Aspects of the Snowden Leaks
January 7, 2014 § Leave a comment
Deioces then built these fortifications for himself, and round his own palace; and he commanded the rest of the people to fix their habitations round the fortification; and when all the buildings were completed, he, for the first time, established the following regulations: that no man should be admitted to the king’s presence, but every one should consult him by means of messengers, and that none should be permitted to see him; and, moreover, that it should be accounted indecency for any to laugh or spit before him. He established such ceremony about his own person, for this reason, that those who were his equals, and who were brought up with him, and of no meaner family, nor inferior to him in manly qualities, might not, when they saw him, grieve and conspire against him; but that he might appear to be of a different nature to them who did not see him. When he had established these regulations, and settled himself in the tyranny, he was very severe in the distribution of justice. And the parties contending were obliged to send him their case in writing; and he, having come to a decision on the cases so laid before him, sent them back again. This, then, was his plan in reference to matters of litigation; and all other things were regulated by him; so that, if he received information that any man had injured another, he would presently send for him, and punish him in proportion to his offense; and for this purpose he had spies and eaves-droppers in every part of his dominions.
— Herodotus (fifth century B.C.)
The only rule of which everybody in a totalitarian state may be sure is that the more visible government agencies are, the less power they carry, and the less is known of the existence of an institution, the more powerful it will ultimately turn out to be. According to this rule, the Soviets, recognized by a written constitution as the highest authority of the state, have less power than the Bolshevik party; the Bolshevik party, which recruits its members openly and is recognized as the ruling class, has less power than the secret police. Real power begins where secrecy begins.
— Hannah Arendt, “The Origins of Totalitarianism”
I desire what is good. Therefore, everyone who does not agree with me is a traitor.
— attributed to King George III
One reason it is difficult to approach the global surveillance disclosures and documents resulting from Edward Snowden’s security breach (see one collection here from the National Security Archive) is that the implications are multiple: questions of surveillance, secrecy, technology and national security (however ill-defined that phrase may be), but also the nature of the relation between journalist and source. Critics have predictably assailed the protagonists from several points of view, ranging from the vociferous armchair warriors, curmudgeons and disciplinarians who march in lockstep with the national security state, who would never miss an opportunity to scold a miscreant, to a relatively small number who advocate a more radical strategy of releasing the documents either in their entirety, or at least more widely and rapidly, accusing the journalists of hoarding the information for personal gain. As always, talk is cheap, but it is worth considering some thoughts. It’s impossible to evaluate the success of any strategy without first determining what the goal is, but we can be reasonably sure of two things: Snowden never wished the abolition of the National Security Agency (NSA), or some form of national security surveillance, nor does he seem to doubt the fundamental legitimacy of the U.S. government, or more broadly, the state as an institution. The motivations were clear, and stated at the Sheremetyevo airport on 12 July 2013: “The immoral cannot be made moral through the use of secret law.” Recognizing that laws are not axioms, and that a secret court is not the appropriate venue for evaluating the activities of a global surveillance apparatus which ignores national boundaries, he quoted the 1946 judgement at Nuremberg, that “individuals have international duties which transcend the national obligations of obedience imposed by the individual State”—although the provenance of the second half of the quote is mysterious, the message was that his was an act of civil disobedience.
We can presume one reason why Snowden initially came to Laura Poitras, Barton Gellman and Glenn Greenwald (after fruitless attempts to alert colleagues to his concerns) was that he deemed them trustworthy, and would treat the subject in a manner more or less conforming to his wishes. There are conflicting interests: journalists must ethically weigh their obligations to the public—that is, if they presume to have any—against their obligations to their sources, and although unlikely, it is hypothetically possible that information exists of such importance that exposing it overrides all other other considerations; such is the case in highly repressive states, where the surveillance apparatus exists not only to ostensibly protect citizens, but also to target them. One could argue that the documents should have been immediately dumped, letting the chips fall where they may regardless of the consequences, in order to provide the wider public, and those with the capability to invent privacy and countersurveillance tools, with the knowledge necessary to judge the phenomenon, as well as confront it (something I’ve addressed briefly already); if that is what Snowden had desired, however, he clearly would have done so himself, and furthermore likely done it anonymously—an improbable scenario, as he reportedly refused to “simply dump huge amounts of documents without regard to their content.” This strategy presents other problems as well. A broader question is deciding on who is uniquely qualified to determine what is in the public interest and who is not, what is dangerous to reveal, and to whom—difficult or nearly impossible to answer definitively, but the fact remains that there is a significant amount of trust involved. One version of the dilemma was stated succinctly by Barton Gellman in 2003:
No individual, and no institution, can be trusted to draw the line for us when these two interests collide. That includes the people with the classified stamps. Newspapers cannot appoint themselves as arbiters of national security. Political leaders, on the other hand, cannot be allowed to decide for us what we need to know about their performance.
Because Greenwald—and possibly other recipients of the documents—must have entered into an agreement with Snowden, in the understanding that the information would be handled and discussed more or less in the way he intended within certain guidelines, criticisms that the documents have not been released fast enough, or en masse and unredacted, should more appropriately be directed at Snowden himself. In other words, the desire to see a document dump is tantamount to wishing someone other than Snowden had leaked them; he clearly did not wish to tear the entire house down, but merely to spark a public debate in order to roll back some of the abuses, bringing certain aspects of the system under control—as did Chelsea Manning in her own way when she sent her files to Wikileaks in 2010. Furthermore, if he hypothetically had wanted to severely undermine the surveillance apparatus, it is not so obvious that an unredacted document dump would have helped accomplish that: as long as there is sufficient funding, secrecy and enforced discipline within the military and intelligence communities, the capacity and talents will likely remain to innovate and rebuild whatever was damaged, the national security state marching on, undeterred. If the past is any guide, the disclosures will prompt a reevaluation of present methods, heavier reliance on private contractors, more compartmentalization and a tightening of control to restrict access to certain classification levels, all bringing aspects of surveillance deeper underground. This may exact a price, paradoxically, on the intelligence apparatus itself, which, as it moves to adjust to these developments by countering suspicious behavior and restricting the internal flow of information, will impede its own ability to operate efficiently. Julian Assange, whose short paper [PDF] on conspiracies bears reading, explains:
The more secretive or unjust an organization is, the more leaks induce fear and paranoia in its leadership and planning coterie. This must result in minimization of efficient internal communications mechanisms (an increase in cognitive “secrecy tax”) and consequent system-wide cognitive decline resulting in decreased ability to hold onto power as the environment demands adaption.
