exact phrasing of the question: "how many persons inside the United States have been spied upon by the NSA?"
Last I checked, not everyone inside the US was a citizen. In fact, I would posit that the VAST majority of people NSA is listening in on, are non-citizens.
I am also curious why everyone is worried about NSA and not the FBI. NSA isn't interested in the US, they care about the rest of the world. This isn't anecdotal information.
People are worried about the NSA because it was the NSA that was found to be responsible for the Room 641a scandal (http://en.wikipedia.org/wiki/Room_641A) in which it was discovered that they were tapping massive amounts of domestic internet traffic without a warrant or probable cause. There are probably another 10 to 20 more of those rooms strategically placed around the country, all of which would be indiscriminately tapping domestic internet traffic (http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/al...). Additionally, the NSA employs more people than the FBI and CIA combined. If there's any agency tapping your internet usage it's the NSA.
This message I am about to post may travel through China before arriving at its destination, which may or not be back in the US.
If this message goes from Point A (US) to Point B (China) to Point C (US) it is not purely domestic traffic.
At Point C, where it enters the US, it should be possible to see that it came from China. It can be claimed then, that it is indeed not purely domestic traffic.
Roles are much more muddled tbetween the agencies these days. FBI is now all over the world, NSA looks at the homeland too. I don't think it's part of a conscious effort, but more from a business/prestige standpoint. IE, every group wants all their own in house capabilities, to do everything. also, I'm much more comfortable with the FBI than the NSA. FBI seems to have a more grounded approach in what the could and should be doing, whereas the NSA seems more entrepreneurial, if that makes any sense to you.
Not entirely. It isn't clear that the US government can start killing Americans when they take weekend trips to Toronto without violating the Due Process clause.
But all that would do would be cause an international incident and expose those who carry it out to threat of prosecution of not granted diplomatic immunity.
The question is whether US law prevents it. THere are some cases to suggest that the bill of rights still governs to at least some extent when a US citizen is acted against by the US government in a foreign county.
The EPC formally only binds the states, right? To the extent it binds the federal government is the extent it has been read into the due process clause.....
> The NSA, for instance, no longer requires probable cause to intercept a person’s phone calls, text messages or emails within the United States as long as one party to the communications is “reasonably” believed to be outside the United States.
Does that mean anything publicly viewable (like this comment) or anything which is broadcast to a large group (like, something that your Facebook friends can see - you can "reasonably" assume one of them is overseas) then it's fair game?
The Stored Communications Act allows arbitrary copying of most private emails and messages that are stored on a third-party server. See https://ssd.eff.org/book/export/html/41
With compartmentization and the short terms of congress people (2 years and then there could be a change, worse if the party in control switches) nobody knows what our top secret money is spent on. It's so bad that we ask the people we give the money to if what they are doing is worth while because nobody knows and nobody wants to be the guy that cut the budget of x y ad z and let the terrorists attack again.
Think on the order of a half trillion dollars that they can kind of account for (it's black, could be more, probably not tons less) that we have no idea what it actually does.
Funny thing, NSA might not know and probably doesn't have an easy way to find out. This is an artistic response in that it doesn't make them sound like idiots for not knowing. there is just a staggering amount of communication going on, even if tried really hard to follow the rules try would still screw up.
Why would telling the American people how much you are using the powers given by the people threaten your protection of the people? If Obama said how many drone attacks have been carried out, that wouldnt help a terrorist evade Drones. The idea that informing America of the amount of wiretapping that goes on would threaten the NSA's operations is seriously wrong. Unless the NSA is counting lack of oversight as an operation. Which is wrong.
Well, if you know there's 2 drone strikes a year, you wouldn't worry about a drone strike as much. But if there's 100,000 a year, suddenly there's a whole different problem back home defending that.
But what makes this a stupid defense is they aren't asking to make the numbers public, it's about making some top level data available to congressmen, which I would think should be indefensible.
Hey, I actually can kind of see where this premise is coming from. Not completely. But let's see how it kind of philosophically does make a tiny bit of sense. It does violate my privacy (even more) if someone tells me they've been spying on me.
To see this, consider: after someone spies on you, what's the least damage they can do to your privacy? Obviously the most is to publish everything they have on you for everyone. But what's the least?
The least damage is to completely forget it, never mention it, never think about it, and not even acknowledge or record it - let the world be exactly the same as if they had not spied on me.
I'm not saying this is better than ACTUALLY not ever spying on me, but it's the best thing for my privacy once they have.
Say you're a security person and do bag searches, a celebrity comes through and you actually see something very embarrassing in their bag, on some subject there's been public speculation on. (Their sexuality, whether they have some disease and you see meds for it, whatever). What's the best way to protect their privacy after you clear them (nothing dangerous in the bag)?
Obviously, by not even mentioning/acknowledging that you searched them, just by moving on.
If all my email (along with everyone else's) is being scanned to see if I'm concocting a terrorist plot, then the best you can do after this fact is not even ackowledge this and in every way act and produce a world as though it never happened.
Note that this does not make the original invasion of privacy any better. It doesn't condone it. It may also make it harder to instate more appropriate privacy policies in the future. But the premise "If I answered you 'every single person on US territory who has sent an email or made or received a telephone call in the past 36 months' then it would violate your privacy" is not completely devoid of any merit. Should every single person's privacy have been violated? No. We have constitutional protections against that sort of thing.
If it has, would it violate their privacy further to go boasting about this fact? What if it means that anyone suing you for anything can use this knowledge to do discovery and request your communications from the government? In this and a myriad other scenarios, telling the extent to which you invaded people's privacy can be worse for their privacy than refusing to do so.
Not saying I'm convinced. I'm just saying there's a little something in this line of thought. Obviously the late Martin Luther King's privacy is far worse off now than if we never knew that the FBI kept detailed files on him...
This makes me wonder if the Wired article got a little jumpy when it wrote "the National Security Agency won’t tell two powerful United States Senators how many Americans have had their communications picked up." Perhaps they've been told, but are not allowed to disclose the number publicly? Even if the latter is the case, it is disconcerting that elected officials cannot convey basic information about the laws they vote for to their constituents.