Friday, October 30, 2015

The Mixed Legacy of Edward Snowden


(Attribution: www.nsa.gov)

2013 was quite a year for Edward Snowden. The former National Security Agency (NSA) contractor’s leaks of classified intelligence documents, beginning in The Guardian in June of that year, shed a bright light onto the federal government’s sprawling surveillance state, and in particular, the actions of the NSA .


The world learned that NSA monitored the phone usage patterns (known as metadata) of millions of Americans,by obtaining secret court orders which allowed them to collect customer data in bulk, directly from telecom firms like Verizon. Meanwhile, under the PRISM program, the NSA gained access (again through closed court orders) to the emails, Internet searches, and other online activities of millions of Web users across the globe, including an untold number of Americans. Additionally, Snowden revealed the  interception of data transfers between storage centers of Yahoo and Google, which allowed the agency to become privy to a variety of highly sensitive information.


Snowden also exposed critical information about American intelligence operations abroad. His leaks contained details around American efforts to hack email accounts of Iranian subjects of interest, as well as missions to gain access to computers and files of suspected Al Qaeda operatives in Pakistan, Yemen and Africa. Snowden disclosed the details of close, widespread intelligence coordination between the governments of the US and Saudi Arabia, as well as efforts to learn more about Pakistan’s nuclear program, and information which indicated that nearly every phone call in the Bahamas and Afghanistan, is monitored by the NSA.


Speaking with the South China Morning Post in June 2013, Snowden announced that the NSA had engaged in hacking operations against Tsinghua University (one of mainland China’s top institutions of higher education), as well as the Hong Kong headquarters of Pacnet, a company whose fiber optic cables ensure Internet connectivity throughout Asia.


Perhaps even more controversial were the facts Snowden disseminated concerning American monitoring of allies. The world learned that the NSA had spied on computer networks of European Union offices in New York and Washington DC, and intercepted the telephone calls of Chancellor Angela Merkel of Germany. Foreign embassies in the United States were also targets of American intelligence efforts, with more than 38 missions being monitored in some form. Many of the embassies surveilled were those of friendly nations like Greece, India and Mexico.


Snowden’s actions had a significant judicial and political impact. Just under two years after Snowden’s initial exposure of information, President Obama signed a bipartisan bill which Congress drafted, to reform metadata collection by the NSA, while a federal appeals court panel in New York found that the NSA’s telephone metadata collection program was not legally authorized (although another appeals court panel, based in Washington DC, declined to reach the same conclusions). President Obama himself acknowledged Snowden’s impact, admitting that, despite his criticism of Snowden’s actions, the debate it prompted would “make us stronger.”


Snowden’s work has also impacted the public’s understanding of privacy. Polling from Pew Research Center found that 80% of those surveyed believed that Americans should be “concerned about the government’s monitoring of phone calls and Internet communications,” while more than 90% believed that consumers have lost control over how their personal information is “collected and used by companies.” At the same time, Snowden’s actions have been rather polarizing, with public opinion sharply divided around whether his disclosures, and eventual defection to Russia, were appropriate.


American technology firms have also been affected. Many foreign companies have raised concerns that due to the NSA’s data collection efforts, their information may not be safe in the hands of US-based firms like Microsoft, IBM and Google. As a result, cloud storage services, and other data management functions offered by American software companies, face significant competitive challenges. Technology consulting and research firm Forrester estimates that the US information technology business could lose as much as $180 billion in potential business, by 2016, due to such concerns.


In considering whether what Snowden did was correct, there is an important dichotomy to keep in mind. What Snowden exposed about the NSA’s actions, as directed towards Americans, was both laudable, and badly needed. However, his leaks about American surveillance activities abroad, was misguided, and somewhat blind to the realities of today’s geopolitical environment.


To understand why Snowden’s actions were, in part, an act of fealty to the Constitution, let’s examine the NSA’s metadata program.  As the Second Circuit Court of Appeals noted in it’s May 2015 ruling, which found the NSA’s collection of telephone metadata from Verizon, AT&T and other firms was not authorized by Congress (and thus illegal), a wide variety of personal information can be revealed here. By knowing with whom an individual makes and receives calls, the government can learn about that person’s relationship status, political and religious affiliations, and overall living patterns. What’s more, thanks to software advances, massive amounts of metadata can be collected and analyzed with relative ease.


Additionally, the PRISM program, which allowed the NSA to gain direct access to emails, Internet searches, and other data, from the servers of Microsoft, Google, and other technology behemoths, was a major breach of privacy. Through PRISM, the NSA gained access to emails, searches, and audio and video chats of millions of people across the globe. While the program was officially directed at foreign targets, with so-called “minimization” procedures in place to avoid spying on Americans, the data of American citizens could be “inadvertently” mined with no real consequences.What’s more, intelligence leaders will not reveal how many Americans were actually spied on during this process.


