What Last Week's NSA Leaks Can Teach Us about Technology and Politics

Last week was a busy one for the National Security Agency. On Wednesday, the Guardian revealed a top secret court order that compelled Verizon to turn over metadata (which, make no mistake, is very important) about millions of its customers' phone calls to NSA. On Thursday, both the Washington Post and the Guardian revealed a slide presentation describing an NSA program called PRISM that appears to be a data-mining tool for information gathered from such companies as Google, Apple, and Microsoft under the current Foreign Intelligence Surveillance Act infrastructure. And on Friday, Edward Snowden outed himself as the source of these leaks and apparently many more that we have yet to see.

The argument still rages over whether Snowden’s documents highlight examples of egregious over-reaching by the intelligence community, or whether this is just business-as-usual in 21st-century national security. One thing is empirically true: thanks to these leaks, the national debate has focused itself upon privacy and government surveillance more tightly and more vociferously than at any other time in recent memory.

The general shape of the narrative could not be more familiar. Evidence comes to light regarding the scope of the government’s ability to surveil its citizens, there is a brief period of public outcry, and then, a year or two later, it all happens again. This scenario has been especially prevalent since 2001; to name just a few of the more recent examples: the original PATRIOT Act, the Total Information Awareness program, the Bush-era warrantless wiretapping scandal, the FISA Amendments Act of 2008 and its reauthorization in 2012, last month’s Department of Justice surveillance of the Associated Press, the FBI’s new wiretapping proposal, and, finally, the numerous other surveillance programs that almost certainly exist but have remained hidden from public notice.

The sheer repetitiveness of this story suggests a deeper and more important question: Why does it keep happening? Why does the scale of national security-related surveillance continually ratchet upwards, despite public outcry and, some security experts and senators argue, lack of actual utility?

It may be tempting to blame this situation upon feckless leadership, an uncaring public, or even a rational reaction to the dangers of the world, but the real answer is likely somewhat more subtle. I suspect that our ever-growing surveillance state is less a function of focused political will than a default result of the natural interactions between developing technology and the mechanics of our political system.

The Falling Price of Spying

Modern technology has dramatically altered the economics of surveillance. Tools such as automated license plate recognition have enabled government surveillance at a far greater scale than ever before, but perhaps the biggest change is just how deeply private companies have gotten into the data collection business. Cell phone and internet service providers routinely gather enormous amounts of information from their users, a fact that the government has not failed to notice. For example, Sprint received eight million law enforcement requests for GPS information on its subscribers between September of 2008 and October of 2009.

Politics aside, this is largely why Section 215 of the PATRIOT Act (50 U.S.C. § 1861)—the authority under which the government requested the calling information of millions of Americans— exists in the first place. Through our cell phones and ubiquitous usage of other communications technology, modern citizens constantly and voluntarily shed information to private companies. This voluntariness is, in the eyes of the law, a form of consent, a tacit recognition that this information is not private in some essential way. The government is simply trying to take advantage of this interpretation of the legal landscape.

In order to understand how all of this leads directly to our constantly-expanding surveillance state, we need to take a few steps up the ladder of abstraction. Think about a police officer tailing a suspect, and the inherent costliness of that form of surveillance. There are only so many police officers, and we can’t have them tail everyone who acts slightly suspiciously. Fundamentally expensive forms of surveillance like this incentivize minimization—with limited resources, proper allocation becomes a priority.

Over time, however, new tools have dramatically reduced the cost of surveillance. Digital storage prices have plummeted at an exponential rate, and our consumer services create new ways for us to shed information every day. Similarly, over the last decade, our ability to analyze huge amounts of data has finally begun to catch up to our capacity for collection. This is what really caused the “big data revolution”: suddenly, the very scale of the information that we collect became a tool to aid in our analysis, and minimization became actively detrimental to our understanding. Data is powerful, and it is perilous to underestimate the draw of that power.

When Technology Trumps Policy

Technology is just a tool. Cheaper cameras, the ubiquity of GPS-enabled cell phones, and clever analysis algorithms like MapReduce do not possess inherent policy imperatives. That said, sometimes the natural implications of a technology fit so well into an existing political narrative that the technological potential transforms into a foregone conclusion, effectively overriding the policy discussion. What we can do suddenly becomes what we must do.

