Some Silicon Valley figures, along with some Democratic party-aligned media outlets, have tried assailing Glenn Greenwald, and indirectly, Edward Snowden, by trying to discredit certain aspects of the Guardian account of NSA surveillance in the US. Greenwald, who has an appetite for trench warfare, deigned to rebut their efforts as of last Friday. But the tech pedants’ efforts to take down Greenwald and Snowden aren’t simply petty and disingenuous, they are ultimately destructive of the interests of American technology companies and American security.
Some of the tactics used have been a bizarre combination of focusing on minutiae and straw manning. For instance, one site, Little Green Footballs, claimed that though the Guardian had said Snowden had smuggled four “confidential” laptops out, he’d in fact used a thumb drive to carry documents out of Booz. Golly gee, that means you can’t trust ANY of the rest of the story!
However, the Guardian had simply said that Snowden had four laptops with him when he first met with their reporters. The piece was silent on how exactly he extracted the data. So, using Little Green Footballs’ own logic, you should not trust one iota anything Little Green Footballs has to say on this matter, either. We similarly have the range war over the “direct access to servers” language, when anyone who read the original Guardian story would recognize that the ‘direct access’ language tracked that of a PowerPoint slide on the PRISM program, a document whose authenticity has never been denied; the story wrote up the slides. Funny how people who would have laughed at Clinton’s famed “it depends what the meaning of the word ‘is’ is” were eager to use the same stick to try to beat Greenwald.
Or as Lambert has said, “Shorter tech dudes on Greenwald: The NSA slides show the servers weren’t built my way, so the slides are wrong. Also, my boss would never lie to me.”*
This front of the PR war against Greenwald, the Guardian, and Snowden is using a tactic familiar to anyone who remembers the financial crisis: that the story is a technology story, ergo, only technologists are qualified to opine on it. But that rhetorical approach (“it’s all too complicated, you just need to believe what we tell you”) was seldom used by people who were acting in good faith to unravel what had happened. It was instead used mainly by incumbents and people who wanted to preserve their relationship with them to circle the wagons.
There was at least some underlying logic for this position during the market meltdown. It was, after all, a financial crisis. By contrast, the NSA scandal is not a technology story. It is at its heart a story about surveillance, the Constitution, and whether we really have any rule of law left in the US. Technology is only an enabler, folks, although, as we will discuss, this story does have important implications for major US technology players.
This clip from The Lives of Others (which is a wonderful and important movie) will hopefully serve as a reminder:
The modern society with the most intensive surveillance, East Germany, had the Trabant as its most noteworthy home grown product. Now the technology fans may argue that the selection above proves their point, that the Stasi used the best technology they had to bug the suspect’s apartment. But they forget that the Stasi depended first and foremost on spying, meaning the active cooperation of much of the population. And as this selection shows, the effectiveness of the installation of devices could have been sabotaged by the watchful neighbor had she not been cowed into silence.
Spying and surveillance do not depend on fancy electronic toys, but devices can be helpful. Japan in the Tokugawa era had mind-numbingly detailed sumptuary laws, which were used to maintain fine social distinctions. And they were enforced via neighbors spying on each other. This sort of intrusion was sufficiently troubling to elicit a warning from Adam Smith. He opposed having “kings and ministers…pretending to watch over the economy of private people and to restrain their expense” and advocated taxation as a less intrusive way to constrain consumption. Similarly, the use of espionage as a tool of the state considerably antedates the Industrial Revolution; for instance Francis Walsingham, a minister to Elizabeth I, had a large, organized a network of informants and snoops.
Via e-mail, Ed Harrison honed in on what is wrong with the tech company fixation:
What gets lost is that the Internet companies are largely irrelevant here. They are the equivalent of hostile witnesses for the prosecution. What is more pertinent is that the NSA had serious unfettered access at the three largest US telecom companies and have had this for years. The second thread of interest is that private companies like Booz are running large pieces of our whole intelligence operations. These are two very big problems. And I would love to see people hone in on those two areas instead of bickering over Google, Microsoft, Facebook, etc
My sense is that the Internet community is up in arms because they feel unfairly maligned and this is coming from journalists and tech people who are long known to be anti-surveillance. So it’s not just a ‘shoot the messenger’ thing. It is a sort of reptilian kind of self-protection thing that’s happening where these people, as part of an industry that prides itself on being counter-culture, feel unfairly attacked by someone they believe either has an agenda or doesn’t know what he’s talking about.
