I recently finished John Adams (a review is coming soon) and realized the striking contrast between the tyrannical oversteps by the British government and the much more substantial insults to liberty we experience today in America. Put another way—if the founding fathers were alive today, they would be fuming, furious, and revolting—and likely shocked at our complacency and willingness to “trade liberty for security”. Well, sort of. We’ve traded liberty away in exchange for security theatre; we are not measurably safer from crime than they were, and the thought that domestic and foreign terrorism could be a relatively common thing—well, that would have shocked Americans from the eighteenth and nineteenth centuries. So would our interventionalist approach to foreign policy.
Bruce Schneier published a piece today on Section 702 reauthorization, specifically regarding steps we—Americans—ought to take to roll back some of the abuses this abominable law has legalized. Most people don’t know or care what Section 702 is, so here’s the really brief run-down on what it is:
- Historically, the NSA has been tasked with foreign surveillance and spying. This is an important function of a national government. And, historically, they have not been permitted to surveil American citizens or domestic communications. There has been a clear line between domestic law enforcement agencies (such as the FBI) and foreign spy operations such as the CIA and NSA.
- The Internet has changed much of how communication works. With one global network, it is practically impossible to only collect foreign communications and not also catch some American citizens’ information.
- Section 702 authorized practices that were already being done (illegally)—specifically, collecting internet communications in bulk within the borders of the United States.
- Section 702 has to be periodically reauthorized by Congress and signed into law by the President. This was most recently done on January 18, 2018, and provides authorization through 2024.
Here’s what we know is being done (through leaks—most notably Snowden—and court filings). Given that most of this information was classified at one point, there is probably much more going on:
- The NSA is collecting internet communications in bulk from within the United States borders. This information includes ALL of your email, web browsing, and messaging traffic.
- Unencrypted internet traffic (most of it, including nearly all emails) is going straight into a massive database that can be searched.
- Encrypted internet traffic is being stored and used to attempt to crack the codes protecting it.
- This data is being used for foreign surveillance—the only good part.
- However, this data is also being shared with law enforcement. The FBI or your local police can search all of your personal communication WITHOUT a warrant. All they need (now) is a court order although even that is being ignored. They do not have to show probable cause and you do not have to be the subject of an active investigation. There are minimal protections around a very invasive search capability.
- Here’s where this gets way worse: Law enforcement is not required to disclose these sources of information. In fact, most of the time they are prohibited from doing so by their contractual agreements with the FBI and NSA. Instead, after they’ve used this surveillance information to catch a suspect, they then invent a second plausible set of evidence to explain how they got the perp. This technique is known as parallel construction, and in essence, it lets them complete an investigation, conceal it from judge, jury, and defense attorneys, and then invent a parallel investigation. This flies in the face of centuries of common law, due process, and Constitutional protections including the right of a defendant to see the evidence against them, to cross-examine witnesses, and to have a fair trial.
- These abuses have been challenged in court several times, but each time, Bush and Obama administration lawyers have argued that given the classified nature of this program, those individuals suing the government couldn’t know if they were being targeted by the surveillance or not, and thus had no standing to sue.
This is bad. Typically, the judicial system is the last protector of Constitutional rights but thus far they are being stymied by the executive branch. Meanwhile, our elected representatives are keeping these abuses authorized, probably because most Americans don’t know, don’t understand, and don’t really care about these topics.
So what does Schneier recommend as a course of action?
- Reshaping general surveillance laws to redefine what “collection” is (it ought to be clear that collection is when the traffic is picked up by the NSA, however, the NSA currently defines collection as running a database search in what they’ve already collected) and to improve protections around accidentally picking up American traffic.
- Ending the sharing of foreign surveillance data with domestic law enforcement agencies.
- Ending parallel construction, and requiring law enforcement agencies to share with a judge and defendants all sources of investigatory information.
Schneier rightly points out that much of the pressure to reform Section 702 surveillance will come from Europe. He also predicts that the US will hit a tipping point where there is a massive backlash against all kinds of surveillance. And he asserts that much of the responsibility for this surveillance falls on tech companies. These companies typically obtain massive amounts of private information, and then ship it back across the internet to their servers with minimal protection.