NSA and the Pandora’s box of surveillance
Let’s assume for a moment that National Security Agency Director Gen. Keith Alexander was telling the truth yesterday on ABC News’s This Week when he said that the NSA material leaked by Edward Snowden “has caused irreversible and significant damage to our country and to our allies.”
That would mean that the United States, Canada, the United Kingdom, New Zealand, Australia and other friendly nations that depend on the NSA’s ability to suck electrons out of the ether, store them, sort them, and computer-analyze them for intelligence purposes, have suffered mightily. Unlike tornados, tsunamis, earthquakes or hurricanes — disasters that tend to inflict only temporary damage that can be repaired — Snowden’s leaks have visited upon the national security of the allies a blight that can’t be rolled back or ameliorated. It’s permanent. It’s everlasting. You know, it’s irreversible, as the general said.
According to Alexander, the Snowden breach ravages a program that has contributed to the “understanding and, in many cases, disruptions” of 50 terrorist plots, obviously implying that the unauthorized disclosures will hinder the future understandings and disruptions. While Snowden is the confessed thief of the data, he’s not the one who made the theft possible. Surely his superior, or his superior’s superior, or his superior’s superior’s superior, or somebody on the NSA organization chart designed a flawed system that was easily defeated by a junior contractor. Surely a large bag filled with heads will roll at the NSA for this grievous lapse, and Alexander will accept responsibility for his own shortcomings and step down from the NSA so the president can assign a more competent director.
Instead of asking Alexander for his resignation, This Week host George Stephanopoulos needled him with penetrating questions about Snowden’s heist, asking “why the alarm bells didn’t go off?” and “what’s to say this couldn’t happen again?”
Alexander had no concrete answer for how the alleged crown jewels of terrorist identification could have been stolen and were now on a world tour bound for South America. He cribbed his answer from every dairy farmer ever to lose a cow to say:
Well, this is a key issue that we’ve got to work our way through. Clearly the system did not work as it should have.
Exactly! The gate has issues causing it not to close as advertised.
Then Alexander deflected the onus from himself and the NSA, and placed it on Snowden because a threatened bureaucracy always blames down. (Did any generals lose any stars over Bradley Manning’s leaks to WikiLeaks? No.) The NSA, you see, didn’t really fail. It was Snowden who failed. Alexander continued:
[Snowden] betrayed the trust and confidence we had in him. This is an individual with top secret clearance whose duty it was to administer these networks. He betrayed that confidence and stole some of our secrets.
Then Alexander got around to Stephanopoulos’s question of why the $10 billion-a-year government agency won’t experience another Snowden-esque theft.
We are now putting in place actions that would give us the ability to track our system administrators, what they’re doing, what they’re taking, a two-man rule. We’ve changed the passwords. But at the end of the day, we have to trust that our people are going to do the right thing.
Change the passwords! Yes, such a good idea! New tracking systems and a two-man rule for access to data, too! But then Alexander wilts, confessing that no real protection exists outside of trusting the NSA’s estimated 35,000 to 50,000 employees and contractors to do the right thing. A big organization that needs to trust the thousands of employees who are said to have access to the surveillance programs is only setting itself up for future disappointment and another televised chat for its director with George Stephanopoulos.
A secret shared by a thousand people isn’t much of a secret. As Snowden has demonstrated and Alexander has confirmed, the NSA’s surveillance programs are inherently vulnerable and easily compromised. The NSA has demonstrated that it can neither guarantee the secrecy of its surveillance systems nor safeguard the privacy of the individuals who generate the bits of data. As the NSA’s surveillance system continues to expand, its collections will become only more vulnerable, as hundreds or maybe thousands of new employees and contractors sign on to manage the data load and devise new means of extracting and manipulating data. Alexander may be tempted to re-change the passwords and establish a four-man rule for access to data, but will he? The data can only be useful to the government if it remains accessible, and if there’s more data the demands for access to it will only rise, which means more potential Snowdens will be touching it. The NSA has a tiger by the tail.
Assuming that Snowden has maintained access to gigabytes of NSA data he purloined, I wonder when the Fort Meade signal-grabbers will begin to regret having collected and centralized such a sensitive, transportable stockpile. Not quite a Pandora’s box, the NSA hoard exudes similar destructive power. Dispensed to the press by a civil libertarian like Snowden, it can be a weapon to blunt the surveillance state that created it. But in the hands of a hostile nation or belligerent force like al Qaeda, it might become a how-to guide to advanced surveillance. And the data, oh, the data! A document from 2008 quotes Gen. Alexander asking (let’s hope he was joking), “Why can’t we collect all the signals all the time?” If unchecked, the NSA’s data collection will eventually make Jorge Borges’s idea of Library of Babel — a universal library of everything — look like a toddler’s collection of Golden Books. After all, Borges was only looking back to the beginning of time; IBM estimates that 90 percent of the data in the world has been created in the last two years, suggesting a surveillance state must expand like an exploding star just to keep up.
As the surveillance state expands to collect everything — and Moore’s Law will make it possible — we’ll stop begging our own government to keep our data safe and start praying criminals and foreign enemies don’t pilfer it.
The always cheeky Steven Brill asks about Booz Allen’s liability in the Snowden leaks. Send your cheeky comments to Shafer.Reuters@gmail.com and visit the dunghill I call my Twitter feed. Sign up for email notifications of new Shafer columns (and other occasional announcements). Subscribe to this RSS feed for new Shafer columns.
PHOTO: A reporter takes a mobile phone picture of National Security Agency (NSA) Director U.S. Army General Keith Alexander as he takes his seat to testify before a U.S. House Permanent Select Committee on Intelligence hearing on recently disclosed NSA surveillance programs, at the U.S. Capitol in Washington June 18, 2013. REUTERS/Jonathan Ernst