It’s actually worse than Harrison depicts. Recall how the PRISM slides depict the major telecom and technology players like Google, Microsoft, Yahoo as “partners”. That’s no misnomer. Look at the business model of Google, Facebook, Yahoo. If you think ordinary customers are all that important to them, given that most of the markets they compete in are oligopolies, I have a bridge I’d like to sell you. It also helps to follow the money.
The NSA, and the Department of Defense in general, have long been sponsors and funders of advanced technology. Need we say DarpaNet? Physicists and mathematicians, many of whom wind up in Silicon Valley or Wall Street, can still get an advanced education without going up to their eyeballs in student debt thanks in no small measure to government funding. The NSA is an important customer and validator of tech products. It was a big buyer of NeXt computers back in the 1990s when the NeXT was the most advanced workstation/network device. It is a big funder of open source software today. A Wall Street Journal article last week details how the NSA adopts and builds on Yahoo’s and Google’s technology:
NSA stumbled in a number of its data-collection and management efforts, particularly a program called Trailblazer, but it began to gain traction with another program, which became known as Real Time Regional Gateway, or RTRG, former officials said.
Initially deployed in Iraq, the program’s focus moved to Afghanistan in 2010, where it assembled and analyzed all the data over a 30-day period on transactions that intelligence officials could get their hands on: phone conversations, military events, road-traffic patterns, public opinion—even the price of potatoes, former officials said. Changes in prices of commodities at markets proved to be an indicator of potential for conflict, they said…
A computing and software revolution, launched in Silicon Valley a few years earlier, made sifting all that data easier. That was particularly true with the development of Hadoop, a piece of free software that lets users distribute big-data projects across hundreds or thousands of computers.
Named after a child’s toy elephant and developed at Yahoo Inc., the software reached commercial scale for Internet-wide tasks in 2008 and soon became a favored application for handling big-data demands…
Mr. Garrett now runs RTRG’s successor program, which was moved to the Defense Advanced Research Projects Agency and renamed Nexus 7. That effort has been using Hadoop and similar software to help manage large masses of data. One of the pieces of software, called Accumulo, was developed by the NSA using technology from Google, said a person briefed on the program.
And no less than Google’s Eric Schmidt has been touting this sort of collaboration as virtuous. His 2013 book The New Digital Age, co authored with Jared Cohen of Google’s in-house think tank, Google Ideas, stated: “What Lockheed Martin was to the 20th century, technology and cybersecurity companies will be to the 21st.”
An important Bloomberg article, U.S. Agencies Said to Swap Data With Thousands of Firms, last week cracked open the window a bit on how close these ties are. A sampling:
Some U.S. telecommunications companies willingly provide intelligence agencies with access to facilities and data offshore that would require a judge’s order if it were done in the U.S….
The extensive cooperation between commercial companies and intelligence agencies is legal and reaches deeply into many aspects of everyday life, though little of it is scrutinized by more than a small number of lawyers, company leaders and spies. Company executives are motivated by a desire to help the national defense as well as to help their own companies, said the people, who are familiar with the agreements…
In addition to private communications, information about equipment specifications and data needed for the Internet to work — much of which isn’t subject to oversight because it doesn’t involve private communications — is valuable to intelligence, U.S. law-enforcement officials and the military.
Typically, a key executive at a company and a small number of technical people cooperate with different agencies and sometimes multiple units within an agency, according to the four people who described the arrangements.
Yves here. This is why the early “I/we never heard of PRISM” denials were absurd on their face. Of course the spokescritters hadn’t heard of PRISM. Only a “need to know” group did. Back to Bloomberg:
Intel Corp. (INTC)’s McAfee unit, which makes Internet security software, regularly cooperates with the NSA, FBI and the CIA, for example, and is a valuable partner because of its broad view of malicious Internet traffic, including espionage operations by foreign powers, according to one of the four people, who is familiar with the arrangement.
Such a relationship would start with an approach to McAfee’s chief executive, who would then clear specific individuals to work with investigators or provide the requested data, the person said. The public would be surprised at how much help the government seeks, the person said…
According to information provided by Snowden, Google, owner of the world’s most popular search engine, had at that point been a Prism participant for more than a year.
Google CEO Larry Page said in a blog posting June 7 that he hadn’t heard of a program called Prism until after Snowden’s disclosures and that the Mountain View, California-based company didn’t allow the U.S. government direct access to its servers or some back-door to its data centers. He said Google provides user data to governments “only in accordance with the law.”
