We now know that the NSA’s communications surveillance programs have operated illegally for years. The scale of the violations, mostly accidental, is such that it suggests that the agency is unable to monitor or control its own operations.
Can someone make a good case for me that the NSA, despite its inability to prevent tens of thousands of violations in its own operations, will be able to prevent the information it’s gathering from from being used to harm ordinary Americans?
We also have this, where Senator’s Udall and Wyden state the thousands of illegal action revealed so far are “the tip of the iceberg.”
http://www.theguardian.com/world/2013/aug/16/nsa-revelations-privacy-breaches-udall-wyden
The scale of the violations, mostly accidental….
Two points.
First, they CLAIM the violations are mostly accidental.
Second, we don’t really know the scale of the violations. We know what they’re telling us about it. What are the odds of a government agency of any kind hiding the truth to make itself look less bad? Do those odds increase or decrease when that agency is dedicated to operating in the shadows to begin with? Do those odds increase or decrease when the agency employs a lot of people that specialize in high level game theory?
Perhaps I should have written “even if mostly accident”. My point was that a confession of lack of control is a confession of lack of control.
And, yes. The revelation is about incidents not individuals and, as you note, they’re the incidents that were acknowledged, at least internally.
Each individual incident may have involved hundreds, thousands, hundreds of thousands, or even millions of individuals.
Each individual incident may have involved hundreds, thousands, hundreds of thousands, or even millions of individuals.
I didn’t even consider that, not explicitly.
Depends on what you mean by ordinary Americans. People who belong to marginal political groups–anarchists, far-left socialists, squatters, Greens, anti-government survivalists should be worried. And don’t forget Muslim men who have issues with our government. If I was a Muslim-American citizen who thought the US was killing lots of innocent Muslims abroad, I would be very careful about what I said and what I wrote anywhere on the internet.
But if you think that the government one day might come after you because you have guns or you gave money to Planned Parenthood, there’s nothing to worry about.
Chomsky’s observation–that Nixon became a criminal only when he started spying on the Democratic establishment–is pretty much true about American as a whole. Our country has always treated marginal groups terribly. It’s telling that in the all of the talk about Obama’s illegalities, he’s being compared to Nixon, because of Watergate, rather than Reagan, who purposely violated Congressional law while negotiating with terrorists and supplying the Contras.
I’d consider the people you list ordinary Americans. However, again perhaps a poor choice of words on my part. How about “non-terrorists”?
Even that really doesn’t cover the situation since I reject the notion that any and all actions are justified if the intent is to suppress terrorism.
This news report is more hyperbole and misses much that’s in the actual audit. Just as one example, most of the violations were from “roamers” which are (quoting from the audit):
More later when I get some time.
The audit states the 11% rise in violations from from 2011 to 2012 were primarily due to roamer incidents. Where do you see the report states “most” violations were roaming incidents?
Look on page six: roaming incidents are about half the total.
Can someone explain – without dystopian scenarios or Orwell nostalgia – exactly how the NSA can harm people in ways that are more dangerous than the big businesses that have all this same data?
Can a Google or Wells Fargo (my bank) employee blackmail you? Yes. Can he hand your data over to police and play the SWATing game? Yes. Can he send data to the FBI and potentially initiate a no-fly restriction? Yes. Can he ruin your credit rating? Yes. Possibly get you fired? Yes. Can he send the data to the IRS and potentially bring on an audit? Yes.
The difference between NSA and Google is that the FBI/DEA/IRS would have a legitimate, legal right to use data from a “confidential informant” whereas they’d have 4th amendment issues with data that came via NSA. (PD may have a better legal perspective on this.)
Am I wrong about that? I’m open-minded on the question, but my sense is that privacy in 2013 is mostly a fairytale we tell ourselves so we can surf porn sites owned by Russian mobsters in peace.
Ben,
The audit tracks two types of incidents – those under the authority EO 12333 and those under the authority of FISA. The chart for EO is on page 5 and the chart for FISA is on page six. For example, looking at the first quarter of 2012 we have this:
EO 12333 incidents: 670 (491 or 73% were roamers)
FISA incidents: 195 (95 or 48% were roamers)
Total incident: 865 (586 or 68% were roamers)
The total for the whole year were also 68% roamers.
Dave,
They seem to be able to detect, analyze and quantify incidents with a pretty good degree of fidelity – enough to determine their causes. Significant breaches are highlighted. This is when the NSA is doing 20 million of database queries every month.
How did any of the incidents in this report harm Americans? In order to harm Americans, something actionable must be done with any information wrongly collected or queried. Since the NSA is a collection and analysis agency, any actionable information would have to pass to some agency of the government with the ability to do harm which would probably be law enforcement. Yes it could conceivably happen, but I haven’t yet heard of a single case. Personally, I am more worried about other things.
Just as an example, there was this recent piece on Medium that received a lot of attention. It turned out everything in it was assumption and that the local PD came to her house based on a tip from an ex-employer. The NSA had nothing to do with it.
To me, this leaked audit shows the opposite of the narrative that’s making the rounds. This audit clearly shows the NSA is monitoring foreign communications, which is it’s mission. This audit rebuts the narrative that the NSA is engaged in a program of comprehensive domestic surveillance.
None of this is to suggest the current state of affairs is adequate – quite the contrary I still think there need to be reforms, greater transparency from the NSA, and Congressional action to clearly update legal authority for 21st century communication technology.
But not to be able to prevent them. “Monitoring” doesn’t just mean tabulating them after the fact. It means real-time detection.
I suspect the only way to prevent incidents is to eliminate the program. Are you pushing for a zero tolerance policy? I am thinking we need better Congressional oversight. We need to have Congress set clear, and agreed upon, limits. My sense is that they have just been outsourcing this to NSA and the exec branch. If we are going to have any monitoring at all, which I think we should, there will always be some risk of abuse. Let’s set that risk at some level we can live with, then avoid shrieking like little girls when something bad happens.
Steve
How is better Congressional oversight possible in the face of an executive branch that routinely lies to Congress or stonewalls? Congress’s only options under the circumstances are defunding or impeachment and neither is likely under the present distribution of power and with present incentives.
What I want is recourse. There should be maximum transparency and legal consequences for misuse of information. What we have now is minimum transparency and no consequences for breaking the law.
Dave, I encourage you to actually read the audit. The NSA does 20 million queries a month in which case these incidents constitute something like 0.0005% of the total.
I think zero tolerance is not a realistic goal especially, as the audit makes clear, most of the incidents cannot be prevented because the NSA cannot track the movement of foreign targets in real time. From the audit:
I think you need to consider what building a real-time capability would require in terms of additional surveillance – the NSA would have to collect location data from the targets through real-time monitoring US communications networks. This is something the metadata program doesn’t do.
Well, Congress can change the law. They can change or repeal the FISA amendments made over the last decade. They can create any kind of oversight mechanism they want – a separate agency, a plussed-up IG, a more open FISA court.
Well, I agree about more transparency. Recourse is fine as long as there is a distinction made between mistakes and willful misconduct.
Does it make a difference to you if you lost your life, your freedom, your marriage, your job, or your money due to a mistake or due to willful misconduct? I don’t think so. It shouldn’t make any difference in whether there’s accountability but how much.
The limit of my point is that politicians and bureaucrats presently have incentives to overreact. There needs to be some balance in the incentives.
I agree
What is your evidence for this? Working in the federal bureaucracy I see the opposite everyday. CYA is the norm. And, politicians? More CYA. With the latter, the problem is that CYA currently means “make sure I can’t get blamed for any terrorist attacks.”