November 01, 2013
I’ve been working on a paper about NSA surveillance and the Fourth Amendment. I’ve tried to keep up with the flood of news and commentary since I started this project around two months ago. These are some links I’ve collected from the past month or so. I’m going to try to do similar posts weekly from now on.
An analysis of the government’s FISA arguments for the collection of phone records.
“Clearly, there is a moral principle at work in the actions of the leakers, whistle-blowers and hacktivists and those who support them. I would also argue that that moral principle has been clearly articulated, and it may just save us from a dystopian future.”
An NSA cryptanalyst supports the program:
As someone deep in the trenches of NSA, where I work on a daily basis with data acquired from these programs, I, too, feel compelled to raise my voice. Do I, as an American, have any concerns about whether the NSA is illegally or surreptitiously targeting or tracking the communications of other Americans?
The answer is emphatically, “No.”
NSA produces foreign intelligence for the benefit and defense of our nation. Analysts are not free to wander through all of NSA’s collected data willy-nilly, snooping into any communication they please. Rather, analysts’ activity is carefully monitored, recorded, and reviewed to ensure that every use of data serves a legitimate foreign intelligence purpose.
We’re not watching you. We’re the ones being watched.
Quoting a FISC opinion:
“To date, no holder of records who has received an Order to produce bulk telephony metadata has challenged the legality of such an Order,” Eagan wrote. “Indeed, no recipient of any Section 215 Order has challenged the legality of such an order, despite the mechanism for doing so.”
“The unauthorised abuse of the NSA’s surveillance tools only came to light after one of the women, who happened to be a US government employee, told a colleague that she suspected the man – with whom she was having a sexual relationship – was listening to her calls.”
“Since 2010, the National Security Agency has been exploiting its huge collections of data to create sophisticated graphs of some Americans’ social connections that can identify their associates, their locations at certain times, their traveling companions and other personal information, according to newly disclosed documents and interviews with officials.”
The NSA tested, but never implemented, a plan to collect CSLI.
” … there is only one example where collection of bulk data is what stopped a terrorist activity.” The offense: “A cabby from San Diego, Moalin had immigrated as a teenager from Somalia. In February, he was convicted of providing material assistance to a terrorist organization: he had transferred $8,500 to al-Shabaab in Somalia.”
But the honest faith of insiders that their bureaucratic mission is true and critical is no substitute for credible evidence. A dozen years of experience has produced many public overstatements and much hype from insiders, but nothing to support the proposition that the program works at all, much less that its marginal contribution is significant enough to justify its enormous costs in money, freedom, and destabilization of internet security. No rational cost-benefit analysis could justify such a leap of faith.
FISC Opinion, October 11, 2013, Judge Mary McLaughlin
Renewing the order from Judge Eagan on July 19. The memo (pp. 1-6) confirms the earlier definition of “relevance” under Section 215. It also reaffirms the argument that the third party doctrine applies to phone records. Jones does not apply because location data is not at issue here, there is no trespass, and the Court declined to revisit the third party doctrine. The Primary Order (pp. 7-23) compels an unknown phone company to turn over bulk metadata.
“Collection” only occurs when a human looks at the data, according to the NSA, and there are rules to prevent abuse. Schneier disagrees.
Ed Felten’s syllabus “on surveillance technologies and technical countermeasures. Readings come mostly from the computer science research literature, with some legal and policy readings to establish context.”
More readings on surveillance are in a Google Doc here.