Cyber‐​Surveillance in the Wake of 9/11


Among the many nagging questions that we will be askingourselves in the wake of the September 11 terrorist attack is whatadditional steps could have been taken on the cyber-security frontto prevent this tragedy from occurring. Could government'sincreased use of cyber-surveillance technologies have helped?

"Cyber-snooping" has been the subject of heated debate in recentyears between the law enforcement community and many privacyadvocates who seek to secure their right of free speech and toguard against "unreasonable searches" that new technologies canmake easier. The fears of both sides are well-founded.

Technologies exist that allow law enforcement and nationalsecurity officials to eavesdrop on voice and electroniccommunications, as well as match peoples' faces with those in adatabase as they pass by cameras. Since the potential for the "eyein the sky" exists, the challenge is to assure that citizens enjoythe same protection from unwarranted surveillance in the digitalage that they've been accustomed to since the Bill of Rights waspassed.

It's important to note with respect to the coordinated terroristattack that this was not an Internet crime per se. It could havetaken place without coordination across the Internet. Informationcoordination is just one aspect of a complex cascade of "what ifs"that encompass flimsy doors, cosmetic security checks,flight-school background checks, the fact that terrorists lived andworked among us for years, foreign policy itself, and endless othersecond-guessing.

The law enforcement community wants to ensure it has all thetools at its disposal to do its job: to protect the individualrights of American citizens in a world that is often hostile tothat objective.

But here's the dilemma. Part of that arsenal, they argue, mustbe not just traditional telephone wire-tapping systems, but newdigital wire-tapping and e-mail tracing systems, and even wirelesseavesdropping technologies and "key stroke logging." Such a toolallows law enforcement to install a hidden device in a suspect'scomputer keyboard to record and monitor the words and sentences hetypes. Other technologies likely exist that the public isn't awareof. The law enforcement community argues they need to be able toliberally use these technologies domestically and abroad to makecredible threat assessments before the bad guys can strike.

On the other hand, privacy advocates and many civil libertariansargue that these cyber-surveillance efforts can go too far andthreaten the liberties of innocent parties. Why should lawenforcement be given open-ended authority to engage incyber-snooping, especially of its own citizenry? Are we forgettingabout the Fourth Amendment's stipulation that, "The right of thepeople to be secure in their persons, houses, papers, and effects,against unreasonable search and seizures, shall not beviolated…"?

The truth is somewhere in-between and turns on the phrase"open-ended." The authority of law enforcement to use surveillancetechnologies must not be open-ended. Balancing privacy and securityhas always been tricky and rife with controversy. How much libertyare we willing to give up to guarantee the safety of our cities andhomes? No one would feel comfortable knowing the FBI and CIA hadcarte blanche authority to listen in to telephone conversations ore-mail communications in an attempt to unearth parties discussingor planning hostile activities.

In addition to the insult to privacy and the ability tocomfortably speak one's mind, driftnet-style surveillance couldlead to innumerable misunderstandings and errors. An endless amountof voice or electronic chatter involves casual talk that might beconstrued to be dangerous. Teenagers often use euphemisms or slanglike, "It's the bomb" to describe a favorite song or artist. Andduring fits of anger, many adults are prone to utter-or type in anemail-"I'm going to kill him," though they don't mean it.

Part of the answer is to ensure that government can't comb ourcommunications in a blanket manner anytime it gets the urge. Thedelicate balancing act between the equally important values ofliberty and security will require a renewed focus on whatconstitutes an "unreasonable search and seizure" in the world ofseamless communications. As Cato's constitutional scholar RogerPilon has stated, technology does not render a search a non-search.Governments must acquire clearances equivalent to those that theymust secure in the non-digital world.

In that sense, nothing has changed (or should change) incyberspace. "Probable cause" in terms of issuing warrants still hasmeaning. We must debate how broadly or narrowly search warrantsshould be tailored when they are issued. We'll likely often deal inlegal shades of gray rather than black and white. But giveninformation that has emerged, it is clear that government wouldhave had no trouble securing the necessary clearance to executesurveillance against those implicated in the WTC/Pentagon outrage.Indeed, no one is outraged that government was doing that.

Technology always has potentially bad uses that go along withthe good. Trying to put the technological genie back in the bottleis not a constructive way to start this debate. Calls for globalprohibitions on encryption products, for example, are anon-starter, in the sense that trying to prohibit bad actors fromgetting their hands on computer hardware or software is futile intoday's global, integrated marketplace. The law enforcementcommunity should instead ensure its own access to those sametechnologies and know how to use them better. Moreover, technologyis not a silver bullet solution to our security concerns. There isno substitute for more traditional human resource informationgathering efforts. Technology can assist this effort, but it cannotreplace it.

The new debate over cyber-surveillance seems to stem from thefact that technology, while it frees us from physical constraints,does the same for those who wish to do harm. But the answer is notto sacrifice the civil liberties of citizens to safeguard citizensfrom terrorists' atrocities.