Friday, January 24, 2014

Privacy vs. Security, a Noisy Question.

A noisy question. Surveillance, resources, privacy, and asking the wrong things

Better shovel some more on there if we ever want to find that needle.

A quote you will see many times, especially if you live part of you life on the Internet and CERTAINLY if you discuss technology, surveillance, or politics online is this:

"Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety."
- Benjamin Franklin, 1775.

It is often shortened or paraphrased as such:

"Those who give up liberty for safety, deserve neither"
- Some guy on Facebook, all the time.

This quote implies there is some kind of trade off between one's Liberty and one's safety, as if increasing the communications, people, and property open to searches and seizures will make us more safe. This mindset is ingrained even more today than in Franklin's time - as recent revelations regarding the NSA and other agencies have made clear. The same conceptualization is made today, one of a "balance" between protecting our private affairs on one side and preventing terrorist attacks on the other. The White House spokesmen speaks speaks in such terms and even the Libertarian/Republican CATO institute discusses the issue in the same way.

The problem is that this conceptualization is, at least relevant to the programs recently brought to light, entirely wrong.

If you are asking the question "How much privacy am I willing to lose to mass surveillance in order to gain security from terrorist attacks?" or if you are asking "How many more terrorist attacks am I willing to allow to happen to our nation to prevent our government from engaging in mass surveillance?" you are wrong either way. These questions are "noisy" - they only serve to distract us from what we SHOULD be asking.

These questions imply that if we surrender our privacy then we automatically gain safety or at least a framework that could make us more safe. The evidence - as far as we know it at this time - leads us to believe the opposite. From the Civil Liberties Oversight Board Report:

"Based on the information provided to the Board, we have not identified a single instance involving a threat to the United States in which the telephone records program made a concrete difference in the outcome of a counterterrorism investigation"
-The Final Report of the Privacy and Civil Liberties Oversight Board. (underline mine)
-Go read the Whole Thing

This implies that the safety gained from this sacrifice of our privacy for this particular program was Zero. That significantly changes the equation about how much privacy should be sacrificed because zero times any amount is still zero. Despite all the shows about NCIS super-hackers or Ex-CIA agents with A.I. best buddies... the number of real world plots that were stopped with this nonsense seems to be Zero.

Sorry I spent so much money on this cool spy scope
Sorry I watched you all this time without y'alls permission
Sorry I didn't catch any bad guys doing this stuff. My bad.

And, in a world of limited resources, every Law Enforcement or National Security penny spent on the Program to Observe Ominously but Prevent Few if Any Real Terrorists is one less dollar spent on resources that HAVE been proven to catch real terrorist and prevent actual attacks. Or... funds could be spent elsewhere on things we are desperately behind on (Education, Infrastructure) or could even not need to be spent at all to ease burdens on taxpayers or reduce debt.

A less noisy question would be "Has this program been necessary to stopping even one terrorist attack in the last several years?", which - if answered by the same rubric as the way the Privacy and Civil Liberties Oversight Board interprets it, is "No." Earlier claims had been made that 54 terror attacks were stopped by mass surveillance, but that started to seem fishy as those making the claim had little, if any, evidence to back up that claim.

That question only began to demand an answer after the Snowden leaks. And, sadly, we are all worse off for in not being asked long ago. We were all under the spell of "Losing Security vs. Losing Privacy" when the reality was "Losing NOTHING vs. Losing Privacy", which is a much easier choice. I was as guilty as the rest of us for assuming that if THAT much money and THAT many resources had unfettered access to ALL of communications of EVERYONE, they would surely catch a real terrorist now and then.

A friend of mine once joked a few years back that the various contractors that supplied "Intelligence" and "Analysis" to the Department of Defence and various other Three Letter Agencies were - first and foremost - a giant government welfare program to ensure 0% unemployment for former spooks and some types of us ex-military folks, and that if they occasionally found actionable intelligence or genuine insight that was just icing on the cake. He was joking, but now we can see how much closer to the truth he was than he thought.

Isn't preventing this all worth it?
(Tom Tomorrow made this joke months ago.)

Questions can be "noisy". They can generate as much, or more, disinformation than information. They do this by implying statements in the way that they are asked. A famous example would be "Have you stopped beating your wife, yet?" which implies a history of spousal abuse. Another "noisy" question that has been asked is "How long would it take country X to have nuclear weapons?", again, this question implies the existence of a program well on its way to producing a nuclear weapon - when in truth ANY industrialized nation could produce nuclear weapons in a few years time. The United States developed the first Atomic Bomb - a concept not even proven possible at the time - in less than four years, using technology from more than sixty years ago.

The noisiest questions completely shut out the questions tuned in to the signals we should be listening for. Questions about how much value you place on security and on privacy are mostly opinion - anyone can chime in with their opinion, values, or analysis at any time. We can ask that question and divide into our Hippie and Fascist camps and yell at each other all day long without one second of research. The other question: "Did any of this crap accomplish anything other than making a few contractors super rich and wasting our agents' damned time?" required specific knowledge that only a few were allowed to have and which they were prohibited by law (classified) from being able to share with the general public. The noisy question was the easier to get answers to.

For what it is worth, the report itself discussed the fallacy of "Privacy vs. Security" and how its implications muddied the waters of our discussions about mass surviellance. Also, for the record, I am not opposed to surveillance as an activity... targeted surveillance has caught criminals and stopped horrible plots many times in our history, it is just the "lets spy on EVERYONE" method has a ZERO in the win column.

On an unrelated note, did you know that 70% of the Intelligence Budget is spent hiring private contracting firms, and that those firms have put MILLIONS of dollars in the PACs of the Congressmen specifically tasked with overseeing those very firms? It's true! . Hey those ugly black-and-white with red text attack ads aren't going to pay for themselves! One of those on the Senate Intelligence Committee was Saxby Chambliss, and he used his sweet security contractor money to fund an attack ad against his opponent Max Cleland, who lost several limbs serving in Vietnam if that stuff is important to you.

Attacking the patriotism of that disabled Vietnam Veteran was worth every penny.

And, for what it's worth, for the last five months some folks from Anonymous have been on the case of promoting just how much of a money game the mass surveillance apparatus is. They've been putting together videos detailing how leaders on the take misbehave, such as Senator (and former House Member) Chambliss explicitly misinforming TV audiences about the capabilities of the NSA programs while serving on their oversight committee AND taking hundreds of thousands in contributions from the very firms making millions on his watch. I've talked before about the legalized bribery nature of money in American politics and the Senator from Georgia does a great job of illustrating this at its most blatant:

Someone is making a fortune selling Guy Fawkes masks

My takeaway from this is going to be:
#1) Ask the right questions
#2) Think about the implied assumptions of the questions we all ask each other.
#3) Never underestimate the power of cash and secrecy to hide waste.

It will be good to see how this discussion takes place. Will the same people that want Edward Snowden tried and imprisoned for his crimes demand the same of those running programs also determined to be crimes? Will people still accept the "Privacy vs. Security" dichotomy without questioning its assumptions? Will Anonymous members ever change up their style beyond basing it on a movie from 2005 (that was based on a comic book from 1982)? Time will tell. At the very least, let's not let "Privacy vs. Security" slide into our conversations without questioning it.

No comments:

Post a Comment