Lest there be any confusion, Snowden declared to Gellman, and there is no reason to doubt his sincerity, that he is “not trying to bring down the NSA,” but rather “working to improve the NSA”; his goal was not “to change society,” but rather to offer it “a chance to determine if it should change itself”—quite a transformation from the person who reportedly declared in 2009 that those leaking sensitive information to the New York Times on supposed covert activities “should be shot.” In any case, these are hardly the words of a reckless subversive, regardless of whatever threats, epithets or scolding commentators may vomit onto the page—”smug, self-righteous, egotistical, disingenuous, megalomaniacal, overwrought”—in order to vilify, smear and pathologize him, a standard technique for marginalizing dissidents and other insufficiently obedient individuals who have left the flock. Conforming to tradition, such calls for the perpetrator to “face the music” are of course largely reserved for the lower echelons, a rule which must be rigorously observed by anyone who wishes to serve the halls of power in Washington, D.C., following the sacred principle, well established, that only the powerless must be held to account for their crimes—for the rest, we must simply ensure “that these mistakes are not repeated,” turning the page being “more important than punishing” those who perpetrated criminal acts “in pursuit of what they thought was right.” Regardless of the morality or the consequences of his decision, the anger directed at him from certain quarters is understandable in light of revelations that he reportedly persuaded colleagues to relinquish their login data to gain access to information, evoking images of the “insider threat” and its accompanying betrayal: the interpretation that imposes itself, then, is that Snowden had in fact decided at some point to spy on the NSA on our behalf.
The motives of public figures such as Snowden and Manning are often subject to misunderstanding. Rather than creating an imaginary persona who champions our pet issues, or a martyr to be sacrificed for our pleasure, it is preferable to approach the issues clear eyed, devoid of comforting illusions. Disappointment in the scope and pace of the spying revelations (although it would be highly dishonest to claim that much of significance has not already been disclosed) betrays a desire to project one’s own wishes onto the protagonist, attributing to him intentions which may not exist; the profound implications of Snowden’s act means that it has been subject to differing interpretations by those who would see what they wanted to see in it. Similarly, instead of imposing a ready-made personality onto her, it is wiser to let Manning define herself in her own words—both in terms of gender and her significant act of conscience: as was made clear by her October 7 letter from Fort Leavenworth, she in no way considered herself a resolute “pacifist,” but rather defined herself as a “transparency activist,” who believes “the public cannot decide what actions and policies are or are not justified if they don’t even know the most rudimentary details about them and their effects.“—appropriately echoing Assange’s claim that “[o]nly revealed injustice can be answered; for man to do anything intelligent he has to know what’s actually going on.” In both cases, the unvarnished reality in no way detracts from the enormous courage and moral clarity required to take such initiatives, sacrificing their comfort and liberty by bringing themselves under the full force and weight of what is certainly one of the most powerful institutions on the planet, particularly vindictive when it aims to set an example. Ultimately, underlying these concerns are two different conceptions of how society should function: whether a meaningful debate should take place enabling the public to consider the legitimacy of policies which affect them—thereby bringing them under some kind of democratic control—or whether decisions should rest solely in the hands of a specialized class of individuals designing policy behind closed doors.
Although it is always much easier to find fault than to offer constructive criticism, it is worth considering some of the complaints. Let us examine some claims by a writer I often find quite cogent and perceptive, whose arguments are characteristic of some of the objections voiced to the style of reporting offered by those in possession of the documents: in October 2013, Arthur Silber characterized their behavior as a “strategic retreat,” a form of damage control wherein the ruling class responds to “excesses” by offering “carefully manicured” morsels of information in order to placate the masses. This carefully orchestrated pageant only “serves the interests of the State and the ruling class.” Insomuch as statecraft involves a high degree of manipulation (often bordering on the pathological), and the degree to which there are shared interests between elements of the corporate media and state power, he is correct, in fact obviously so—these are essentially truisms. It is indeed also possible that “one segment of the ruling class wants them [NSA stories] covered, and finds such coverage to be in its interests,” as various factions of state-corporate power are not always in agreement, and conflict and rivalry occasionally ensue. Elements of the technological corporate sector have been continually forced to respond to evidence of cooperation with and penetration of their services by the NSA, as the disclosures damage their reputations and threaten prospects for profits and market share due to public suspicions that their products have been compromised and are simply not safe to use. Considering that the U.S. political structure responds almost uniquely to corporate interests, this encroachment on the power of the private sector holds the greatest promise of reform, as public concerns regarding privacy and surveillance are likely considered secondary or largely irrelevant, unless the outrage becomes impossible to ignore. It is also true that many Americans, and most of the world, have become accustomed to the numerous ways in which states have capitalized on the fear encapsulated in the events of September 11, 2001 in order to introduce various methods of coercion and control, so much so that they may have become largely unaware of them. Unconvincing, however, is the slightly conspiratorial notion that all reporting is state-sanctioned; on the contrary, there was little choice, as the decision was forced upon them by Snowden. If “elites” had wanted to reveal the extent of NSA surveillance, considering they are supposedly all-powerful, they could have easily done so without the urging of the young infrastructure analyst if it suited their purposes; all the available evidence seems to demonstrate that they were quite happy with it. Indeed, collaboration between corporate elements of the telecommunications industry and the state surveillance apparatus have figured prominently in the NSA’s history, some details of which were revealed in 1975; it was not, and is not, in their interests to be exposed. It is, however, in the interests of major press organs, now that documents have been provided which preclude any plausible deniability, to respond to them, as they cannot simply be ignored. While conspiracies do exist, and they are numerous, this vision of the state-corporate structure as an unassailable monolith with nothing beyond its reach, only permitting initiatives which work in its favor, leaves little room for individual agency and invites apathy, reinforcing elite control rather than challenging it. Determining who benefits from an initiative—cui bono?—is not equivalent to assigning guilt, and the reality is usually more complex. Moreover, arguments and strategies aren’t invalidated simply because members of Congress or reactionary, dubious individuals happen to agree with them.
