Topic: Telecom, Internet & Information Policy

NSA Spying and a National ID Are Peas in a Pod and You Should Eat Your Peas

That’s the upshot of a column by Froma Harrop appearing in the Seattle Times.

“Arguments leveled against Real ID are being recycled to bash the National Security Agency’s surveillance program,” she writes. “They inevitably lead to the assumption that the government is up to no good.”

Well, … yes.

The argument against creating a U.S. national ID is that its cost in dollars and privacy are greater than the tiny margin of security they might provide. Over years, I’ve pointed out that spending billions of dollars to herd law-abiding Americans into a national ID system might mildly inconvenience any terrorists. It’s not worth doing.

That idea—that security measures should be cost-effective—is wisely ‘recycled’ for use with respect to the NSA’s program to gather data about every call made in the United States. Doing so doesn’t provide a margin of security worth the cost in dollars, privacy, and menace to liberty.

When the government wastes our money, privacy, and liberty on programs that don’t provide a sufficient margin of security, that is bad. That is government “up to no good.”

The states asked to implement our national ID law rejected it because, in the disorganized way our federal republic makes decisions, it was decided that REAL ID does not pass muster. (Some states and national ID advocate groups continue to press forward with it, a subject on which I’ll say more soon.)

In a similarly messy process, the organs of democracy are finding that the NSA’s programs—originally constructed and conducted in secrecy—do not pass muster either. We’re rightly pushing this plate of peas away.

Litt on Warrants for Searching American Communications: Either Misleading or Terrifying

At a hearing Wednesday, members of the Privacy & Civil Liberties Oversight Board asked intelligence official Robert Litt a crucial question: If the sweeping general warrants authorized by the FISA Amendments Act are only supposed to be used for “targeting” foreigners for surveillance, shouldn’t a judicial warrant be necessary before NSA can intentionally dig through its massive database of intercepts for Americans’ communications? Otherwise, after all, such “backdoor searches”—currently allowed under NSA guidelines—seem a dangerous loophole that enables an end-run around the rules that would require court approval to directly target an American’s communications for interception.

Litt’s answer was either extremely misleading or extremely disturbing. He told the oversight board that the number of annual queries to the intercept database was “considerably larger” than the few hundred analysts currently run against NSA’s vast archive of telephony metadata records.  That would make the “operational burden” of a warrant requirement utterly impractical, Litt asserted, and that the Foreign Intelligence Surveillance Court  “would be extremely unhappy if they were required to approve every such query.”

Now, it’s possible that Litt was talking about the total number of queries analysts run against the database of intercepted communications as they sift through it for nuggets of foreign intelligence.  No doubt that number is very large indeed. But it’s also utterly irrelevant to the question PCLOB was asking. Nobody, after all, is suggesting that a warrant be required for every query of NSA’s databases—including queries for topical keywords or “selectors” associated with known foreign intelligence targets.  The question, rather, was whether a warrant should be required for the subset of those queries involving the name or e-mail address of a particular U.S. person—the very query terms that the government would be forbidden from using as selectors to task interception without first obtaining a particularized, probable cause warrant.  If Litt was answering that question by alluding to the total number of queries, then his answer had little bearing on what the PCLOB was trying to discover, and would vastly overstate the practical burden of such a requirement—seriously misleading overseers about the feasibility of a proposed civil liberties safeguard. Litt ought to correct the record if that is what he meant.

What would be hugely more disturbing, however, is if Litt really was giving an answer pertinent to the question he was asked.  In that case, he would be representing that NSA runs “considerably more” than a few hundred annual queries for the names and e-mail addresses of specific U.S. persons, against a database of private communications gathered via general warrants—an authority justified on the premise that it is “targeted” exclusively at non-Americans located outside the United States. That would suggest that the blanket surveillance authority created by §702 of the FISA Amendments Act is precisely what civil libertarians feared: A Trojan Horse mechanism for spying on Americans using the pretext of “foreign targeting.”

In short, either added safeguards on NSA’s use of the §702 database are far more feasible than Litt led the PCLOB to believe, or the authority is being used in a way that circumvents constitutional and statutory protections for Americans’ communications on a chilling scale. Litt should clarify which it is—and then Congress should hasten to reform §702 accordingly.

…In Which Katz Is Not Cited

The Supreme Court is gradually coming to terms with the effect information technology is having on the Fourth Amendment. In 2001, the Kyllo court curtailed the use of high-tech devices for searching homes. In its early 2012 decision in United States v. Jones, a unanimous Court agreed that government agents can’t attach a GPS device to a vehicle and track it for four weeks without a warrant.

But the Court was divided as to rationale. The majority opinion in Jones found (consistent with Cato’s brief) that attaching the device to the car was at the heart of the Fourth Amendment violation. Four concurring members of the Court felt that the government’s tracking violated a “reasonable expectation of privacy.”

What is the right way to decide these cases? Fourth Amendment law is at a crossroads.

The next round of development in Fourth Amendment law may come in a pair of cases being argued in April. They ask whether government agents are entitled to search the cell phone of someone they’ve arrested merely because the phone has been properly seized. Riley v. California and Wurie v. United States have slightly different fact patterns, which should allow the fullest exposition of the issues.

Cato’s brief in Riley, filed this week, again seeks to guide the Court toward using time-tested principles in Fourth Amendment cases. Rather than vague pronouncements about privacy and people’s expectations around it, we invite the Court to apply the Fourth Amendment as a law.

