Occasional reflections on Life, the World, and Mathematics

Posts tagged ‘NSA’

Is it better if they spy accurately?

There’s a fascinating article in the Guardian about how Berlin has become a centre for “digital exiles”, people — mainly Americans — whose online activism has put them in the crosshairs of various security services, leading to low-level harassment, or occasionally high-level harassment, such as this frightening story

Anne Roth, a political scientist who’s now a researcher on the German NSA inquiry, tells me perhaps the most chilling story. How she and her husband and their two children – then aged two and four – were caught in a “data mesh”. How an algorithm identified her husband, an academic sociologist who specialises in issues such as gentrification, as a terrorist suspect on the basis of seven words he’d used in various academic papers.

Seven words? “Identification was one. Framework was another. Marxist-Leninist was another, but you know he’s a sociologist… ” It was enough for them to be placed under surveillance for a year. And then, at dawn, one day in 2007, armed police burst into their Berlin home and arrested him on suspicion of carrying out terrorist attacks.

But what was the evidence, I say? And Roth tells me. “It was his metadata. It was who he called. It was the fact that he was a political activist. That he used encryption techniques – this was seen as highly suspicious. That sometimes he would go out and not take his cellphone with him… ”

He was freed three weeks later after an international outcry, but the episode has left its marks. “Even in the bathroom, I’d be wondering: is there a camera in here?”

This highlights a dichotomy that I’ve never seen well formulated, that pertains to many legal questions concerning damage inflicted by publication or withholding of information: Are we worried about true information or false information? Is it more disturbing to think that governments are collecting vast amounts of private and intimate information about our lives, or that much of that information (or the inferences that also count as information) is wrong?

As long as the security services are still in their Keystone Cops phase, and haven’t really figured out how to deploy the information effectively, it’s easier to get aroused by the errors, as in the above. When they have learned to apply the information without conspicuous blunders, then the real damage will be done by the ruthless application of broadly correct knowledge of everyone’s private business, and the crushing certainty everyone has that we have no privacy.

It’s probably a theorem that there is a maximally awful level of inaccuracy. If the information is completely accurate, then at least we avoid the injustice of false accusation. If the information is all bogus, then people will ignore it. Somewhere in between people get used to trusting the information, and will act crushingly on the spurious as well as the accurate indications. What is that level? It’s actually amazing how much tolerance people have for errors in an information source before they will ignore it — cf., tabloid newspapers, astrology, economic forecasts — particularly if it’s a secret source that seems to give them some private inside knowledge.

On a somewhat related note, Chris Bertram at Crooked Timber has given concise expression to a reaction that I think many people have had to the revelations of pervasive electronic espionage by Western democratic governments against their own citizens:

 It isn’t long since the comprehensive surveillance of citizens… was emblematic of how communist states would trample on the inalienable rights of people in pursuit of state security. Today we know that our states do the same. I’m not making the argument that Western liberal democracies are “as bad” as those states were,… but I note that these kinds of violations were not seen back then as being impermissible because those states were so bad in other ways — undemocratic, dirigiste — but rather were portrayed to exemplify exactly why those regimes were unacceptable.



John Quiggin points us to this Washington Post report: By analogy with the classic military terms SIGINT (signals intelligence) and HUMINT (human intelligence), there is now the NSA-internal abbreviation LOVEINT:

The LOVEINT violations involved overseas communications, officials said, such as spying on a partner or spouse. In each instance, the employee was punished either with an administrative action or termination.

NSA released a statement saying that  “NSA has zero tolerance for willful violations of the agency’s authorities” and responds “as appropriate.” I contend that if you respond “as appropriate”, you don’t understand the concept of “zero tolerance”. “Administrative action or termination” doesn’t sound like Edward Snowden’s experience of NSA’s zero tolerance — depending on what they mean by “termination”.

But it gets better.

NSA Chief Compliance Officer John DeLong emphasized in a conference call with reporters last week that those errors were unintentional. He did say that there have been “a couple” of willful violations in the past decade. He said he didn’t have the exact figures at the moment.

So, he’s the Chief Compliance Officer of our super math spies, but he can’t keep track of numbers bigger than two.

But it gets better. “Most of the incidents, officials said, were self-reported.” Is this supposed to reassure us about the fundamental honesty of NSA employees? Here we have a secret government agency, accused of abusing its power. We are told that there have been only “a couple” of abuses, all of which were revealed by the perpetrators themselves. Might a more robust investigation — you know, maybe not third-party investigation, but at least second-party?

At least we know Snowden wasn’t the only one being granted too much trust.

Spying on the UN: The majestic equality of the law

One of the superficial arguments made against Edward Snowden is, He signed a contract, for crying out loud! He agreed not to reveal this information. And he broke the law. So, of course, he belongs in prison.