The belief that the form taken by these revelations is an elite-sanctioned process—that things only happen because powerful people want them to—resembles the curious theory espoused by some, including U.S. Naval War College professor and ex-NSA counterintelligence officer John R. Schindler (who also headed a 2002-2003 interagency intelligence task force on Iraqi WMD), charmingly referred to as “OpSnowden,” that Russian intelligence (namely, the Federal Security Service, FSB) is the dark hand behind these machinations aimed at weakening U.S. power. Although not particularly worth dwelling on, assuming the validity of this narrative, two issues must be separated: whether the leaks are the result of deliberate efforts on the part of the FSB operating through Snowden, or simply a fortuitous event working to their benefit. What is important to understand is that, regardless of whether or not there is substance to any of these suspicions, two facts remain:
- No one has of yet questioned the authenticity of any of the documents
- Whether the reporting is the result of the actions of a genuinely concerned citizen, the hidden hand of elite moneyed interests, a foreign intelligence agency or the Tooth Fairy is utterly irrelevant, as they are demonstrably in the public interest
Nothing indicates that Greenwald or Snowden hold solidly anarchist convictions, and therefore it would be wrong to expect either one to act in such a manner as to directly undermine or destroy prevailing institutions, which they seem to believe can be rendered viable by some manner of legislative constraint or more effective oversight (which has been extremely limited), spurred by public outrage or otherwise. Such a struggle would be played out largely in the courtroom, where instruments such as the NSA’s mass call-tracking program and the interpretation of Executive Order 12,333 would be challenged on the basis of their Constitutionality. Moreover, it seems misleading and intellectually lazy to present a dichotomy of opposing and mutually exclusive philosophies—reform versus radicalism—in which any manner of gradual reform supposedly precludes any possibility of substantial and fundamental change. There is a point at which systems that have undergone a sufficient amount of change become, in fact, qualitatively different systems. Most repressive institutions throughout history have in fact been eroded—or abolished—progressively over time by the work of countless individuals from within or without, and not as a result of isolated blunt force trauma, which, when applied to institutions as powerful as the U.S. government will only result in swift and violent reprisals; regardless of the methods adopted, those taking that risk should be able to make that decision, and not have it dictated to them. Civil disobedience always exacts a price, but only those actively engaging in it should decide what they’re willing to pay. One can’t help but be surprised at the arrogance of those who demand that those confronting authority take greater risks than they are willing to take themselves; as Silber once so eloquently put it: “If you love martyrs so much, then you be one.”
As for the reprisals, Snowden seems to have found a solution for the moment, so that his exemplar of avoiding immediate punishment might provide a template for others to follow—and that is the point. Another advantage of this model of whistleblowing is that it allows for the possibility of other individuals releasing information from different sources under the cover of these disclosures, as if they were part of the same stream of documents. The relevant question, as always, is: what options exist? While analysis and commentary are useful in the abstract, those operating within concrete political realities are faced with situations where their choices are severely restricted—the very definition of violence, I would argue. One could argue that whatever negative fallout occurs from mass, indiscriminate disclosures is the deserved lot of those engaging in dubious behavior anyway, or ultimately the fault of whatever power initially put them in harm’s way—a curious inversion of that favorite of authoritarian mantras: if you’re doing nothing wrong you’ve got nothing to hide. Radical strategies can backfire if one is unaware of the adversary’s capabilities, and although it is tempting to metaphorically take a crowbar to institutions which seem bent on domination and control, refusal to consider the possible consequences of one’s acts, especially when they involve entities as complex as a global surveillance network which penetrates many facets of human society, merely makes one a monster, not a moral actor.
