PRISM break

Most arguments sympathetic to mass surveillance programmes make two points:

  1. that they are reasonable (that is, have adequate regulatory oversight, only target valid intelligence targets, and are legal), and
  2. that they are effective.

The first claim is demonstrably untrue. The second is doubtful, and unproven.

1. Government mass surveillance programmes like PRISM and Tempora are illegal and out of control. We know that, for example, GCHQ lied to the UK National Security Council about the extent of their surveillance programme, that a US government privacy board believes NSA bulk collection of phone data is illegal1, that the NSA monitored calls of 35 world leaders and that they cracked the encryption used in the UN’s internal videoconferencing system (in clear breach of international law)2. The last six months have seen numerous other details of the extent of dragnet surveillance programmes become apparent. A legal opinion provided today to MPs suggests that ‘GCHQ’s mass surveillance spying programmes are probably illegal and have been signed off by ministers in breach of human rights and surveillance laws.’3 A recently-released FISA court statement shows that the NSA’s programme has long since gone beyond the legal framework that officials say it operates within:

Contrary to the government’s repeated assurances, NSA has been repeatedly running queries of the metadata using querying terms that did not meet the standard for querying. The Court concluded that this requirement had been “so frequently and systemically violated that it can fairly be said that this critical element of the overall… regime has never functioned effectively.”

That article also says the statement ‘details many instances in which the NSA flat out lied to the court’ and that ‘the agency had “substantially misrepresented” the extent of its “major collection program” (including the harvesting of “internet transactions”) for the third time in less than three years.’ Incredibly, Congress recently had to ask security expert Bruce Schneier to brief them on NSA activities becuase “the NSA wasn’t forthcoming about their activities, and they wanted [him] – as someone with access to the Snowden documents – to explain to them what the NSA was doing.”

I think it’s pretty unequivocal that both the NSA and GCHQ have lied consistently about the extent of their spying and data collection. I’m not sure why we should take their press officers at face value when they say that their programmes are proportional and lawful.

2. Effectiveness is a dangerous topic.

Even if, say, torture efficiently got information, if it also galvanized the world against you, provoked many suicide bombers, got your own people tortured, lowered the population’s trust and faith in the government, distanced your allies, increased the costs of maintaining the military, and so on, it might not be worth it.4

Nonetheless, the utility of PRISM-style bulk surveillance has yet to be proven. One analysis of 225 individuals charged with terror offences in the US since 9/11 showed that:

… traditional investigative methods, such as the use of informants, tips from local communities, and targeted intelligence operations, provided the initial impetus for investigations in the majority of cases, while the contribution of NSA’s bulk surveillance programs to these cases was minimal.

A number of mathematicians and statisticians commended in this Wall Street Journal piece that avoiding an immensely high false-positive ratio would be a monumental challenge with a dataset so large – and that there are likely better ways to spend the security services budget. The case for dragnet surveillance is far from clear.

Mass surveillance is illegal and ineffective. People are pushing back. If you want to help, you can donate to the Electronic Frontier Foundation. Part of me wants to suggest using strong encryption, switching away from the major providers we know to be tapped by the NSA and so on. Do these things by all means, but know that this is merely painting over the problem. The rot goes so deep, with so many layers of the internet compromised (software, hardware, people and organisations), and the security services have such enormous resources at their disposal, that policy overhaul is the only real option for disabling the global panopticon.

 I believe there are more instances of the abridgment of the freedom of the people by gradual and silent encroachments of those in power, than by violent and sudden usurpations[.] – James Madison

  1. The board said 3-to-2 that the programme is illegal, with the other two representatives stating that determining the programme’s legality was outside of their scope. 

  2. From The Guardian: ’The 1961 Vienna convention on diplomatic relations, which covers the UN, also states that “the official correspondence of the mission shall be inviolable”.’ 

  3. A summary of the advice can be read here

  4. From a comment by spodek on Hacker News