Down To Business: Beware The Conventional Wisdom About NSA 'Surveillance'
Many questions about the government program still must be answered, but let's start basing our viewpoints on the facts as we know them.
The National Security Agency is reportedly compiling data on millions of phone calls in search of patterns that would lead the agency to terrorist activity. In response to a USA Today story on this program, which the Bush administration has characterized as "narrowly designed," political opportunists, class-action ambulance chasers, privacy alarmists, and the media herd are rushing to this judgment: The feds--and the phone companies allegedly cooperating with them--are trampling our civil liberties.
Think what you will about this kind of government activity, but at least base your viewpoint on the facts as we know them rather than on the following nuggets of conventional wisdom:
The NSA is "monitoring" your phone calls and otherwise conducting illegal "surveillance." The administration already has acknowledged approving legal surveillance of communications into and out of the country, but it denies listening in to domestic calls. Whether or not you buy that claim, the activity reported in the recent USA Today story has nothing to do with eavesdropping. The real issue is whether the feds are mining the data contained in customer calling records--adapting techniques used by thousands of companies for their own fiscal ends. But this important distinction is apparently lost on certain lawyers and journalists.
Even if the government were just mining the data in private calling records, that activity alone violates the Fourth Amendment right toprivacy. In Smith v. Maryland, the Supreme Court ruled that law enforcement agencies don't need a warrant to collect such data. Justice Harry Blackmun wrote that the petitioner in that case, whose calling records were used to convict him of robbery, "in all probability entertained no actual expectation of privacy" when he made those calls. The Electronic Frontier Foundation apparently disagrees with the applicability of that ruling to the masses, as it filed a class-action lawsuit against AT&T in February claiming the carrier illegally gave the NSA access to vast amounts of communications data.
The big carriers rolled over for the feds. Here, there's still much to be learned. After conducting an internal review, BellSouth said last week that it hasn't provided "bulk customer calling records" to the NSA. Verizon said last week that the agency never asked for, nor did Verizon provide, customer records from its core wireline, wireless, and directory publishing businesses, though it's not clear from its statement whether that includes the recently acquired MCI long-distance business. AT&T said last week that it hasn't given up customer records "without legal authorization," but it doesn't deny involvement with the NSA. Qwest Communications says it has refused to fork over any records to the government without warrants or subpoenas.
Most Americans oppose the NSA data-mining program. The media are quick to cite a USA Today poll that found that 51% of respondents disapprove of the program. But the key USA Today question, which refers to a database of "billions" of phone numbers dialed by Americans, otherwise assumes that respondents are up to speed on the issue. In response to a more detailed ABC News poll question, which explicitly states that the government program doesn't entail eavesdropping, 63% say the program is an acceptable way to fight terrorism. Yet in a Newsweek poll that's similarly explicit, 53% of respondents say they disapprove of the program.
Clearly, many questions still must be answered, and it's the role of media, interest groups, and the voting public to keep the government in line. But let's at least try to make it an honest, unemotional, nonpolitical debate. The public has long viewed information technology as Big Brother incarnate, whether it's wiretaps, RFID tags, Web site monitoring software, or fraud-detection systems we fear are tracking our every move. But if we can't stomach letting our security agencies use technology--albeit responsibly--to isolate suspicious activity, then we're pretty much giving the bad guys the upper hand.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.