Three Guiding Principles for NSA Reform

APImages/Oliver Berg

Edward Snowden, the Booz Allen Hamilton contractor who leaked the details of top secret National Security Agency (NSA) surveillance programs could have tried to remain anonymous and avoid the consequences of his actions. That he chose not to, instead recording a lengthy interview explaining his motives and worldview, is remarkable for a modern-day leaker. While his supporters complain that the subsequent focus on Snowden has directed attention away from his leaks, his decision—and his moral calculus—are actually central to the public debate that’s erupted.

Rather than petulantly whine that it’s unfair to examine the motives of a man desperate to justify himself, we should instead grapple with why Snowden chose to leak. The programs he exposed prompted a steady roar from civil libertarians, transparency activists, and reporters. It also prompted remarkable pushback from progressive Senators like Al Franken, who felt the program was legal and necessary.

What Snowden wanted to do—prompt a national conversation about secrecy and privacy—is happening. While our legal system will determine his criminal liability, in the meantime there is a clear need to public debate exactly what we should expect from our government in terms of privacy and security.

This debate causes me deep discomfort. I spent my 20s working in various capacities for the Defense Department, first as a database developer and later as an intelligence analyst. I still take seriously the papers I signed legally binding me from ever deliberately exposing secrets I had access to, and I can see clear harm that might result from ill-considered exposure—especially by a 29-year-old IT worker who’s never had to grapple with the real-world consequences of such decisions. At the same time, I also now work as a journalist, which means I care deeply about educating the public about the government and how it functions, along with caring about open debate and the free flow of information.

Those two halves of my life—the one filled with government secrets and the other with the transparency ethos of journalism—do not coexist easily. When I worked for the Pentagon as a contractor much like Snowden, I was allowed to write publicly about some topics. I was also viewed with suspicion by many coworkers who assumed that I would improperly disclose secrets (to the best of my knowledge, I never did). My solution to that tension was, eventually, to leave—first to work for a think tank and then, more recently, as a writer. 

In leaving, I had the opportunity to debate and explain things in a way I never had as a contractor. I even testified in the Senate in 2011 about the many structural flaws inherent in intelligence contracting and overclassification. Clearly, not much has changed since then: We still face a fundamental moral choice, as a society, about how we want to approach the difficult challenges of security and privacy.

It’s clear that at least a significant portion of the country is unhappy with how expansive the government’s surveillance capabilities have become, and how reliant the government still is on private contractors. Yet the need for surveillance and security has not diminished. Can those competing impulses be balanced in a better way? Can the NSA be reformed to be more in line with society’s competing desires for safety and privacy?

Extreme positions, like disbanding the agency as a whole, are unlikely to ever happen. Realistically, this debate should be about reform and new choices. While some don’t think reform is necessary, the outcry suggests something needs to change.

Yet, to even begin the discussion of reform, we have to grapple with why things got to where they are. One document published in the Guardian shows a Foreign Intelligence Surveillance Act (FISA)  court order for Verizon, the telecommunications giant, to hand over phone metadata (telephone numbers, call length, and location). The Supreme Court ruled in 1979 that the Fourth Amendment does not protect such metadata. Similarly, the PRISM data-mining program, which automates access to Internet company databases, was, misreporting aside, publicly discussed as a software platform used by the military and intelligence community for many years.

The NSA carries out this surveillance with the full knowledge and consent of all three branches of government. Over the last decade, Congress has passed and reformed laws to grant the administrations of George W. Bush and Barack Obama vast surveillance powers. They even granted corporations retroactive immunity for illegal conduct they felt should have been legal, like the NSA’s warrantless wiretapping program exposed by The New York Times in 2005.

The courts, too, have agreed with this long march toward a surveillance state. The rubber-stamp of a FISA court no longer carries much weight amongst civil libertarians. But the FISA Court once strongly separated domestic law enforcement and foreign intelligence operations due to abuses in the 1960s and 1970s.  In 2002, the U.S. Foreign Intelligence Surveillance Court of Review publicly removed the “FISA Wall.”  Normal courts, too, routinely uphold secrecy laws and protect intelligence programs from lawsuits.

While the process took a long time, the government was essentially responding to the American people’s demands for such powers. Surveillance usually polls well, though recent numbers suggest growing discomfort with the practice. But altering the intelligence apparatus and reigning-in the NSA requires difficult choices by the public that will almost certainly challenge our current notions of privacy and personal security.

A wide range of officials, from surveillance skeptic Senator Al Franken to NSA chief Keith Alexander, have said NSA programs have stopped several terrorist attacks. Assuming those statements are true (Director of National Intelligence James Clapper is facing allegations that he misled Congress on counterterrorism activities), then scaling back the NSA would involve letting some number of terrorist acts slip through.

Put simply, the public is neither debating what sort of privacy it is comfortable with (apart from “more”), nor is it considering a debate on how much security it wants (apart from “more”). But that is exactly the kind of debate that needs to happen.

With that in mind, here are three principles for changing the laws and policies that govern intelligence collection.

