* Unless you're talking to a someone suspected of a link to terrorists. And your calls are probably being recorded somewhere in Utah regardless.
^ At least not for the purpose of prosecuting you based on listening to them**
** Though they might use the information in them to justify a warrant and then gather information that they will use against you.^^
^^ And while today it's pretty certain that will be done for national security purposes, just be aware the tools being used to track, monitor and watch you are getting better all the time. The idea that someone might decide they could be useful for other purposes down the road, well, that doesn't seem entirely far-fetched. ***
*** Oh, and by the way, we can often figure out everything we need to without the content so long as we know where you've been, who you've talked to, and what you've purchased.
You're never truly alone
Reactions to disclosure over the NSA's PRISM program over the past week have mostly been indignant, especially here in Silicon Valley. Carefully worded denials have emerged from various technology companies about how they cooperate with the government only in the most minimal way and take great steps to protect users privacy. What privacy? As the narration says in the opening to CBS' Person of Interest, "You are being watched." And you have been for quite a while.
While the news that Verizon is providing phone records to the government doesn't please me as a customer, to be completely honest, I found the past week's "revelations" somewhat dull . By the 1990s, the NSA could already listen to nearly every phone call being placed on earth using a system called Echelon. It wasn't an especially well-kept secret, either, such that J.J. Abrams could make reference to it on another TV show, Alias, without getting visited by guys in dark suits.
But as the new millennium dawned, the capabilities of how deep and wide the listening net was cast were fundamentally altered by three things, only one of which -- 9/11 -- gets the lion's share of everyone's attention. The attacks that killed 3,000 Americans are the reason why we allow for all the surveillance, the TSA pat downs, the enhanced interrogation. Many have pointed out that for our trillions of dollars we might be preventing terror acts that could kill tens of thousands and all of this effort is therefore unequivocally worthwhile.
We can never know with certainty. But what we can know is that in the post-9/11 world, two other macro-trends occurred which allowed the surveillance apparatus to massively expand in ways that not even Orwell could have imagined. First, the move of a giant portion of communication to the global internet. Second, the ability to store and analyze ever more of that information.
Digital "wiretapping"
Our government might not be great at a lot of things, but its ability to create hideous acronyms should never be underestimated. Back in the Clinton years, it passed CALEA, the Communications Assistance for Law Enforcement Act. It needed CALEA because as telecommunications went digital, the old method of wiretapping a phone line -- sticking a pair of alligator clips on the terminals -- wasn't going to work anymore.
CALEA would require all telecom providers to provide a way for law enforcement to effectively "plug in" to the network when authorized to tap communications. Everyone complies. If the FBI or local law enforcement brings a court order for a wiretap, they can get the access they need through a simple interface.
But that's the visible side of law enforcement. For a long time, the NSA has operated mostly on the invisible side. The disclosures about PRISM almost certainly don't change that. In fact, the far more interesting story was told more than a year ago in Wired. Aside from a modern version of Echelon, which can use satellites to monitor nearly any radio-frequency transmission occurring nearly anywhere on the planet, the NSA has a far more elaborate program called Stellar Wind.
And what that does, according to former-NSA official William Binney, is "[search] U.S. sources for target addresses, locations, countries, and phone numbers, as well as watch-listed names, keywords, and phrases in email. Any communication that arouses suspicion, especially those to or from the million or so people on agency watch lists, are automatically copied or recorded and then transmitted to the NSA." (emphasis added)
(continued on next page)
Exponential data growth
Pause for a second and grasp two key things there. (1) That's one million people who are being monitored. (2) They are being monitored by examining the content of e-mail and phone calls. Which phone calls and e-mails? Well, pretty much all of them. Yours, too. And no, this isn't "tinfoil hat" stuff. Using technology that is basically "CALEA on steroids", the NSA has jacked into to what Binney told Wired is 10-20 major data centers across the country where it essentially looks at all traffic passing through them.
And in today's world, your phone call, e-mail, text message,
Right now, most of your privacy comes through the fact that there is simply too much data to parse so really looking at it requires identifying you as a troublemaker -- picking you out as one of the million possible people looking to bring down western civilization. The NSA is building for something called yottabytes, which are so big, all the data passing through the internet in a year is less than 1% of one. Over time, though, the data center pictured above will get more and more capable, able to process more and more data in real time.