Though Herodotus’ account of Median king Deioces might not be historically reliable, assembled as it was from a mixture of legends subject to alterations or possible fabrications, it contains various elements of historical truth and illustrates some relevant principles. Of special interest is the notion of secrecy as an instrument of power: by surrounding himself with the opacity of these “fortifications” and formal ceremony establishing barriers between him and his subjects, the illusion was created of a special and unique status that would justify the right to rule over others. Precisely because most people would not tolerate being arbitrarily governed by someone of equal status and with no particular qualities or claims to authority, such qualities had to be artificially created. A similar logic is displayed by monuments such as the Ming Dynasty’s Forbidden City, whose numerous barriers, gates and strict regulations prohibited access to commoners, or various priesthoods and secret societies, who through rites of passage, exclusive meetings and associated arcana endow what might be rather ordinary proceedings with an aura of mystery. After being overthrown by Cyrus, the Median king’s practice of employing “spies and eaves-droppers”—or “watchers and listeners”—throughout his dominion would be, according to certain texts, adopted by the successor Achaemenid dynasty in the form of inspectors or supervisors, otherwise known as the “king’s eyes” and “ears,” sent to various locations to gauge the conduct of local administrators at the behest of the king. The administrative apparatus of the Achaemenid/Persian empire, which at its height around 500 BC stretched over approximately 8 million km² from present-day Iran and central Asia to the west to cover Egypt, Libya and portions of Greece, managed a sophisticated network of transportation, communications and what appears to have been an informal surveillance system in order to help successfully govern these extensive territories and subdue potential rebellions in remote areas. The society was feudal, power flowing directly from the king, and the territory divided into satrapies, or provinces, ruled by satraps, or local governors. Maintaining control over such a large, heterogeneous and multilingual empire meant enforcing Persian laws and collecting tributes, but it also meant collecting information; via Xenophon, Professor Christopher Tuplin of Liverpool University describes in his paper [PDF] on the ancient empire the regular visits of the king’s agents:
… careful reading of Xenophon suggests … although there was a single, very senior King’s Eye, the King’s practice of rewarding information from whatever source means that people behave as though he has many eyes and ears and is always looking and listening, because they have no idea who might betray any seditious utterances.
Both Manning and Snowden—and presumably the majority of those who release information from the bureaucratic and legal constraints of enforced secrecy—clearly enunciated as their motives the desire to simply widen the circle of debate from the groups of which they were a part, where the institutional requirements of authority and discipline ensured that their complaints would receive little attention, to a broader public not subject to the same constraints and thus freer to examine the issues more honestly and objectively. Because clandestinity has always been a requirement and valued perquisite of intelligence agencies—and criminal conspiracies—naturally, there is resistance to divulging secret information, which impairs the ability of such organizations to operate, as well as diminishing their power. This reluctance manifests itself in several ways, including rampant overclassification—recognized to be endemic, even by the CIA, which noted already in 1976 [PDF] the “overclassification, unnecessary classification, vagueness of the classification criteria,” how it had in some offices “become a reflex action to place Secret upon a piece of paper”—as well as deluges of Freedom of Information Act (FOIA) requests, one tool available to the public that agencies often use the usual methods to block. Rather than being a “flaw” of the classification system, however, overclassification may be to some extent an intended feature of bureaucracies which value secrecy above all else, especially when the principal adversary is reasonably deemed to be the domestic population, and not foreign powers, as is commonly believed. Daniel Ellsberg, the liberator of the Pentagon Papers, persuasively described the dynamics at work within such organizations, where loyalty is highly prized and transgressions severely punished (see: “Secrecy and National Security Whistleblowing” [PDF]), worth quoting at length:
The promise to keep “secrets of state,” once demanded and given, becomes virtually part of one’s core identity. In the national security apparatus, one’s pride and self-respect is founded in particular in the fact that one has been trusted to keep secrets in general and trusted with these particular secrets. Second, they reflect one’s confidence that one is “worthy” of this trust. Indeed, the trust (with respect to truly sensitive secrets, requiring utmost reliance on the discretion of the recipient) will have been “earned,” before being conferred, by a long history of secret- keeping, building habits that are hard to break, that form part of one’s character. […]
One could regard secret-keeping in such a group as simply a form of obedience to orders or regulations or directives from authorities. But often, I would say, it is closer to contractual behavior, keeping a promise or agreement. “Keeping one’s promises,” and keeping agreements are recognizably among the highest values we are taught to observe as children and adults. What I am exploring here is how it comes about that people in organizations in some circumstances act as if those values are actually absolute, overriding other considerations that would appear to an observer to be extremely compelling. […]
For the Mafiosi “men of honor” (interestingly, the title of William Colby’s memoir of his life in the CIA is “Honorable Men”) the agreement to keep secrets is so central that the oath of membership includes the explicit acceptance of ultimate sanctions–death or worse, including “burning in hell,” for oneself and even one’s family–if the obligation of silence to outsiders, omertà, is broken. Thus is expressed loyalty to the organization that goes above loyalty to one’s own life and even to the lives of one’s family members.
This represents an extreme, but even for gangsters that overriding physical danger doesn’t entirely eclipse the additional threat that applies as well to other groups throughout society, the fear of psycho-social punishment for “spilling secrets,” “washing dirty linen in public,” “ratting” on one’s team. It is a fear not only of expulsion and ostracism but of one’s own awareness that outsiders as well as team-mates will feel that these consequences are deserved: and fear of one’s own sympathy for such judgments, a sense that the reaction is understandable and appropriate. The “snitch” is an object of intense contempt not only from gang members but even from their adversaries, the police: an uncanny revulsion that the “informer” is painfully inclined to share about himself.
I am suggesting that in the national security bureaucracy in the executive branch (and now, regrettably, the intelligence committees of Congress as well), the secrecy “oaths” (actually, agreements, conditions of employment or access) have the same psycho-social meaning for participants as the Mafia code of omertà, with the difference that the required “silence to outside authorities” forbids truthful disclosure not to the state or police but to other branches of government and the public.