1. We must reconcile with the need for data collection

Americans, as a whole, have no idea how much data the federal government already collects about them. To administer programs like Medicaid and Social Security, for example, the federal government collects information about your medical history, tax payments, salary, and housing. The IRS knows how much money you make, the TSA knows everywhere you fly to, and your entire financial history is a single credit check away. Americans, as a whole, accept these tradeoffs because of the services we get in return.

Yet the vast data-collection needed to deliver these services is not described as “surveillance.” Americans are comfortable giving the government such personal and potentially damaging information on the assumption that it will not be abused. Viewed in this light, worries over phone metadata seem almost precious in comparison. If there is to be a debate about the government’s data collection, then let us have that debate.

2. We should revise old laws and rulings

The Supreme Court case Smith v. Maryland, from 1979, allowed the police to collect phone metadata because the "petitioner voluntarily conveyed numerical information to the telephone company." In other words, because we voluntarily give information to phone companies, collecting that data later doesn’t violate our protection from unreasonable searches. The same concept could be applied to the PRISM program that manages data-collection from Internet companies. No one compels us to hand over our data to Google, Apple, or Amazon. We choose to do that, and we help them build enormous databases of our personal information that can be queried later.

If that sounds ridiculous in today’s world—unlike 1979, today it is impossible to live in without a telephone or Internet connection—then let’s revisit that ruling (the ACLU is trying to do just that with a lawsuit). Querying private databases necessary for daily life should constitute an unreasonable search. The reality is that most of our laws governing electronic conduct were written 20 or even 30 years ago—long before the World Wide Web, where you’re reading this article, even existed. It is past time to update them—and the legal reasoning around them—to account for modern life.

3. We need to make new choices about openness and security.

In 2011, Ben Wittes, a senior fellow in Governance Studies at the Brookings Institution, wrote a provocative paper about the “crude balance” people imagine between liberty and security. He proposed that, in fact, greater surveillance in some instances would increase liberty by making certain public goods, like playgrounds or the Internet, safe from malicious actors. The line he draws is not about protecting privacy, per se, but rather about protecting the freedom to be in public and use public services with a reasonable expectation of safety.

The idea of surveillance enhancing both security and freedom (if not privacy) is one we should certainly debate. But more than that specific idea, Wittes raises the possibility that privacy and security are not necessarily a zero-sum equation we must be constantly fighting to keep in balance.

Within the government, too, there needs to be a new debate about how open they must be, and how that might affect security. Laws that enable broad surveillance power, like the Patriot Act, FISA Amendments Act, and others, should be reopened to public debate. Secret legal argumentation for behaviors Americans do not support must end. There will be operational tradeoffs, but if that is the choice the public wants to make—and increasingly that seems to be the case—then we must make it.

 

The public also needs to come to grips with its intolerance for risk. The country, as a whole, asked Congress to build these new powers for the government; they voted for the same Senators who retroactively legalized wiretapping, and they re-elected two presidents whose zealous conduct in counterterrorism policies sparked enormous public outcry.

Even today, when congressmen and senators complain that the national-security apparatus is too large or too powerful, they are derided as weak, loving our enemies, and wishing for America to fail. Hill staffs are terrified to remove language authorizing aggressive security measures, because if an attack does sneak through, their bosses will be hammered in the press, possibly even thrown out of office. An event as random and unpredictable as two Americans using common household goods to bomb a marathon sparked blanket coverage condemning the FBI for not reading their minds and failing to connect obscure dots.

The previous decade of ever-expanding security for increasing powers has hit a ceiling of public acceptance—the intelligence community has reached the limits of public trust. If the government wants us to trust it with the power it has, then it has to behave in a trustworthy way with it—no more secret courts, no more secret laws, and no more secret legal memos authorizing summary executions. So far, it has not.

There is a real danger that in the rush to “fix” the NSA, we will be left with a system less effective, less secure, and less attractive than what we have today. It is vital we start the reform debate by settling the fundamental issues that brought us here to begin with: the public choices we make about our privacy and security.

Comments

Here's what infuriates me: Since 9/11 our government had done NOTHING to solve the root cause of terrorism. This entire time a precious few have been calling for a Global Marshall Plan as the ultimate solution to the threat of anti-American terror. There will always be men who want to do evil, but they would have a much harder time recruiting new adherents and getting aid and comfort from people and nations if the U.S. and other advanced nations donated between 1% and 3% of their GDP for 20 years to eradicate poverty, hunger, preventable disease, lack of education, and environmental destruction in every country on earth (including America).

We all know how the state of American politics makes this impossible right now, but for those regretfully willing to trade our privacy for the sake of security the point is that THERE IS ANOTHER ANSWER! Right after 9/11 the very few public commentators willing to respond to this idea said that a Global Marshall Plan could only be a long term solution so for now we must pursue a "war on terror". But in the past 12 years NOT ONE STEP has been taken toward this one policy that would finally make us safe.

My apologies for the repeated comment post! The word verification/CAPTCHA mechanism was malfuntioning and when it finally took it reposted the same comment repeatedly. I only meant to post it once.

