Tag: information gathering

Speech, Privacy, and Government Infiltration

Yesterday, I mentioned a recent report from the Justice Department’s Office of the Inspector General on some potentially improper instances of FBI monitoring of domestic anti-war groups. It occurs to me that it also provides a useful data point that’s relevant to last week’s post about the pitfalls of thinking about the proper limits of government information gathering exclusively in terms of “privacy.”

As the report details, an agent in the FBI’s Pittsburgh office sent a confidential source to report on organizing meetings for anti-war marches held by the anarchist Pittsburgh Organizing Group (POG). The agent admitted to OIG that his motive was a general desire to cultivate an informant rather than any particular factually grounded investigative purpose. Unsurprisingly, reports generated by the source contained “no information remotely relevant to actual or potential criminal activity,” and at least one report was “limited to identifying information about the participants in a political discussion together with characterizations of the contents of the speech of the participants.” The agent dutifully recorded that at one such gathering “Meeting and discussion was primarily anti anything supported by the main stream [sic] American.”

Now, in fact, the OIG suggests that the retention in FBI records of personally identifiable information about citizens’ political speech, unrelated to any legitimate investigation into suspected violations of federal law, may well have violated the Privacy Act. But if we wanted to pick semantic nits, we could surely make the argument that this is not really an invasion of “privacy” as traditionally conceived—and certainly not as conceived by our courts. The gatherings don’t appear to have been very large—the source was able to get the names and ages of all present—but they were, in principle, announced on the Web and open to the public.

Fortunately, the top lawyer at the Pittsburgh office appears to have been duly appalled when he discovered what had been done, and made sure the agents in the office got a refresher training on the proper and improper uses of informants. But as a thought experiment, suppose this sort of thing were routine. Suppose that any “public” political meeting, at least for political views regarded as out of the mainstream, stood a good chance of being attended by a clandestine government informant, who would record the names of the participants and what each of them said, to be filed away in a database indefinitely.  Would you think twice before attending? If so, it suggests that the limits on state surveillance of the population appropriate to a free and democratic society are not exhausted by those aimed at protecting “privacy” in the familiar sense.

How Much Government Snooping? Google It Up!

The secrecy surrounding government surveillance is a constant source of frustration to privacy activists and scholars: It’s hard to have a serious discussion about policy when it’s like pulling teeth to get the most elementary statistics about the scope of state information gathering, let alone any more detailed information. Even when reporting is statutorily required, government agencies tend to drag their heels making statistics available to Congress – and it can take even longer to make the information more widely accessible. Phone and Internet companies, even when they join the fight against excessive demands for information, are typically just as reluctant to talk publicly about just how much of their customers’ information they’re required to disclose. That’s why I’m so pleased at the news that Google has launched their Government Requests transparency tool.  It shows a global map on which users can see how many governmental demands for user information or content removal have been made to Google’s ever-growing empire of sites – now including Blogger, YouTube, and Gmail – starting with the last six months.

So far, the information up there is both somewhat limited and lacking context.  For instance, it might seem odd that Brazil tops the list of governmental information hounds until you bear in mind that Google’s Orkut social network, while little-used by Americans, is the Brazilian equivalent of Facebook.

There are also huge gaps in the data: The United States comes in second with 3,580 requests from law enforcement at all levels, but that doesn’t include intelligence requests, so National Security Letters (tens of thousands of which are issued every year) and FISA warrants or “metadata” orders (which dwarf ordinary federal wiretaps in number) aren’t part of the tally. And since China considers all such government information requests to be state secrets – whether for criminal or intelligence investigations – no data from the People’s Republic is included.

Neither is there any detail about the requests they have counted – how many are demands for basic subscriber information, how many for communications metadata, and how many for actual e-mail or chat contents. The data on censorship is similarly limited: They’re counting governmental but not civil requests, such as takedown notices under the Digital Millennium Copyright Act.

For all those limits – and the company will be striving to provide some more detail, within the limits of the law – this is a great step toward bringing vital transparency to the shadowy world of government surveillance, and some nourishment to the data-starved wretches who seek to study it. We cannot have a meaningful conversation about whether censorship or invasion of privacy in the name of security have gone too far if we do not know, at a minimum, what the government is doing. So, for a bit of perspective, we know that U.S. courts reported a combined total of 1,793 (criminal, not intel) wiretaps sought by both federal and state authorities. Almost none of these (less than 1 percent) were for electronic interception.

This may sound surprising, unless you keep in mind that federal law establishes a very high standard for the “live” interception of communications over a wire, but makes it substantially easier – under some circumstances rather terrifyingly easy – to get stored communications records. So there’s very little reason for police to jump through all the hoops imposed on wiretap orders when they want to read a target’s e-mails.

If and when Google were to break down that information about requests – to show how many were “full content” as opposed to metadata requests – we would begin to have a far more accurate picture of the true scope of governmental spying. Should other major players like Yahoo and Facebook be inspired to follow Google’s admirable lead here, it would be better still.  Already, though, that one data point from a single company – showing more than twice as many data requests as the total number of phone wiretaps reported for the entire country – suggests that there is vastly more actual surveillance going on than one might infer from official wiretap numbers.