The following is the 19th in a series of excerpts from my New York Times bestseller “Stonewalled,” which recounts the government intrusions of my computers. More excerpts to follow. Links to previous excerpts are below.
History and experience lead me to be more circumspect. There are thousands of examples over the decades, but one need look no further than Fast and Furious to find government misconduct, bad actors, and false information all wrapped up in one. Or consider the 2013 IRS scandal in which the government got caught targeting nonprofit groups for political reasons after insisting it would never do such a thing.
Even if we could assume 100 percent altruistic motives on the part of the government now and forevermore, there are still serious questions to consider. Wyden is getting at the heart of them with his inquiries. I’ll illustrate them with an analogy.
What if your local police were to claim that they can prevent crime in the community if they mount twenty-four-hour surveil- lance cameras on every public street corner? You might say okay. What if they say they can prevent more crime if they monitor every resident’s emails and phone calls? That’s a little tougher. You might have some questions. How much crime would be prevented? Where’s the proof? Have the police tried less intrusive methods? What inde- pendent body will monitor for abuse? Okay, now let’s ratchet it up another notch. What if the police decide, in secret, that they can
theoretically prevent one murder a year if they mount hidden surveil- lance cameras inside every room inside every family’s private home? Shouldn’t anyone who’s innocent of breaking the law be willing to sacrifice his family’s privacy to save a human life?
(Why the pregnant pause?)
Apply the analogy to today’s ethical and privacy questions.
How many terrorist acts would have to be thwarted to justify
what level of intrusion in our privacy or on our civil liberties? The calculus is entirely theoretical since there are no accurate predictive models. Nobody can say for sure how many supposedly prevented plots would have been carried out or how many lives would have been lost but for the privacy invasion. Is bulk collection of data solely to credit in examples of foiled terrorist acts? Were less broad, less intrusive methods tried and proven ineffective before each more intrusive effort was launched? If so, are the more intrusive methods providing measurably better results? What independent controls and audits are in place to guarantee protection of private information from abuse by those with political or criminal motivations? Can the public trust the government officials who want to use the secret techniques to provide accurate and honest assessments of these questions—even when the same officials have provided false information in the past? Should the public be excluded from policy debates about these issues?
A real-world example provides additional reasons to question the merit of mass data collection.
On March 4, 2011, U.S. officials were alerted to Tamerlan Tsarnaev, the future Boston Marathon bomber. The tip didn’t come from NSA collection of metadata, the tracing of cell phone calls, or the tracking of Internet activity: it came from Russia, which sent a notice to the U.S. Embassy in Moscow requesting the FBI look into Tsarnaev, who was living in America. The FBI later said it did all it could to investigate and even interviewed Tsarnaev but found nothing suspicious. Six months
later, in September 2011, Russia sent another alert about Tsarnaev, this time to the CIA. But like the FBI, the CIA also found nothing of con- cern. Off the official radar, Tsarnaev went on to murder three people and injure an estimated 264 in the April 15, 2013, bombing attack at the Boston Marathon. He was killed in a shootout with the police. (His brother is awaiting trial.)
In the end, U.S. officials pretty much blamed the Russians in pub- lic news reports. They said the Russians should have provided more explicit detail about why they’d been so suspicious of Tsarnaev back in 2011. It’s an embarrassing admission: our best U.S. intelligence officials were handed a future terrorist but couldn’t detect the threat because, they say, Russia should have helped us more?
Is it reasonable to believe this same U.S. intelligence structure has the skill, then, to cull through hundreds of millions of phone call records for subtle leads and then connect the dots to terrorist plots? Or is the government simply expanding its own bureaucracy: building an unwieldy, expensive database ripe for misuse that will require an increasing army of manpower to maintain, store, and guard it?
Answers aren’t easy. Like a lot of people, I place great value on the intelligence community’s role in protecting the public. Many skilled and devoted agents and officers often do a tremendous job. But I believe it’s possible to give the public a role in the discussion in a way that doesn’t divulge crucial secrets to the enemy.
As a footnote to the Tsarnaev story, I can’t help but think about how the government found no cause to monitor this future terrorist at the very same time it aggressively targeted leakers as well as American journalists who had committed no crimes.
To be continued...
[hr]Read excerpt #1 here: The Computer Intrusions: Up at Night
#12: Obama’s War on Leaks
#16: URGENT dispatch