Here's what infuriates me: Since 9/11 our government had done NOTHING to solve the root cause of terrorism. This entire time a precious few have been calling for a Global Marshall Plan as the ultimate solution to the threat of anti-American terror. There will always be men who want to do evil, but they would have a much harder time recruiting new adherents and getting aid and comfort from people and nations if the U.S. and other advanced nations donated between 1% and 3% of their GDP for 20 years to eradicate poverty, hunger, preventable disease, lack of education, and environmental destruction in every country on earth (including America).

We all know how the state of American politics makes this impossible right now, but for those regretfully willing to trade our privacy for the sake of security the point is that THERE IS ANOTHER ANSWER! Right after 9/11 the very few public commentators willing to respond to this idea said that a Global Marshall Plan could only be a long term solution so for now we must pursue a "war on terror". But in the past 12 years NOT ONE STEP has been taken toward this one policy that would finally make us safe.

Here's what infuriates me: Since 9/11 our government had done NOTHING to solve the root cause of terrorism. This entire time a precious few have been calling for a Global Marshall Plan as the ultimate solution to the threat of anti-American terror. There will always be men who want to do evil, but they would have a much harder time recruiting new adherents and getting aid and comfort from people and nations if the U.S. and other advanced nations donated between 1% and 3% of their GDP for 20 years to eradicate poverty, hunger, preventable disease, lack of education, and environmental destruction in every country on earth (including America).

We all know how the state of American politics makes this impossible right now, but for those regretfully willing to trade our privacy for the sake of security the point is that THERE IS ANOTHER ANSWER! Right after 9/11 the very few public commentators willing to respond to this idea said that a Global Marshall Plan could only be a long term solution so for now we must pursue a "war on terror". But in the past 12 years NOT ONE STEP has been taken toward this one policy that would finally make us safe.

Here's what infuriates me: Since 9/11 our government had done NOTHING to solve the root cause of terrorism. This entire time a precious few have been calling for a Global Marshall Plan as the ultimate solution to the threat of anti-American terror. There will always be men who want to do evil, but they would have a much harder time recruiting new adherents and getting aid and comfort from people and nations if the U.S. and other advanced nations donated between 1% and 3% of their GDP for 20 years to eradicate poverty, hunger, preventable disease, lack of education, and environmental destruction in every country on earth (including America).

We all know how the state of American politics makes this impossible right now, but for those regretfully willing to trade our privacy for the sake of security the point is that THERE IS ANOTHER ANSWER! Right after 9/11 the very few public commentators willing to respond to this idea said that a Global Marshall Plan could only be a long term solution so for now we must pursue a "war on terror". But in the past 12 years NOT ONE STEP has been taken toward this one policy that would finally make us safe.

There are some good points here, both in the article itself, and in the Global Marshall Plan idea. The unfortunate fact for now is that certain politicians and business leaders feel that ANY government help which involved taxing THEM more (or AT ALL) to pay for it is "SOCIALISM." Since in the absence of taxes from the rich, such taxation would necessarily fall on working people, the poor and retired, these same wealthy people have the very people FROM WHOM THEY ARE STEALING JOBS AND WAGES voting against taxing ANYBODY to help ANYBODY.

As for surveillance data, we need a totally airtight wall between "court-worthy" data that can be used as evidence to convict a defendant (must be obtained from a warranted search) and "operational data" that can be used to track people in order to prevent crimes and attacks of terrorism, and ALSO strict punishment for "authorized" employees who use data for their own personal benefit (e.g. to stalk an ex-spouse or to find customers for home repairs or plaintiffs for lawsuits) or their own amusement (e.g. voyeurs watching changing room videos for pleasure).

If, in the course of preventing a crime, REGARDLESS of the source of the intelligence that made it possible, police arrest the person(s) caught "red handed" about to do so, the chain of legal "court-worthy" evidence can BEGIN there. This should suffice to convict even without introducing the unwarranted intelligence at the trial. And unwarranted intelligence should HAVE TO BE deleted, INCLUDING backup copies, after a specific time period to be debated (a year, maybe).

I propose that we organize a new, independent, non-political agency, "the National Security Oversight Commission", which would employ engineers, economists, and lawyers who would have adequate security clearances, and would be required to be given access to information which they could use to evaluate the efficacy and cost effectiveness of secret national security programs. The Commission would present its analyses to the secret Congressional Oversight committees, which would serve a "second opinions" which could counter self-serving arguments in favor of spending presented by those standing to benefit from that spending. The Commission could also evaluate trade-offs of privacy for security, and could, with limitations, present its concerns to the public, if it felt they were not given due consideration by Congress.
While some might complain about the creation of a new bureaucracy, the Commission could result in a net savings to the budget, by giving Congress members information they could use to deny unnecessary or wasteful spending.

In theory, the staffs of the members of the Congressional committee members could be performing these functions. In practice, the incentives in Washington tend to prevent that from happening. A truly independent oversight Commission would allow us to right-size spending, and to protect civil liberties in the process.

You need to be logged in to comment.
(If there's one thing we know about comment trolls, it's that they're lazy)

Connect
, after login or registration your account will be connected.