What this highlights more generally is that institutions with an overriding mission—whether they be intelligence agencies, corporations or other groups—have a way of creating their own modes of self-preservation which generate a set of written and unwritten rules. These rules dictate acceptable behavior, causing individuals either to act in ways which might otherwise conflict with their own values, or simply to modify those values in order to conform with the institutions, as fear of ostracism outweighs all other considerations. That is, institutions can generate two effects: 1) transform individuals, or 2) cause them to accept the legitimacy of what they would otherwise consider illegitimate, through the assigning of specific roles and a diffusion of responsibility, allowing them to ignore the consequences of their actions, even if they happen to be highly destructive. After all, an engineer designing a tool is not immediately concerned with how it might be used, but rather whether or not it functions… Individuals who disobey step out of these assigned roles to disrupt the normal functioning of the organization—in other words, although individual human beings may be moral actors, institutions, which pursue their own objectives, are not. Describing her meeting with NSA director General Keith Alexander, Jennifer Granick, expert on civil liberties and Cyberlaw, suggested that though the “easy answer” to explain the general’s attitude would be to characterize him as an evil man, it is “a simplistic view that masks the truth about systems of power, a truth we must understand and respect if we are to fix this surveillance nightmare we are just beginning to uncover.” This astute observation raises an important point: while it may be comforting to believe that a few overzealous individuals are responsible for perverting an otherwise legitimate process, this avoids considering the more disturbing prospect that what we are seeing are simply the normal workings of a powerful organization which will exploit any possibility to achieve its ends, regardless of who sits at its head. What also needs to be considered is the extent to which state officials can internalize certain values, convincing themselves of their benevolent intentions, whatever the record may show.
As for the divulging of secret information, despite an aggressive campaign to deter whistleblowing, the U.S. government itself “leaks like a sieve,” often from top officials themselves; Columbia Law School associate professor David E. Pozen proposes that the failure to enforce laws against leakers is a result of “key institutional actors shar[ing] overlapping interests in maintaining a permissive culture of classified information disclosures.” As a result of vagueness surrounding the regulatory scheme concerning classified information, an informal “equilibrium” has been established within what Pozen calls an “intricate ecosystem,” where national security leaking can be seen as a calibrated strategy in the effort to engineer public consent for White House policies, as well as send messages to adversaries (see: Pozen, “The Leaky Leviathan: Why the Government Condemns and Condones Unlawful Disclosures of Information”, 2013 [PDF]). It should be clear: there are good leaks, and there are bad leaks, and good leaks are but one component in a broader campaign of public relations or psychological warfare. One standard objection to projects like Wikileaks is that such initiatives are harmful to diplomacy and potentially endanger the lives of sources or U.S. nationals abroad: although it was shown that little harm came of the revelations contained in the unredacted release in 2011 of State Department cables (it is worth repeating that the trove contained nothing above Secret), the standard response followed, labeling the act “irresponsible, reckless and frankly dangerous.” Though rare, it is possible to identify positive initiatives which might be thwarted by unwanted disclosures, such as the recent diplomatic developments between the U.S. and Iran, brokered by the Gulf sultanate of Oman (which stands to benefit from a pipeline agreement with Teheran), or information which would genuinely prove dangerous to divulge, such as nuclear launch codes—the fact remains, however, that the danger presides not so much in the divulging of the codes as it does with the existence itself of the weapons, largely the result of Cold War irrationality and paranoia.
In order to evaluate the authenticity of this supposed commitment to responsible behavior, we might apply it to other events at about the same time involving U.S. foreign policy objectives—examples are not hard to find. As part of the high priority search for Osama bin Laden, the CIA, tasked with finding “new and inventive solutions” to gain access to the compound in Abbottabad, had engineered a covert intelligence gathering operation disguised as a public health service—a mock hepatitis B vaccination drive—as a ruse to obtain DNA from bin Laden, a mission for which it recruited the Pakistani Dr. Shakil Afridi. After the fatal raid, Afridi was arrested, “disappeared,” brought into Inter-Services Intelligence (ISI) custody, interrogated, and subsequently tried on various charges in a judicial process that is still ongoing. Doctors Without Borders/Médecins Sans Frontières (MSF) condemned the operation as “a grave manipulation of the medical act” undermining public trust in public health workers, thereby jeopardizing necessary public health campaigns; later, MSF would deplore the “climate of rumors and suspicion” preventing the organization from carrying out mass vaccination programs in the country; other organizations similarly warned of potential fallout, commenting that U.S. officials “imprudently burned bridges that took years for health workers to build,” warning that the CIA’s “reckless tactics could have catastrophic consequences”; the deans of twelve prominent public health schools addressed President Obama in January 2013, denouncing the precedent set by the “sham” operation, adding that the UN was forced to suspend vaccination efforts in Pakistan at a time when polio was on the verge of being eradicated; health workers have been repeatedly assassinated as the indirect effects reverberate through to the present. Or let us consider the joint U.S./Israeli covert online espionage/sabotage campaign aimed at Iran’s nuclear program (Operation OLYMPIC GAMES), better known by the Stuxnet computer virus (which was really a double program), designed to sabotage the cylinders at the Natanz nuclear enrichment facility, versions of which were apparently being developed as early as 2005: by infecting the programmable logic controllers (PLCs) commanding the enrichment centrifuge speeds, this sophisticated worm transformed abstract computer code into an actual physical weapon—in other words, the joint U.S./Israeli campaign initiated offensive cyberwarfare, but like the fabled sorcerer’s apprentice, the manner in which it would proliferate is beyond their control. The code itself spread beyond its intended target, probably as a result of human hands, to infect other networks, among which reportedly Chevron‘s IT department and a Russian nuclear plant—more ominous, though, is the prospect of inaugurating an era of state-sponsored cyberwarfare the consequences of which are largely unforeseeable and not well understood.
Although we would like to think that these types of mischief, admittedly small in number but significant, would provide an occasion for condemnation or at least calls to exercise caution from our political leaders and their servants in the press, they are likely for the most part to remain silent. This capricious behavior might seem mysterious unless we fully appreciate the politically correct definition of “harm”: that which impedes us from achieving our goals, whatever they happen to be. It logically follows from this definition, then, that these episodes are not considered “harmful,” but simply illustrate the acceptable costs of carrying out our noble mission in the world—acceptable to us, that is. Similarly, it should be understood that the prospect of bodily harm coming to collaborators or sources is of minor concern; far more important is ensuring the crucial cooperation of individuals ready to help further U.S. interests abroad, and therefore “[m]aking people think twice before providing the U.S. with information—or simply refuse ever again to help—hurts the good causes of human rights and democracy that American officials are promoting.” Whatever else happens, we can be reasonably sure that those designing policy will go to extreme lengths to maintain dominance and superiority, overriding questions of public safety, as has often been historically the case—sometimes to a surprising extent.