This has happened before, most notably with the atomic bomb: innovations in physics at the time suggested a way to make the most deadly weapon the world had ever known, and our country was at war. It was natural and obvious to use the technology of the day to solve the problems of the day. And even though World War II ended over half a century ago, the presence of nuclear weaponry has shaped geopolitics ever since.

To a lesser extent, and in a completely different context, we saw something similar last week in the Supreme Court’s decision in Maryland v. King. There, the Supreme Court held that, pursuant to an arrest for a serious crime, supported by probable cause, it did not violate the Fourth Amendment to swab the suspect’s cheek and perform a particular type of DNA test for identification purposes. In fact, the Court said, it was a “legitimate booking procedure” no different from fingerprinting.

There’s a twist, though. Ever since County of Riverside v. McLaughlin, it has been well-established that police may only hold a suspect for 48 hours before he is subjected to a judicial determination of probable cause. It used to be that the polymerase chain reaction process employed in DNA tests took at least 48 hours, making it impractical to use for identification purposes on most arrestees. However, recent advances in testing have shortened that time to only a few hours, enabling states like Maryland to implement DNA testing more broadly. Put another way, even though DNA tests have existed for decades, it was only developments in the underlying science that made the question legally relevant to the booking phase of criminal investigation. Police have an interest in identifying suspects with certainty, DNA tests become one reliable way to accomplish that goal, thus police begin to employ DNA tests broadly. The broader policy questions are swallowed by the immediate benefits.

All of this brings us back to the question of surveillance. It was evident in this week’s hearing that the United States national security apparatus remains heavily focused upon counterterrorism. Terrorists are, by definition, terrifying—they are hard to target, they hide in plain sight, and the more conventional tools available are (at least according to General Alexander’s testimony) woefully inadequate to protect our interests. The types of mass surveillance described in last week’s leaks are necessary, so the argument goes. The availability of the technology, coupled with its apparently applicability to the “problem of terrorism,” demands a certain policy result.

If we give General Alexander the benefit of the doubt and assume that mass surveillance is indeed a tool capable of protecting Americans from terrorist attack, it remains unclear that it is the only tool capable of accomplishing this goal, or even if it’s the most efficient one (Senators Wyden and Udall seem to believe that this may not be the case). My concern is that because we already possess the tools to enable mass surveillance, we seem to have entirely bypassed the policy debate over whether or not mass surveillance is the best solution for our problems.

What We Can Do About It

When it comes to surveillance, the first thing we need to understand is that the train switched tracks a long time ago. Computer scientist and chief technologist at the FTC Ed Felten predicted much of the current state of affairs in 2006, and security expert Bruce Schneier has been making similar points for over a decade. The technology that enables our current capabilities is only going to get more powerful and more entrenched. Unfortunately, this almost certainly means that our only chance to modulate the scope of mass surveillance lies in a substantive, far-reaching shift in policy. Accomplishing such a thing would require a tremendous, concerted expenditure of political will the likes of which has become all too rare in Washington.

That said, if we take the lessons of the last week to heart, we might be able to do better the next time a new, ethically uncertain technology promises to solve a difficult political problem. The philosopher Max Weber famously called politics the “strong and slow boring of hard boards.” The same can be said about technical advancement. While innovation happens constantly, it is rare that it appears out of nowhere. Science takes time, and often its arc is at least partially predictable. The proper time to discuss the implications of a given technology is sometime after it becomes a practical reality, but before it has been widely adopted and employed. There is room for exigency, of course, but if the debate over the use of torture taught us anything, it’s that “ticking time bomb” scenarios are comparatively few and far between.

Perhaps the answer lies in incorporating more science- and engineering-minded individuals into the policy-making process, ensuring that our laws don’t just govern the world as it is, but as it soon will be. Perhaps we need to institute some sort of brutally rational process of economic analysis in our counterterrorism endeavors. Perhaps we need to better learn how to refuse to be terrorized.

There is no singular answer to the questions I’ve raised in this essay, and the modern world is a complicated and often scary place. But we owe it to ourselves and to future generations to face the challenges before us with all the information, intellect, and integrity that we can muster.

Add new comment