Notice the hiding behind the fig leaf of legality. The Wall Street Journal article on the surveillance establishment’s reliance on private sector technology included this revealing comment (emphasis ours):
As it has gathered ever more data, the government has had to develop new ways to include privacy protections by reworking legal theories
“Reworking legal theories”? In the light of John Yoo-like language-torturing statements like national intelligence director James Clapper trying to deny he’d committed perjury before Congress by trying to depict his statement as the “least untrue” he could make (um, untrue is untrue), just imagine what “reworking” amounts to. Actually, you don’t need to imagine all that much. Marcy Wheeler has done a lot of spadework on this front. For instance, a post on Saturday, PRISM: The Difference between Orders and Directives, lays out some key elements of the framework, such as it is, for the surveillance regime. Marcy highlights one element: that a considerable ambit of these programs are defined not by specific orders, but by “directives”. She quotes an Associated Press story:
Every year, the attorney general and the director of national intelligence spell out in a classified document how the government plans to gather intelligence on foreigners overseas.
By law, the certification can be broad. The government isn’t required to identify specific targets or places.
A federal judge, in a secret order, approves the plan.
With that, the government can issue “directives” to Internet companies to turn over information.
Read that twice. Every year, the Feds draw a big line around the patch of sand in which they’d like to operate. A judge rubber stamps signs off on the program. So when the various tech companies talk about the various “orders” they’ve received, this great big enabling one that lets the government make lots of binding requests is ONLY one. And if you watched the video of Alan Grayson reviewing the Verizon order that the Guardian leaked, he stressed that it had no start date, meaning that on its face, it demanded that Verizon cough all all of the customer data going back as far in time as its records allowed.
Marcy describes how, quelle surprise, when Obama came into office, he found that the NSA had been overzealous and had been accessing far more data about US citizens at home than it should have. Marcy notes:
Remember, this overcollection was self-reported by the Obama Administration at the time, not discovered by the FISA Court. Good for the Obama Administration, though we’re trusting them at their word that the overcollection was unintentional.
But lo and behold, Obama in 2009 said he’s fixed the problem but three years later the FISA court (remember, this is the FISA court that approves 99.97% of the order requests submitted to it) said it found cases where the collection overstepped the Fourth Amendment. And that took place even with deficient oversight structures and a hand-picked-to-be-complaint FISA court in place. The court doesn’t do its own monitoring; it relies on
self-scored report cards semi-annual certifications by the Department of Justice and the director of national intelligence (now our “least untrue” Clapper).
I also wouldn’t take as much comfort as some have from New York Representative Jerome Nadler’s retreat on his widely reported statement over the weekend via CNET, that Congressmen had been told in a classified briefing that the NSA could obtain the substance of a phone call based on an analyst’s decision. His spokesman walked that back on Sunday, but as NC readers pointed out, the retreat was in the formula “the Administration has reiterated that…”. And bear in mind that the CNET story also said:
Sen. Dianne Feinstein (D-Calif.), the head of the Senate Intelligence committee, separately acknowledged that the agency’s analysts have the ability to access the “content of a call.”
Similarly, the various disclosures by major tech players that are coming in the tens of thousands ranges aren’t necessarily what they seem to be. For instance, Facebook said it received, in the words of the Wall Street Journal, “9,000 to 10,000 requests from all government entities in the U.S.—local, state and federal as well as classified national security-related requests—in the second half of 2012,” supposedly on 18,000 to 19,000 individual users. But what is a request? The sweeping Verizon order published at the Guardian that kicked off this firestorm was a single request. And the New York Times reported last year that law enforcement officials were relying more on “requests” and less on actual warrants.
And please don’t try the line of argument that the technology companies are blameless, that if there was any overreach, it was the doing NSA and the FISA star chamber. What can they do besides fight some orders in secret, lose, and follow orders?
The truth is plenty. If the technology companies were really concerned, lobbying dollars would go a hell of a lot further than money spent in quixotic fights in the FISA star chamber. But where has Silicon Valley been spending its money? Let’s look at Google. It is the 8th biggest spending lobbyist in DC, outstripping defense contractor Lockheed Martin. And where does the money go? From a June 2013 story in the Atlantic:
So far the fruits of Google’s lobbying efforts have resulted in a huge win in an anti-trust case, but the company has even bigger plans to prod legislation in its own self-interest. See, back in 2010 Schmidt realized “much of the laws are written by lobbyists,” he said during The Atlantic’s Washington Idea’s Forum. Google hired and funded an army of capable policy crafters, not only to save itself from government fines that don’t even make a dent but also to help write Google-powered legislation. In the near future, that means ramped up efforts to influence immigration reform. Schmidt is part of the contentious Silicon Valley group FWD.us, which is lobbying for a very specific type of immigration reform. Google also has Molinari working on updates to the Electronic Communication Privacy Act — that pesky bill the government uses to justify spying on your Gmail without a warrant.