The standard required to authorize this type of surveillance was rather lax; the NSA merely had to have a “reasonable belief” that the target they were intentionally monitoring was a foreign national; if so, the door to a wider range of monitoring was open. This process could, repeated many times, touch many Americans who didn’t do anything wrong. While all of these acts were broadly authorized by the Foreign Intelligence Surveillance Court (FISC), FISC is a rather opaque body, with minimal external oversight, and a propensity for approving nearly all surveillance requests by the NSA.


All of the judges who serve on FISC are selected solely by Supreme Court Chief Justice John Roberts, and typically have the same professional background (current federal judges). In deciding whether to permit specific surveillance actions (such as the collection of telephone metadata from Verizon, or the operation of the PRISM program by the NSA), these judges only heard arguments from lawyers for the federal government. The court never has a chance to consider the views of those who advocate for the legal protections which the citizenry is entitled on. The outcomes of this review process have been remarkably favorable to the NSA’s ever-expanding surveillance operations: From 1999 to 2012, a staggering 99.7% of all FISC surveillance request were approved.


These facts, considered in whole, paint a rather troubling picture. We have the NSA collecting and analyzing a wide range of personal information on a daily basis, sweeping in untold numbers of Americans. These activities are being conducted with little in the way of real supervision from either the FISC court or Congress (in fact, there’s been much debate around whether James Clapper, the director of national intelligence, lied to Congress about the extent of the NSA’s operations). In a domestic sense, the NSA seems to be much like what Friedrich von Schrötter once said of Prussia, “not a country with an army, but an army with a country.”


Under these circumstances, Edward Snowden faced two choices. He could continue to collect his ample salary, and lived a life of relative tranquility. Or, he could uphold the oath he took while employed by the government, where he pledged to “defend the Constitution against all enemies, foreign and domestic.” Given what we know about the NSA’s actions (especially the Second Circuit Court of Appeals ruling), there is a strong argument that at least some of the NSA’s actions were not only illegal but unconstitutional. Under those circumstances, Snowden acted properly in making Americans aware of their government’s conduct. If we accept his claims, which have been at least partially corroborated, that he repeatedly voiced his concerns to officials within the NSA, prior to leaking documents, then those actions appear even more justified, as Snowden had seemingly few internal options to ensure NSA compliance with the Constitution.


The problem is, Mr. Snowden didn’t just disseminate information about metadata collection of phone calls involving Americans living in Portland, or reveal how PRISM could lead to the NSA’s monitoring of the emails of innocent residents of Toledo. Rather, he allowed the entire world to learn crucial details about how America conducts it’s foreign and national security policy, particularly in matters which have minimal direct bearing on the rights of Americans themselves.


As noted earlier, Snowden made public information about methods through which the CIA and NSA monitor and target suspected terrorists, as well as their operations to spy on foreign nuclear programs. He leaked details surrounding American hacking efforts which targeted Chinese universities, and informed the entire world that the US government listens to communications emanating from the embassies of it’s friends.


While many Americans may deplore these actions, can we truly say that the constitutional rights of Americans are actually violated through hacking into the computer or private network of a valued terrorist target in northwest Pakistan, or efforts to listen to conversations by Mexican or Indian diplomats based in Washington DC? Even the use of drone strikes abroad, despite real questions about their effectiveness, not to mention civilian casualties, only very rarely target American citizens, and thus don’t directly implicate the legal protections every American is supposed to enjoy.


So, why did Snowden chose to expose these facts? His first public interview, published by The Guardian in June 2013, sheds light on his motives. In this conversation, Snowden stated that he was “..willing to sacrifice all of that because I can't in good conscience allow the US government to destroy privacy, internet freedom and basic liberties for people around the world with this massive surveillance machine they're secretly building... I hope this will trigger among citizens around the globe about what kind of world we want to live in.Snowden argued that the NSA’s actions were ultimately an “existential threat to democracy.”


Snowden followed up on these comments in a December 2013 interview with the Washington Post, where he set forward the idea that individuals should enjoy a basic right to privacy, and freedom from surveillance, whether or not they were American: “I don’t care whether you’re the pope or Osama bin Laden....As long as there’s an individualized, articulable, probable cause for targeting these people as legitimate foreign intelligence, that’s fine. I don’t think it’s imposing a ridiculous burden by asking for probable cause.” Snowden also indicated displeasure at the NSA’s tapping of the cell phone of Angela Merkel and other leaders of friendly nations, noting that  “It’s the deception of the government that’s revealed...you just lied to the entire country, in front of Congress.”


Based on these statements, it seems clear that Snowden believes people across the globe, American or not, should be largely free from intrusive surveillance.Under this framework, the NSA’s actions, in the absence of compelling justifications (i.e. probable cause), are not permissible


In an ideal world, Snowden’s philosophy would be workable, and there would be no reason for the NSA to engage in some of the actions which we’ve seen over the past several years. Unfortunately, today’s reality is far different. In 2015 alone, Americans have been victimized by several large-scale hacker attacks, including a breach at JP Morgan which jeopardized the personal information of 83 million customers, as well as an attack on the IRS, which let criminals to access the tax returns of more than 100,000 households.


We are now faced with the specter of militant organizations engaging in cyber warfare, as seen with an attack by ISIS, which revealed the contact information of American military personnel. Russia and China have also committed major acts of online theft against the data and intellectual property of American companies.