Let’s talk about some of the other people who violated the contracts they signed and broke the law. People like Barack Obama. Just to pick an example at random, we have today in Der Spiegel (odd that it hasn’t appeared yet in the English-language press, so far as I have seen):

The US clandestine service NSA has been spying not just on the European Union, but also on the United Nations Headquarters. That has been revealed by secret NSA documents that Spiegel has examined.

According to these, the NSA succeeded in the summer of 2012 in penetrating the videoconference system of the community of nations, and to break the encryption. This “dramatically improved the data received from video-teleconferences and the capacity to decrypt these data,” according to one secret NSA document. “These data transmissions deliver to us the internal video-teleconferences of the United Nations (yay!)”. Within three weeks the number of decrypted communications rose from 12 to 458.

The US is committed by treaty not to conduct clandestine operations against the UN or the national representations there. “yay!” indeed. It’s good to see that violations of international treaties are considered with an appropriate level of seriousness within the agency.

So Barack Obama — and his security agents — have violated solemn treaties, ratified by Congress, hence part of the “supreme law of the land”. So do those who break the law definitely belong in prison? What about those who have revealed information that they have pledged to keep secret? Or is there some wiggle room to consider justifications and rationales for breaking the law?


The word “crypto-fascist” is one of those old-left words whose day has past. In its old meaning — a right-wing authoritarian (fascist) who conceals his true views (crypto, presumably on the uncomfortable model of crypto-Catholics) — has no currency. I propose, then, that this evocative collection of phonemes be repurposed for current circumstances, to mean

Cryptological fascism. The creeping co-optation of democratic states by the cryptographer class; the authoritarian impulse arising from the déformation professionelle of professional cryptographers.

I think that after the Cameron government decided to retaliate against the family of journalist Glenn Greenwald, either for his insolence in daring to embarrass GCHQ, or at the behest of the US for embarrassing their real masters in the NSA, there can be no question that the “someday” when government surveillance and secrecy might undermine democracy is now. Secrets inevitably corrupt human relations,. The vast industry devoted to secrets has created a society within our society that cannot but hold the rest of us in contempt, even as they claim — and probably even believe — that everything they do is for our good.  That is crypto-fascism. The impulse hasn’t changed, but the power balance has been shifted massively by new technologies.

A recent blog post by economist John Quiggin reminded me of an important perspective that is easily missed, when we talk of “the US government” or “the UK government” as though they were unitary entities. He writes

It’s hard to see what kind of power can protect the security apparatus now that it is operating, to some extent in the harsh light of day. In the Snowden matter alone, the security state has trashed relations with Russia, China, and most of Latin America, as well as gravely embarrassing its UK and EU client agencies, and yet they are further than ever from getting their man… At some point, surely this must become a political liability too costly to carry.

Much of the seemingly insane thrashing of the UK and US security apparatus is surely directed internally as much as externally. They are making their legal case and their utilitarian case to the parliamentarians, for sure, most of it behind closed doors, but they are also making their we’re-crazy-as-fuck-don’t-mess-with-us play, much of which by its nature must happen in public. (Because the foolishness wastefulness of the public display is what makes the crazy convincing. It’s the handicap principle, with clandestine agencies in the role of stotting gazelles.)

And that’s exactly the argument that I made before, the danger that Obama — convinced of his own rectitude — cannot even acknowledge: The main danger of this universal surveillance is not the way it will be used to target private citizens, though that is terrible enough (and it has already begun, in the case of David Miranda). It is the way it will be used to wage power struggles within democratic government, using private information against political opponents. The question is not if it will happen, but only when.

PRISM and leaks

Plenty of people commenting on the revelations of secret US government acquisition of vast quantities of personal data on telephone calls and other communications (my comments here and here) suggest that this is all overblown, even paranoid. William Saletan wrote about the telephone surveillance

Chill. You can quarrel with this program, but it isn’t Orwellian. It’s limited, and it’s controlled by checks and balances.

David Simon compares it to wiretapping payphones and calls The Guardian’s reporting “the heights of self-congratulatory hyperbole”.

So here’s just one example of how far-reaching the negative impact of this sort of surveillance could be — even if it is never misused. There has been much discussion of the Obama administration’s stepped up attacks on leakers, and on the journalists who publish leaks. Imagine you are a government employee in possession of significant evidence of official crimes or corruption. You would like to turn it over to a journalist, but you also know that once you do, the government will be able to trawl through all of the journalist’s email and telephone calls — not just prospectively, but going back years into the past, and find all contacts and contacts of his contacts. They will have plenty of private and embarrassing information that they can use to pressure you or the journalist, or his boss.

Now that the leaker has revealed himself, Farhad Manjoo put the case against the NSA’s power-grab succinctly: The very fact that such an unexceptional 29-year-old was able to gain access to so much information by itself disproves their claim that “you can trust us to do the right thing with your data”. The question you need to ask yourself is not, do I trust the president with this surveillance capacity? The question is, do I trust the most frustrated (or bored) FBI agent or NSA contractor with a top security clearance with this capacity.

Tag Cloud