But in the long term, all those billions of dollars will also go toward Schmidt’s foreign policy visions, and Google’s attempts at worldwide domination outside of Washington. Along with his book, Schmidt has attempted (and so far failed) to broker diplomatic relations with foreign nations, visiting North Korea back in January and Myanmar in March.
Oh, so Google is lobbying on your behalf, right? Don’t get too excited. Their focus as far as the Electronic Communication Privacy Act is concerned is to get e-mails older than six months to require a search warrant to access them (right now, these aged e-mails require only a subpoena). That does little to restrain law enforcement officials or the NSA; its big implication is to make it harder for civil litigants (such as the SEC) to get access to e-mails in discovery. Google has spent a great deal of money in Washington beating back the Department of Justice’s antitrust suit. For Silicon Valley companies generally, their lobbying dollars go to trying to get a tax holiday so they can repatriate foreign earnings and use them to pay bonuses in dividends (that’s what they did in the last tax holiday, in 2004, so don’t believe their blather about using it to invest), on immigration policy (more HB-1 visas). And remember Google on net neutrality. It was happy to accede to a deal brokered by the FCC, so long as the telcos were required not to block Google. And perhaps I missed, it but my recollection and brief Web search shows Google was nowhere to be found in the outrage over the suicide of Aaron Swartz.
As much as the tech industry defenders may feel that they’ve scored some points in their Internet rows, they are losing the battle where it counts, in the court of public opinion. While a significant number of Americans still have no point of view on l’affaire Snowden, poll results here have been showing more and more support for his whistleblowing.
And far more important, as Ed Harrison pointed out, the tech industry loyalists seem not to grasp the real stakes in this battle. The Administration and tech industry have a full court press on to demonize Snowden and reassure the public that there is nothing to see here. But this all boils down to “trust me.” That’s also the position of the tech titans. As Evengy Morozov wrote in his review of the Schmidt/Jared book:
The goal of books such as this one is not to predict but to reassure—to show the commoners, who are unable on their own to develop any deep understanding of what awaits them, that the tech-savvy elites are sagaciously in control. Thus, the great reassurers Schmidt and Cohen have no problem acknowledging the many downsides of the “new digital age”—without such downsides to mitigate, who would need these trusted guardians of the public welfare? So, yes, the Internet is both “a source for tremendous good and potentially dreadful evil”—but we should be glad that the right people are in charge. Uncertainty? It’s inevitable, but manageable. “The answer is not predetermined”—a necessary disclaimer in a book of futurology—and “the future will be shaped by how states, citizens, companies and institutions handle their new responsibilities.” If this fails to reassure, the authors announce that “most of all, this is a book about the importance of a guiding human hand in the new digital age.” The “guiding hand” in question will, in all likelihood, be corporate and wear French cuffs.
The wee problem is of course that Obama has so often lied egregiously, well beyond previous political norms, that it’s remarkable that he has any brand equity remaining. Admittedly, his strategy has worked just fine up to now, but he’s made the mistake of relying heavily on propaganda rather than action, and then went and alienated a big chunk of his messaging apparatus by going after 20 Associated Press reporters in a widely-criticized secret phone records request. And the Democratic party stalwarts such as MSNBC, had fallen badly in the ratings before this scandal broke out. And the more the NSA appears in public, at least so far, the less convincing it becomes.
That does not mean that Obama and his fellow travelers might not eventually turn public opinion around. They still have tremendous resources at their behest. But overseas is quite another matter. US technology companies and their privacy policies already grated on the EU. China has been wary of US “openness” excuses to have its Internet vendors establish large footprints. And reassurances directed at US audiences aren’t going over so well abroad. For instance, the Chinese Army’s official newspaper attacked the PRISM program today. As recounted in the Australian (hat tip 1 SK):
The People’s Liberation Army (PLA) Daily on Sunday hit out at the US for implying that spying on citizens from other countries was justified…The remarks about the program are some of the most scathing to appear in China’s state-run press after Beijing’s refusal to make an official comment..
“US President Obama has said that PRISM is not directed at US citizens,” the article said.
“The implication is that for the purposes of US security, monitoring citizens of other countries is not a problem. This simple, overbearing logic is the frightening aspect of the PRISM program.”
The Snowden disclosures are hitting an already sore nerve hard. Richard Kline gives a recap of what is really at stake:
The position of the US spyboys, now shown redhanded as spying far over any formally granted authority on American citizens, is “You can trust us with absolute power, we’re the good guys and know what’s right.” Snowden is *systematically* destroying that plausibility by giving up evidence that the US spyboys are a) not ‘good guys,’ b) lie utterly in every utterance, c) can’t be trusted with a postage stamp, because d) they couldn’t find ‘what’s right’ to within a few parasecs using all of SETI’s resources and the Hubble’s chillun for back-up. Snowden has set out to prove that the US spy apparatus isn’t simply unconstitutional but is utterly untrustworthy.
