The Interop Book Club continues with Glenn Greenwald's "No Place To Hide" and asks: Should there be limits on NSA data collection?
This week, Vermont Senator Patrick Leahy proposedlegislation to ban bulk collection of Americans’ phone records and Internet metadata. This legislation is in direct response to the revelations of former NSA contractor Edward Snowden that detailed widespread surveillance of American citizens.
I’m kicking off the second installment of the The Interop Book Club’s discussion of “No Place To Hide” with this question: Should there be limits on how much information government agencies can collect about citizens, or are we safer and more secure when surveillance has few or no boundaries?
“No Place To Hide” author Glenn Greenwald asserts that the goal of the U.S. Government, with the NSA in the lead, is “…the complete elimination of electronic privacy worldwide.”
“Far from hyperbole,” Greenwald writes, “that is the literal, explicitly stated aim of the surveillance state: to collect, store, monitor, and analyze all electronic communication by all people around the globe.”
To support his assertion, Greenwald shares documents, including what look like PowerPoint slides, that were taken by Snowden. One document is from a 2011 presentation to the Five Eyes (an intelligence-sharing alliance among the United States, Australia, Canada, Great Britian, and New Zealand).
The document describes the NSA’s “New Collection Posture” which includes goals such as knowing it all, collecting it all, and exploiting it all.
Greenwald also discusses the staggering volume of information the NSA captures. He writes “As of mid-2012, the agency was processing more than twenty billion communications events (both Internet and telephone) from around the world each day.”
He also shares a document from March of 2013 that shows that an NSA unit, Global Access Operations, collected data on more than 3 billion phone calls and e-mails that passed through U.S. telephone systems in a single month.
Then there's an order from the FISA court—a panel of judges that examine surveillance requests from government agencies—requiring Verizon to turn over all telephone metadata for calls both between the United States and other countries, and “wholly within the United States, including local telephone calls.”
Given the extent of the data collection revealed by Snowden, do you think limits are required? There are several ways to argue this question, including the legality of the programs and how effective they are.
On the legal front, the Obama administration has insisted that the NSA’s actions are legal, if perhaps discomfiting.
Meanwhile, two separate rulings by federal courts have split on the issue. In December 2013, a federal judge in the District of Columbia ruled that bulk data collection “likely violates the Constitution.”
However, in that same month a federal judge in New York asserted the legality of the NSA’s program. Both cases will proceed to appeals, and may eventually come before the Supreme Court.
Then there’s the argument of the programs’ effectiveness. President Obama addressed the NSA controversy in a speech this January, and said, in part, that the efforts of America’s intelligence agencies “…have prevented multiple attacks and saved innocent lives.”
Others argue that we need every tool available to us to fight America’s enemies, including terrorists, and thus NSA surveillance is not just legal, but also necessary.
Of course, it’s hard to argue about the effectiveness of intelligence operations because we have little information about attacks that the government claims to have thwarted.
I also wonder about the rationale for mass data collection because the more data you collect, the more noise you add to the system. More information doesn’t necessarily equal better information. Even the NSA has acknowledged this problem, according to Greenwald. He cites a document that states “Collection is outpacing our ability to ingest, process and store…”
Of course, that hasn’t stopped the agency from addressing the issue, including by building a massive new data center in Utah to store and process data.
What’s your take? Are these NSA programs legal? Are they effective? And might their effectiveness be impaired by limitations intended to protect privacy? Does privacy have to take a back seat when it comes to combatting terrorism? Or should we insist on surveillance limits to protect our civil liberties? Let me know your thoughts in the comments section.
Drew is formerly editor of Network Computing and currently director of content and community for Interop. View Full Bio
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.