Attempts to remedy the present situation are confronted with several barriers. A seemingly intractable problem highlighted by the disclosures is the existence of a divide created by the sophistication of modern communications technologies. This divide manifests itself by a conflict between technical capabilities and the legal restraints intended to circumscribe them, as well as by a form of segregation between a community of specialists and the general population, the great majority of which employs communications technologies it doesn’t need to intimately understand in order to use. This in fact creates a double secrecy, the first level of which is related to national security concerns—classification levels and punishment for the revealing of secrets—and a second level, being an opacity created by the inherent complexity of the phenomenon itself, difficult to approach. Although the leaks were intended to spark a public debate, and most individuals are instinctively resistant to efforts to encroach upon their private spaces, the majority does not possess the necessary vocabulary to evaluate all the technical aspects of digital surveillance, nor the expertise to develop the tools and armor necessary to thwart it, and can only approach the phenomenon in broad, philosophical terms. Although it would seem the desire to not be spied upon should be sufficient to protect oneself from the prying eyes of intelligence agencies, criminal organizations, or other individuals, we know from experience that any existing weakness or possibility will eventually be exploited, and the possibilities limited only by the talent of those developing and using the tools: it is therefore the capacity for surveillance itself which is problematic, and not the intentions, whether they be good or bad, of those wielding this immense power.
As was recognized already in June of 2013, shortly after Snowden revealed himself as the source of the documents, there is a basic conflict between the technical capacities of the NSA and the framework of legal restraints designed to delimit them; this points to a broader problem of whether it is even possible for any judicial oversight to successfully rein in the actions of a surveillance apparatus which by its very nature must work to outstrip any constraints or challenges put upon it (a history of some aspects of judicial oversight of NSA activities can be found here). Although the failure to properly define the limits of the actions of the NSA—and the intelligence community (IC) more broadly—is partly by design and a result of inadequate oversight, it may also be an inevitable result of the intrinsic properties of both activities: legal solutions are limited by the inherent ambiguities of language (which allow for varying interpretations of legal doctrine), the lack of political will to enforce them (secret courts make this even more difficult), and the inertia of a legal establishment which is slow to adapt to—or even unaware of—new realities; the capacity for surveillance, however, rises more or less proportionally with the development of new communications technologies, and is therefore constantly in flux, only limited by the imaginations of those conceiving them. The implications of this are numerous, but it should be clear that increasing or intensifying the means and methods of communicating with others, by virtue of the information associated with such communications, simultaneously increases one’s chances of undergoing surveillance. Underscoring this point, Julian Assange once remarked that the Internet is “the greatest spying machine the world has ever seen,” an observation which is difficult to refute. This implies that for the moment the only sure remedy is of a technical nature, such as securing one’s communications through various methods of encryption or other creative means of obfuscation—thereby shifting the battlefield away from the courtroom towards a terrain where resourcefulness and ingenuity are the only certain defenses.
Although it reports to the Director of National Intelligence, it must be remembered that the NSA/Central Security Service (CSS) operates under the jurisdiction of the Department of Defense. Military dominance is built into the very fabric of the U.S. political economy: the DoD, which accounts for roughly half of Federal discretionary spending ($526.6 billion requested for FY2014, plus $79.4 billion for Overseas Contingency Operations [OCO]), is a major instrument for public subsidizing of high tech industry, which ensures that much research and development will be initially supported in light of potential military applications (before transferring it to the civilian or private sector), guaranteeing virtually unlimited funding for institutions like the NSA to pursue its goals—such as building a quantum computer as part of its $79.7 million “Penetrating Hard Targets” research program, among others. Although the NSA has in fact been publicly sponsoring quantum computing research for years through various institutions, its parallel efforts to “preserve the SIGINT [signals intelligence] potential of quantum computing” and to develop “cryptanalytic QC to attack highgrade public key encryption systems” were being closely guarded under a higher classification level. The Consolidated Cryptological Program (CCP), a joint IC program the bulk of which is operated by the NSA, was allotted $10.8 billion for FY2013, with a projected budget of at least $50,7 billion for FY2013-2017. As part of this program, GENIE, an operation allotted $652 million for FY2013, directs efforts to infiltrate and exploit foreign networks by inserting “covert implants,” or malware, into computer systems, either by covert agents, or more often remotely by what are called Tailored Access Operations (TAO), which sometimes employ elite hackers to “compromise” chosen targets; these operations range from traditional intelligence gathering to more aggressive attacks (see: IC FY2013 budget [PDF]). Over time the perception of cyberspace has undergone a gradual but inevitable shift from being a simple infrastructure for data flow to being another potential terrain for low intensity conflict—one stated ambition was to “support Computer Network Attacks as an integrated part of military operations”—a development which has been accelerated by the Obama administration, in what could be characterized as a militarization of the Internet. The range of existing techniques developed by the NSA to gain control of information is extensive and alarming, demonstrating surprising creativity, briefly outlined by security researcher Jacob Appelbaum at the 2013 Chaos Communications Congress (30c3) in Hamburg, Germany. Recognizing cyberspace as its own “operational domain” (the recognized military domains are: land, air, maritime, space, and cyberspace), U.S. Cyber Command (USCYBERCOM) was established in 2009 subordinate to U.S. Strategic Command (USSTRATCOM) to execute “defensive and offensive missions,” currently directed by NSA director General Alexander, for which a Joint Operations Center is tentatively scheduled to be occupied by 2017 at Fort Meade, Maryland. Likewise, the 2012 Defense Strategic Guidance [PDF] prescribes expanded capabilities for cyber and space-based activities, echoed in the Pentagon’s FY2014 budget request: owing to the “unique attributes” of cyberspace, forces are to collaborate with “Federal, state and local governments, private sector partners, and allies and partners abroad” to “detect, deter, and, if directed, respond to threats in cyberspace”—which of course means anywhere in the world (see: DoD FY2014 budget request overview [PDF]).
