Oops. I'd thought there was a good probability I could get through today without having to post again about the ever more confusing NSA mess. Not a chance, as it turns out. This saga is now taking on the various aspects of a 60s-era spy spoof film, and its bizarre twists and turns are making David Lynch's 1984 production of "Dune" look clear and easily comprehensible by comparison. Here's where we stand. Word is out that the NSA leaker, "whistleblower," or whatever your preferred terminology may be, is Edward Snowden, a 29-year-old former CIA tech assistant who (until very recently) was a contract worker at NSA on behalf of various outside firms, like Dell and Booz Allen. Snowden is now reportedly holed up in a hotel room in Hong Kong, and states that he hopes to achieve asylum in Iceland. He asserts that he has done "nothing wrong." There's already a video of him floating around, declaring how he leaked NSA documents on principle because he was so concerned about where NSA was heading and how it is violating the rights of Americans. It's quite stirring. As you probably already know by now, I am acutely displeased by the situation associated with surveillance in this country, as noted yesterday in Internet Shattered: Spies, Spooks, and Disgust. Snowden is already being hailed as a "hero" in many quarters, and comparisons are being made to U.S. Army leaker (or whistleblower -- again, your choice) Bradley Manning (whose trial, coincidentally, has just gotten underway). The comparison may be apt, but not necessarily in a straightforward manner. Both of these cases seem far from black and white, and Snowden's situation brings with it some real head-scratching questions. I'm immediately struck by Snowden's current choice of Hong Kong as a place of refuge. He says the choice was based on their "spirited commitment to free speech and the right of political dissent." I'm not entirely sure that he's talking about the same Hong Kong I know, which is actually part of China, operates only with China's sufferance, and -- we can logically assume -- is saturated with Chinese Intelligence. But hell, Snowden was doing work for NSA -- maybe he has special knowledge that makes Hong Kong/China a good pick, even if it wouldn't ordinarily be on most free speech advocates' short lists. We're also told that Snowden is "lining the door of his hotel room with pillows to prevent eavesdropping," and "puts a red hood over his head and laptop to avoid cameras capturing his passwords." I'll admit to being puzzled by such actions. Neither of them are likely to negatively impact skilled eavesdroppers in any significant way, given the tradecraft available today. Maybe this is just a cover story (no pun intended) and he's actually using an array of high-tech CIA/NSA gadgetry to protect himself. As James Bond knows, it seems like "Q" is never around when you really need him. But all of this is really only the kind of material that might make for an intriguing movie trailer. The core, most important aspects of this situation, relate to the actual information that Snowden leaked (or "whistleblew"). And here matters get murky in short order. We at least seem to have enough information now to make some broad characterizations. As much as I abhor NSA obtaining telephone call metadata and the scope of government FISA user data demands to Web services, it appears at this time that most or all of this activity has not only unfortunately been legal, but could reasonably be anticipated as logical outcomes of the PATRIOT Act and other related legislative and court actions. There was those of us who tried to point out these risks at every opportunity. We were routinely shouted down, sometimes being told that it was un-American even to bring up the issues. Nothing really to be gained now by reminders that "We told you so." But back to Snowden's data. The (sadly, unsurprising) confirmation of the "Phone companies to NSA" telephone call metadata connection is certainly useful, and indeed a cause for broad condemnation, concern, and even anger about our blossoming surveillance society, as I've noted in my postings over the last few days. And word about NSA's methodologies for organizing and indexing a broad range of globally collected metadata ("Boundless Informant" -- gotta love these names) is certainly intriguing, even though very much along the lines of what we would have expected and frankly, unless one buys into associated conspiracy theories, not particularly dramatic. More confirmation that NSA is collecting a lot of data, but we already basically knew that. It's in the PRISM documents that I feel the situation becomes most problematic, because I believe strongly that these have done real damage to innocent parties and have played directly into insipid, emotional, false conspiracy theories that have become a scourge, especially in our toxic political environment. The PRISM documents have been widely touted as "proving" that NSA has "back doors" into the servers of Google, Facebook, and other firms, through which NSA could query and extract personal user data without interaction or control from these firms themselves. A truly horrendous prospect -- if it were true. The named firms quickly refuted the accusations. They insist that there are no "back doors," that all data requests (e.g., via FISA mechanisms) are individually vetted, then either approved, appealed, or taken to court when the firms felt that the requests were overly broad or otherwise inappropriate. Of course you can never prove a negative. As I noted yesterday, the conspiracy fans have now run wild, convinced that the firms are outright lying, colluding, and worse. I can't say the following strongly enough. To believe these conspiracy theories is to assume that the individuals dealing with these matters at these firms are ethically vacuous, have no backbone, or are genuinely evil. This is all simply false. I personally know a variety of persons at these firms who by any rational analysis would have to know about such "back door" systems if they existed, and who would be unwilling to suffer their presence. The kinds of engineering that would be required to implement such mechanisms would be extremely complex at the global scale of these firms. I simply do not believe that they could be designed, deployed, or maintained without so many persons finding out about them that they'd be essentially open secrets internally. And while the government can use an NSL (National Security Letter) to prevent someone from revealing the existence of something -- for example by forcing them to stand mute to a question -- you can't force someone to outright lie in the manner that would be represented by these firms' explicit denials. What's more, I strongly believe that any attempt to push through such systems would have resulted in levels of resignations immediately obvious to outsiders. The folks I know at these firms are among the most ethically responsible that I've ever encountered. I do not accept that they would quietly play along with the kinds of NSA schemes that some are alleging. Period. And even those allegations are foggy. It can be easily argued that it was actually media misinterpretations and sensationalism that led to the "back door" claims. Those same NSA documents could even more reasonably be interpreted to be discussing exactly what these firms have said was the case -- providing properly and legally vetted responses to individual FISA and similar government user data requests. No "back doors" -- no direct, uncontrolled access to user data on servers. At this stage, it's impossible to easily ameliorate the damage already done by this set of hyperbolic, false allegations that will likely now take on a life of its own. Which brings us now to a fairly obvious query. Why were the PRISM docs dumped on the media in the manner that they were, especially when their seeming vagueness plays so neatly into conspiratorial mindsets? I don't know the answer to that question. Nor will I attempt here to answer the question posed as the topic of this piece. I don't know what Edward Snowden really is. Perhaps he is indeed a hero. Or a combination hero and fool. Or perhaps something else. You'll have to make up your own mind, in the fullness of time. I do know one thing absolutely. I'll take the word of the people I know at these firms, persons I like and believe -- over the word of NSA and all the spooks, ex-spooks, and contract spooks on the planet. We are dealing with a complex situation with fragmentary information being dribbled to us by the media out of context. Eventually we'll presumably have a more complete understanding of the various facets involved. The conspiracy theorists can whine, the haters can hate -- they can all get their jollies as they will. But for me it's all about what's logical, reasonable, and most of all about the individuals I trust and care about. Be seeing you. --Lauren-- |
Posted by Lauren at June 9, 2013 04:17 PM
| Permalink
Twitter: @laurenweinstein
Google+: Lauren Weinstein