When you hear about terrorist "chatter" picking up, this is at least part of what's being discussed. The government knows something is afoot because its computer systems are looking at millions of phone calls and e-mails, discerning patterns, hearing key words of phrases. Perhaps an operation has a code word that seems innocuous, but it gets used between a handful of suspected troublemakers. The software can then analyze another set of calls over the past weeks to determine whether the plot has other members who were previously unidentified. That look backward can allow the system to better predict threats in the near future.
While much of this week's controversy has centered around Facebook and Google, it's companies like Palo Alto's Palantir that are at the center of this revolution. Their software can analyze complex data and find the relationships in it and can do so on a massive scale. And it often doesn't need all the content; simply knowing the where and when can be enough to know who you are -- and what you might be up to.
Big Brother closer to home
But the tools of the ever watchful eye don't reside solely with the NSA or FBI. Realistically, many of us put up the scaffolding upon which someone can erect an impressive edifice of surveillance. Consider this typical scenario: You carry a smartphone with you all the time, probably not protected by anything more than a 4-digit code. It has a number of apps the purpose of which you're no longer entirely sure.
One of those apps could be tracking your movement and reporting it to a server somewhere in Estonia. Another could be attempting to record your keystrokes or conversations. While malware on smartphones is nowhere near the problem it is on PCs, it's not impossible to believe that the first kind -- passive, data gathering -- is already happening. Of course, if someone really wanted to make trouble in that regard, they could hack Foursquare and have the travel data on millions of people.
But wait, you say, I'm safe, I have no such apps. Yet your phone constantly hits the numerous cellphone towers and Wifi hotspots around you, giving up your location data. A sophisticated group of hackers can follow your movements through this information today, perhaps enlisting the help of a low-level AT&T technician.
Further down the chain, your in-home monitoring cameras you use to keep an eye on Fido feed their data back to a server farm in Kentucky where a disgruntled employee has hooked up with a gang of "cyberthugs" who sell those live feeds to criminals who then commit property crimes opportunistically. Or perhaps they just tapped it into your insecure router directly and looked in that way, watching you set your alarm one night so they'd know how to disable it.
There are cameras everywhere. Most of them record absolutely awful and terribly uninteresting video. We've probably all seen a report on the local news asking for help in catching some criminal and being shown some surveillance footage that's so horribly grainy it looks like "blob in a hoodie". That's today.
2018 vs. 1984
Fast forward 5 years to a world where millions of people wear Google Glass and upload real-time video to a data center that combines them, time stamps them, sorts the various angles. Improve the average camera on the corner and imagine a reauthorized Patriot Act that "makes accessible" video feeds from public-facing cameras and sends them to that NSA Utah data center.
Think of how amazing that would have been in the case of the Boston Marathon bombings. We might have identified the culprits in minutes and avoided the death of the police officer, the shutdown of the city, etc. There will always be good ways to use the technology.
Someday, perhaps, a camera will catch a terrorist attempting to plant a bomb and allow law enforcement to intercede. There is at least some evidence that PRISM and Stellar Wind might have thwarted the New York backpack bombing plot.
The danger, though, is that the apparatus we now have in place for all counter-terrorism is the perfect tool for tyranny if it's abused. Don't take my word for it, but when you have a second, click over to Conor Freidersdorf's piece in The Atlantic titled: "All the Infrastructure a Tyrant Would Need, Courtesy of Bush and Obama." The whole thing is worth your time, but if you haven't got it, consider just this:
Of course we ought to dedicate substantial resources to preventing all the attacks that can be stopped without violating our founding documents, laws, values, or sense of proportion. For the national-security state, loosed of the Constitution's safeguards, is a far bigger threat to liberty than al-Qaeda will ever be. Vesting it with more power every year -- expanding its size, power, and functions in secret without any debate about the wisdom of the particulars -- is an invitation to horrific abuses.
Again, this isn't a jeremiad about how the war on terror has doomed us. On the contrary, despite its many excesses, we can point to nearly 12 years since 9/11 without a major attack, the decimation of Osama bin-Laden's branch of al-Qaeda and America's ability to function mostly as before as evidence of our success.
But when you begin to grasp the depth of breadth of our electronic surveillance in light of this week's revelations, one can't help but hear the Orwellian echoes. We should not let down our vigilance toward those who are bent on destroying us. But neither should we let down our vigilance toward those who will justify any actions in the name of protecting us.
Follow me on Twitter. Find the rest of my Forbes posts here.