Subsequent to a memorandum from President Truman, National Security Council Intelligence Directive (NSCID) No. 9 established the NSA on December 29, 1952 as a member of the United States Communications Intelligence Board (USCIB). The stated mission of the NSA pertaining to communications intelligence (COMINT) was “to provide an effective, unified organization and control of the communications intelligence activities of the United States conducted against foreign governments, and to provide for integrated operational policies and procedures pertaining thereto,” COMINT being “all procedures and methods used in the interception of communications other than foreign press and propaganda broadcasts and the obtaining of information from such communications by other than the intended recipients”—information obtained “by other than the intended recipients,” meaning eavesdropping. Secrecy and disinformation being central components of warfare, it should be unsurprising to find the origins of the NSA within the different branches of the military establishment, engaged in signal interceptions and code breaking. Moving into the past, the numerous predecessors to the NSA and their various ad hoc bureaucratic permutations began within the Army and Navy in 1917 at the outbreak of World War I: a clandestine cryptanalytic unit run by Herbert O. Yardley, appointed by Philippines campaign veteran Ralph Van Deman—Cable and Telegraph Section (MI-8)—was established within the Military Information Section (MIS) of the War Department General Staff, while the Cryptographic (Cipher) Bureau was established within the Office of Naval Intelligence; the Cipher Bureau was soon incorporated into the Army’s MI-8 in 1918 under the newly re-established Military Intelligence Division (MID). MI-8 was abolished in 1929 when Secretary of State Henry Stimson withdrew funding for the activity; he later was known for his admonishment that “Gentlemen do not read each other’s mail.” During WWII, military COMINT was produced by the Signal Intelligence Service (SIS), later renamed the Signal Security Agency (SSA), while the Office of Strategic Services (OSS), the precursor to the postwar Central Intelligence Agency (CIA), worked mostly behind enemy lines. Since its creation in 1952, the agency had managed to remain largely obscure until revealed to the public for the first time by former senior NSA analyst Perry Fellwock (pseudonym “Winslow Peck”) in his August, 1972 interview with Ramparts magazine, in which he introduced, according to the New York Times, “hitherto suspected but obscure details of electronic eavesdropping around the globe,” including the existence of the intelligence cooperation between the so-called “Five Eyes”—the U.S., Great Britain, Canada, Australia and New Zealand—as well as the possibility that the Soviet military threat had been severely inflated, an assessment which had turned out to be largely accurate.
In tandem with its gradual militarization, efforts ensued to weaken the fabric of the Internet in order to render communications more transparent. The NSA sought “unrestricted access” to the use of cyberspace, by leading “an aggressive, multipronged effort to break widely used Internet encryption technologies,” as well as through direct collaboration with telecommunications companies, in the process inserting vulnerabilities into the Internet [PDF]. The proliferation of methods to safeguard privacy during the “crypto revolution” of the 1990s would bring the U.S. government into conflict with those developing encryption technologies which “crippled N.S.A.’s ability to listen in on the world”—when the NSA met with public opposition to its efforts, it ostensibly abandoned its project while surreptitiously pursuing the same goals. All options must be explored to tilt the playing field in one’s favor in the drive for hegemony and superiority over potential adversaries, even at the risk of undermining technologies developed to secure communications—whether it be tampering with random number generators underpinning widely used cryptographic protocols, collaborating with telecommunications giants to introduce key-escrow “back door” systems into communications devices (Clipper chip), or restricting export controls on “[c]ryptographic (including key management) systems, equipment, assemblies, modules, integrated circuits, components or software with the capability of maintaining secrecy or confidentiality of information,” which as late as 1992 were considered a form of military “munitions” subject to arms control export laws (although rules have been relaxed, certain encryption technologies are still subject to export controls). From the point of view of an institution dedicated to “information dominance,” to gaining access to all communications anywhere, the logic behind these schemes is undeniable: the privacy protection offered by robust encryption “shields the law abiding and the lawless equally,” making eavesdropping on potential adversaries more difficult. This quest for “information dominance” is part of the broader quest for the vaunted ideal of “full spectrum dominance” described in U.S. military literature—a concept recently expressed (with a bit more nuance) as “maintain[ing] a broad portfolio of military capabilities that, in the aggregate, offer versatility across the range of missions.”