It’s Time to Break up the NSA

says security guru Bruce Schneier on CNN.com.

His brief, readable piece articulates the three distinct – and conflicting – missions the NSA now has, and how they should be handled. It’s no hit piece: Schneier calls NSA’s Tailored Access Operations group “the best of the NSA and … exactly what we want it to do.”

The generals who have built NSA into a fiefdom will fight tooth and nail against true reforms like these, of course, but they’re the kind of reforms we need. The most prominent measures under discussion are mere nibbles around the edges of the problem, or worse.

Spying on Trade Lawyers

The latest NSA spying revelations involve international trade issues, in particular an Indonesian complaint brought at the WTO in response to a U.S. ban on clove cigarette.  (The trade problem was that the U.S. banned clove cigarettes, which are mostly made in Indonesia, but did not ban menthol cigarettes, a competing U.S.-made product). According to the New York Times, the Australian government monitored communications between the Indonesian government and its DC-based trade lawyers, possibly in relation to this case, and passed the information along to the NSA.  (Note that law prof Orin Kerr is skeptical about the way the story is presented in the Times.)

Let me offer the following thoughts:

1. It’s hard to imagine that any information gathered by the Australians had much impact on the WTO case. I suppose it could be a slight advantage to get an early look at your opponents’ arguments, and see how they are thinking about the issues. But I can also imagine that all this additional information would be a distraction, with too much time being spent on marginal points.  It’s worth noting that, in spite of any information U.S. government trade lawyers may or may not have received, the U.S. lost the case. Thus, like most NSA spying, any spying here was probably of limited value.

2. Regardless of its value, this kind of spying is likely to be pretty offensive to our trading partners. The WTO has detailed rules of procedure for its disputes, one of which says the parties must act in good faith (“all Members will engage in these procedures in good faith in an effort to resolve the dispute”). It’s hard to see how receiving confidential information about your opponents’ arguments, if that happened, satisfies this requirement. It will be interesting to see if this gets discussed in upcoming WTO meetings.

3. I wonder whether all of these revelations about spying will accelerate proposals being made by foreign governments to develop non-U.S.-based communications networks: “German Chancellor Angela Merkel said on Saturday she would talk to French President Francois Hollande about building up a European communication network to avoid emails and other data passing through the United States.”

Transparency and Liberty

John McGinnis has some kind words for work I oversee here at Cato in a recent blog post of his entitled: “The Internet–A Technology for Encompassing Interests and Liberty.”

As he points out, the information environment helps determine outcomes in political systems because it controls who is in a position to exercise power.

The history of liberty has been in no small measure the struggle between diffuse and encompassing interests, on the one hand, and special interests, on the other.  Through their concentrated power, special interests seek to use the state to their benefit, while diffuse interests concern the ordinary citizen or taxpayer, or in William Graham Sumner’s arresting phrase, The Forgotten Man. When the printing press was invented, the most important special interests were  primarily the rulers themselves and the aristocrats who supported them. The printing press allowed the middle class to discover and organize around their common interests to sustain a democratic system that limited the exactions of the oligarchs.

But the struggle between diffuse and special interests does not disappear with the rise of democracy. Trade associations, farmers’ associations and unions have leverage with politicians to obtain benefits that the rest of us pay for. As a successor to the printing press, however, the internet advances liberty by continuing to reduce the cost of acquiring information. Such advances help diffuse groups more than special interests.

The Internet is the new printing press, and we’re generating data here at Cato that should allow it to have its natural, salutary effects for liberty.

My favorite current example is the “Appropriate Appropriations?” page published by the Washington Examiner. It allows you to easily see what representatives have introduced bills proposing to spend taxpayer money, information that—believe it or not—was hard to come by until now.

In John McGinnis, we have a legal scholar who recognizes the potential ramifications for governance of our entry into the information age. Read his whole post and, for more in this area, his book, Accelerating Democracy: Transforming Governance Through Technology.

Dear America, I Saw You Naked

Politico has a hilarious, revolting, and insightful article, written by former Transportation Security Administration screener Jason Edward Harrington. It’s called “Dear America, I Saw You Naked.” The subhead: “And yes, we were laughing.”

Many of the images we gawked at were of overweight people, their every fold and dimple on full awful display. Piercings of every kind were visible. Women who’d had mastectomies were easy to discern—their chests showed up on our screens as dull, pixelated regions. Hernias appeared as bulging, blistery growths in the crotch area. Passengers were often caught off-guard by the X-Ray scan and so materialized on-screen in ridiculous, blurred poses—mouths agape, à la Edvard Munch. One of us in the I.O. room would occasionally identify a passenger as female, only to have the officers out on the checkpoint floor radio back that it was actually a man. All the old, crass stereotypes about race and genitalia size thrived on our secure government radio channels.

In July 2011, the D.C. Circuit Court of Appeals ordered the TSA to conduct a formal rulemaking and take comments from the public on the use of strip-search machines at airports. TSA took 20 months to propose a two-sentence regulation, which, as we pointed out to the agency, is totally defective.

The comment period closed in June last year and we have waited another seven months, at this point, for a final rule. When it comes out, it can be challenged in court under the “arbitrary and capricious” standard of the Administrative Procedure Act.

The evidence in the rulemaking docket shows that strip-search machines cost more in dollars, privacy, and dignity than they provide in security, which, as Harrington’s article again shows, is not very much: “We knew the full-body scanners didn’t work before they were even installed.”