If I was guessing, which is all that I’m doing, I would say that Snowden’s move is “You can harm me, but I’m leaving you cut off at the knees before you even start.” It’s like the situation of the French Army in the Drefuss Affair: they were able to hound their critics into exile or prison, but their own credibility never recovered, they were demonstrated as despicably abusive liars who’d hurt anyone to cover up their own treachery and incompetence. And yes, the US power apparatus really is that bad. I mean, _most are_ so that’s no surprise, but we’ve a demonstrated record over the last twenty years of being everything we claim to despise and assail others for: torturers; murderers; conquerors; looters; trafficking in racism; propping up and even creating odious quislings abusing their won peoples; megalomanic spiers; hyper-paranoid ubermenschan; completely indifferent to law, treaty, or custom; ready to frame and jail domestic critics of any of that; so deep in the chamber pot of our own hypocrisy we’ve come to take the stuff for mustard on our foot-long untruths; frequently incompetent because under a vail of pervasive secrecy accountability goes to zero. “And you _TRUST_ these guys?” Ed Snowden is saying. His move isnt to play for sympathy, it’s to irreparably damage the credibility of the securecrats. And yes, he’s managed to do much to that effect _without_ revealing any military secrets…. I don’t know whether he’ll get out of Devil’s Island intact, but one has to acknowledge he has a strategy, and it’s a well-founded one.
The best move for the technology giants would be to throw their DC dollars at getting the Department of Defense, via the NSA, out of domestic operations, as long-standing US laws prescribed, and making those strictures look plausible enough to appease America’s aggrieved foreign web product and services customers. Otherwise, the most likely outcome is the worst for them, that the security state apparatus and the Administration succeed in getting through this crisis with at most cosmetic changes to their domestic surveillance apparatus. That means the FISA star chamber remains intact. And the record of the original Star Chamber was that it went from being a useful and well-regarded part of the jurisprudence system over time to a being a potent political weapon.
The implication is clear: it’s too easy for secret courts to be abused, and the NSA’s history of whistleblowing shows that they are precisely the sort of folks who have no compunction about power grabs and deception, and that includes deceiving the America public. If the tech industry does not throw its weight decisively on the side of curbing the agency, the odds are high that the EU countries and China will exploit this spectacle to wrest control of the Internet in their countries away from the US (a long term project, mind you) and to encourage domestic champions to develop more secure devices and services. The result will be exactly what would be the opposite of professed US security interests: a balkanized and somewhat opaque Internet overseas (serves you right!) with Americans at home still subject to ongoing, escalating surveillance.
But I don’t have much hope. Americans, especially members of what passes for our elites, are unable to take a good look in the mirror. Ironically, Schmidt and Jared, in their New Digital Age book, which the New Republic reviewer Morozov called Future Schlock, had an unexpected moment of prescience in their algorithmic image generation:
Or consider their prediction that the world will soon “see its first Internet asylum seeker.” Don’t tear up just yet: “a dissident who can’t live freely under an autocratic Internet and is refused access to other states’ Internets will choose to seek physical asylum in another country to gain virtual freedom on its Internet.” I have no doubt that someone might one day try this excuse—it would hardly be the oddest reason for requesting asylum—but would any reasonable government actually grant asylum on such grounds? Of course not.
Snowden comes awfully close to this model. But perilous few among America’s tech elite appear ready to face that they are the purveyors of what is on the knife’s edge of becoming an autocratic Internet.
* Please don’t try the “they had a dropbox.” This was the New York Times’s account on June 7:
In at least two cases, at Google and Facebook, one of the plans discussed was to build separate, secure portals, like a digital version of the secure physical rooms that have long existed for classified information, in some instances on company servers. Through these online rooms, the government would request data, companies would deposit it and the government would retrieve it, people briefed on the discussions said.
The negotiations have continued in recent months, as Martin E. Dempsey, chairman of the Joint Chiefs of Staff, traveled to Silicon Valley to meet with executives including those at Facebook, Microsoft, Google and Intel. Though the official purpose of those meetings was to discuss the future of the Internet, the conversations also touched on how the companies would collaborate with the government in its intelligence-gathering efforts, said a person who attended.
Notice the use of the conditional, and “discussions have continued”? There may be a plan for a dropbox, but the Times sources said they were merely under consideration.