As with the Cold War confrontation between superpowers, and the possession of weapons of mass destruction, the guiding logic is that the worst must be assumed of the adversary, who is surely developing his own capacities, and therefore we must reciprocate; and if such power is to exist, it might as well be in our hands, where at least it will be exercised responsibly—a dubious assumption, it goes without saying. Broadly speaking, since World War II, and the advent of nuclear weapons raising the specter of ultimate destruction, there was a shift away from open conflict between state actors, recognized to be too dangerous, to what was sometimes labeled “asymmetric conflict,” often waged in Third World theaters in the context of the Cold War. With the collapse of the Soviet Union, U.S. planners and intelligence, absent their principle state adversary, were forced to reorient themselves towards a “multiple threat” environment, exemplified by the supposed “growing technological sophistication” of the Third World (see: 1990 National Security Strategy [PDF]). These conflicts generally manifested themselves as struggles between states and non-state actors, insurgencies, terrorists and guerrillas, informal networks who by their very nature are not bound to any particular geographical territory; this meant that communications had to be susceptible to penetration anywhere around the world—including U.S.-based communications—because, in Columbia University law professor Eben Moglen’s words, military and intelligence strategists “came to regard American rights in communications privacy as the equivalent of sanctuary for guerrillas.” Like encryption, the legal restraints barring the NSA from engaging in domestic surveillance were simply an obstacle to be overcome—duly swept away when the September 11, 2001 attacks provided the impetus to turn programs inward which had been conceived with the possibility of safeguarding some of the civil liberties of U.S. persons. Though certain provisions of the Universal Declaration of Human Rights, adopted by the UN General Assembly on December 10, 1948, may appear quaint today—namely that “everyone has the right to life, liberty and security of person,” and that “no one shall be subjected to arbitrary interference with his privacy, family, home or correspondence”—we might also consider what would happen if we were to take them seriously. Moglen again:
If we are not doing anything wrong, then we have a right to do everything we can to maintain the traditional balance between us and power that is listening. We have a right to be obscure. We have a right to mumble. We have a right to speak languages they do not get. We have a right to meet when and where and how we please so as to evade the paddy rollers.
Update (Jan. 8): Daniel Ellsberg highlights the difference between an oath and a non-disclosure agreement, by way of Amy Davidson and Marcy Wheeler responding to Fred Kaplan’s January 3 temper tantrum in Slate. I suppose Kaplan was simply using the word “oath” in a general sense, to mean “agreement” here, in which case he is correct that Snowden—fortunately for us—violated that agreement.
Update II (Jan. 9): Information was leaked to the press (who ever would do such a thing?) about a recent classified Pentagon report allegedly determining that Snowden “downloaded” 1.7 million intelligence files, much of it concerning “vital operations of the U.S. Army, Navy, Marine Corps and Air Force,” according to Rep. Mike Rogers (R-Mich.), chairman of the House Intelligence Committee. That the documents contained information relevant to military operations, if true, is not surprising, as the NSA/CSS provide intelligence for and collaborate with various military intelligence services. Predictably, lawmakers claimed that these “real acts of betrayal place America’s military men and women at greater risk,” as the disclosures “have already tipped off our adversaries to the sources and methods of our defense,” actions which “aligned him with our enemy.” As always, skepticism is required of such boilerplate claims smelling of fire and brimstone, and it is not explained how the exact number of 1.7 million documents was determined, nor if the report differentiated between documents that were merely accessed as opposed to downloaded—nor whether Snowden would have indiscriminately given all of these documents to the journalists. At the same time, the Guardian reports that the draft report of a European parliamentary inquiry has come to a very different conclusion, condemning in the “strongest possible terms” the programs revealed by the disclosures, calling on U.S. and European authorities to “prohibit blanket mass surveillance activities and bulk processing of personal data” and on the U.S. to align its policies with international law, recognizing “the privacy and other rights of EU citizens.” Echoing his U.S. counterparts, conservative MEP Timothy Kirkhope claimed that “Snowden has endangered lives.”
Of interest here is the fact that, for some, proof is rarely required when claims of national security are involved—they are simply assumed to be self-evident.
Update III (Jan. 10): A new paper by Kevin S. Bankston and Ashkan Soltani has been published in the Yale Law Journal Online (YLJO) on how the increasing sophistication of location tracking technologies has lowered the barriers to surveillance [PDF]. This more systematic and thorough presentation elaborates on the more basic point I made above on the inherent conflict between technological progress and legal constraints, through the lens of 4th Amendment protections, observing that “a new surveillance technique is likely to violate an expectation of privacy when it eliminates or circumvents a preexisting structural right of privacy and disrupts the equilibrium of power between police and suspects by making it much less expensive for the government to collect information.” These observations are of course directly relevant to the present discussion. They propose a more concrete cost-based metric to measure law enforcement infringements on what they call “structural privacy rights”:
The simple idea is that structural constraints—physical and technological barriers—make certain conduct costly, sometimes impossibly costly. These costs act as non-legal regulations, essentially providing a non-legal “right” against the behaviors they prevent. Yet rapid changes in technology can quickly and unexpectedly eliminate these long relied-upon structural rights, especially when it comes to privacy. Surden’s message to policymakers, similar to Kerr’s message to the courts, is that they can recognize and adjust for diminishing structural rights against privacy invasion by adding new legal protections to replace them as they are lost—i.e., that they can impose new legal costs to compensate for the drop in actual costs.
Update IV (Jan. 12): The draft report of the European parliamentary inquiry into the “US NSA surveillance programme, surveillance bodies in various Member States and their impact on EU citizens’ fundamental rights and on transatlantic cooperation in Justice and Home Affairs” has been made available (via Glenn Greenwald) [PDF]. Observing, among other things, that an “increasing focus on security combined with developments in technology has enabled States to know more about citizens than ever before,” that “technological developments have led to increased international intelligence cooperation, also involving the exchange of personal data, and often blurring the line between intelligence and law enforcement activities,” and that “most of existing national oversight mechanisms and bodies were set up or revamped in the 1990s and have not necessarily been adapted to the rapid technological developments over the last decade,” it notably states that it is:
… doubtful that data collection of such magnitude is only guided by the fight against terrorism, as it involves the collection of all possible data of all citizens; points therefore to the possible existence of other power motives such as political and economic espionage
Additionally, it proposes a European Digital Habeas Corpus for protecting privacy governing data transfers to the U.S., as well as developing a “European strategy for IT [information technology] independence.” Also of interest is the list of people who declined to participate in the Committee on Civil Liberties, Justice and Home Affairs (LIBE Committee).
Finally, some helpful images from TeleGeography—along with the submarine cable map—will illustrate better than anything the extent to which communications are globalized and interconnected (click to enlarge):