Meanwhile ISIS controls large swaths of criteria in Iraq and Syria, and has recruited thousands of fighters from around the globe, including the United States and Europe. American citizens have participated in suicide bombings in Somalia, Iraq, and Syria, conducted critical reconnaissance for the November 2008 Mumbai terrorist attacks, and hatched serious plots to conduct suicide bombings on subways and landmarks in New York City. We haven’t even touched on the very real threat of terrorist organizations acquiring nuclear or chemical weapons.


In this precarious security environment, Snowden’s wish to extend rigorous privacy protections to every person on the planet, American or not, simply isn’t realistic. Requiring the NSA to find probable cause, in order to read the emails of possible hackers in Beijing, monitor the Whatsapp chats of suspected militants in Sana’a, or listen to phone conversations of weapons smugglers in Khartoum, would be harmful to intelligence-gathering efforts.


The NSA must be able to mount a comprehensive, proactive defense of American security. Often, that means allowing one piece of intelligence to lead to another, eventually resulting in the sorts of big breaks which prevent and punish deadly acts of violence. The search for Osama bin Laden offers a good case study of how this works. As with so many human matters, information is often imperfect, and of uncertain initial value. Requiring that the NSA be able to show “individualized, articulable probable cause” might block them from casting a watchful eye towards someone who is of seemingly questionable, but ultimately considerable importance. 

Also, given the volume of data being gathered, and the speed at which surveillance events often move, demonstrating probable cause for each act of intelligence collection, would be logistically and legally daunting, slowing the pace of time-sensitive surveillance efforts.


Let’s remember that Osama bin Laden was eventually found by tracking his courier, in part through phone calls made by the courier’s relatives in Kuwait, to various phone numbers in Pakistan. Under Snowden’s formulation, would there be sufficient probable cause to cast such a wide net on a group of people who weren’t actually terrorists themselves, but whose relative might know one? Arguably not, since that isn’t necessarily “individualized” suspicion. As a result, the bin Laden operation, and other vital anti-terrorism missions, might have never been successfully completed.


Of course, listening in on an Al Qaeda operative’s cousin in Kuwait, is probably not nearly so troubling for many Americans as monitoring the phone calls of the German chancellor, or the Greek ambassador to the US. While these actions make us understandably squeamish, it is important to consider that the interests of America and her allies don’t always fully align, and that allies spying on each other is a longstanding practice, across the globe. The relatively muted reaction of some of America's friends in Europe makes this clear.


Taken as a whole, Snowden’s view of foreign intelligence operations, and more generally, our nation’s actions abroad, appears rather naive. It does not appear to take into account the threat landscape that the nation faces, or the significant logistical challenges posed by the universal application of probable cause.


What’s more, his actions pose a real threat to American spying efforts. Both the former director of the NSA, as well as an independent research report from the Henry Jackson Society, have claimed that Snowden’s efforts harmed American intelligence-gathering and anti-terrorism efforts. Sources within the British government have also asserted that the UK was forced to scale back spying operations in Russia and China, due to Snowden’s leaks.


While these claims must be viewed with a healthy dose of skepticism, given the possible biases and of those making such claims, from an intuitive perspective, it makes some sense. It isn’t hard to understand how broadcasting America’s spying practices to the entire world, might put hostile actors or states on guard, making the collection of intelligence more difficult.


Opposition to Snowden’s leaks of foreign intelligence practices, is not an endorsement of blanket secrecy around American policies abroad. Our citizenry should be made aware of the actions which the government takes in their name, as that is the only means to ensure that our actions reflect our values, and that abuses are prevented.


Daniel Ellsberg leaked the Pentagon Papers to the New York Times in 1971, demonstrating that the Johnson administration had lied to not only the public, but also Congress, about the expansion of American involvement in Vietnam. His actions were justified, because his leaks implicated matters of military policy (the US’ secret bombing Cambodia) which were of clear concern for the many Americans whose children were fighting in Southeast Asia. When the government engages in illegal or immoral actions, as was the case with the Iran-Contra affair, the backing death squads in Latin America, or the Abu Ghraib abuse scandal, it is vital for Americans to know what’s happening.


However, listening to the phone or email conversations of foreign nationals, or their leaders, is hardly an instance of corruption, abuse, torture or murder. More than anything, these are tactics for accomplishing a broader goal (protection of American security interests). As such, the NSA and other agencies must be more accountable to Congress (which must exercise greater scrutiny), in terms of ensuring that their actions abroad are in compliance with the letter and spirit of American laws and values. Clearly, that hasn’t been the case in recent years. As a result, real reforms are needed. However, demanding complete transparency, probable cause for foreign surveillance, and revealing methods of spying abroad, is both unrealistic and ridiculous.


As the years pass, the tides of history will continue to color our assessment of what Edward Snowden did. At this time, however, there is a clear split between Snowden’s revelations around the NSA’s conduct at home, where he acted in defense of the Constitution, and what he exposed about the NSA’s conduct abroad, which was ultimately wrong.







No comments:

Post a Comment