The legality of such surveillance is rather controversial, with some people citing that it violates human rights. In some places, it is flat out illegal. Others say that it is necessary to help thwart terrorism and to keep national security intact. In 2013, Edward Snowden, a former employee working for the National Security Agency, or NSA, leaked confidential documents which described government plans for mass surveillance programs. Namely PRISM, which desired to collect phone metadata, capture and analyze emails and text communications to search for keywords as well as create partnerships with large organizations such as Google to allow the NSA to obtain a user’s information without a warrant or prior consent.
These leaks caused social unrest among the American population, because citizens felt like they could no longer trust their own government. It’s not just America though, people are monitored all over the world, with some governments even preventing people from encrypting their data. In China, people are stuck behind the Great Firewall. This firewall intercepts and stores all data that goes through it and even goes as as far as to automatically decline a connection if the data being transmitted is encrypted. This means that it is impossible for data to remain private in China.
Initially, mass surveillance was first introduced as part of a war time communication strategy to intercept and review telegrams sent through postal companies such as, back then, the Western Union. After the wars were over, the FBI continued to use similar methodologies to monitor some anti-war organizations.
At that time, governments didn’t monitor entire populations, but specific entities known to cause trouble. On Tuesday, September 11th 2001, an Al-Qaeda terror group hijacked and crashed 2 planes into the World Trade Center as part of a coordinated attack against the United States. After the attack, which killed over 3000 people, investigators discovered that the people involved communicated electronically to plan the attack. It was then that governments decided it was a good idea to keep watch on modern communications, so that they could proactively detect and thwart any terrorism plans before they even got off the ground. However, since these events, government organizations such as the NSA, FBI, CIA, Homeland Security and the Military have spent billions of dollars to design and implement an infrastructure to collect, analyze and store information and any communications belonging to millions of American citizens, the vast majority of whom never convicted of any crime.
After the leaks of 2013 by Edward Snowden, the public was made aware of the NSA’s largest surveillance system yet, which allowed the NSA to legally obtain call records, private information and call recordings of any person without a warrant. It also legally immunized any company who voluntarily provided such information. The program even forced service providers to modify their networks to allow easy wiretapping of POTS, VoIP and Internet data. It’s not just Americans who are subject to this. If a web service has its servers kept in a facility in America, even users from the EU who communicate with those servers are being monitored, since all traffic going in and out of America is subject to the NSA monitoring rules.
The situation in the European Union is not nearly as bad as they have it in the US, as there is a law known as the “Data Protection Act” which guards citizens right to privacy. There is no similar law even comparable to this in place in the US. In 2014, the EU Court of Justice declared invalid the only law that could allow mass data collection, thus making it illegal for governments to collect personal data without a warrant. Whether or not governments are abiding by this law is as of yet unknown.
By far one of the worst situations is that, in China. Every internet user is sitting behind China’s Great Firewall. This firewall analyzes every single packet of data that traverses China, even those that leave and enter the country. If any prohibited keywords are detected, the connection is dropped. China also prohibits and blocks encryption, so there is no way to have secure communications in and out of the country. This means that every Chinese citizen has all of his or her personal information stored in plain text, making it delightfully easy for the government to filter through that data and find exactly what they are looking for. Though unrelated, there is also extreme censorship in China, where news that was not written or authorized by the Chinese is blocked, thus also impeding the right to free speech.
As for whether these surveillance programs work or not, the answer is not clear. They have never been successfully used to apprehend a terrorist. The reason is that there are far too many false positives. The NSA repeatedly uses the connect-the-dots metaphor to justify its surveillance activities. Again and again, the government is criticised for not connecting the dots even though they had all of the information, which is blatantly incorrect.
Data mining can be useful in certain scenarios, such as detecting credit fraud. That is rather simple to detect and is often correct because you’re searching for a well-defined profile. There really is no logical or valid explanation for your credit card to be used in six countries around the world within 5 minutes of each other other than fraud of course. An average of 6% of all credit cards are involved in fraud annually. The only cost of a false positive in this case would be a simple 2 minute phone call to the cardholder asking to verify the purchases.
People think that data mining is the solution to the terror issue, a system which can, or should, be able to connect the dots for us, but in reality, there is no real predefined pattern or profile which defines a terrorist. For example, who would have expected a teenager and his older brother to drop off 2 pressure cooker bombs in Boston? Terrorist plots are different, because while fraud is rather common, terror attacks are not. In any system like this, you have to perfectly tune the number of false positives you can handle with the number of false negatives. In this case, a false negative could cost hundreds their lives. Because a terror attack is so rare, it means that a system that is looking for even extremely specific criteria will be overwhelmed with false positives.
Also unlike credit fraud, the cost of a false positive is much greater. If you get a false positive for a terror attack, the cost is a lengthy and costly investigation that will waste hundreds of man hours, simply because investigators are obliged to look into the claims. In the years after 9/11, the NSA passed thousand of tips a month to the FBI, and every single one turned out to be a false alarm. Obviously, the cost of this was massive, and frustrated the FBI to the point where they stopped looking into these tips.
Yet another problem with these systems is that the people behind these attacks are smart. They will not bluntly state in an email that they will be bombing THIS building at THIS time. They are trying to avoid detection and will thus blanket their communications in generic conversation to avoid getting flagged.
Recently, a 19 year old student was arrested in his home for researching about pressure cooker bombs for a school project. He was flagged as extremely dangerous by the system due to his web searches. He was kept in custody for 2 weeks while a full investigation was held. This really outlines one of the many flaws in the system, which unfortunately cannot be fixed.
Terrorists vary in their ability to avoid surveillance. Most criminals and terrorists make several mistakes that could make their capture easier, but that is no excuse or justification to surveil an entire population. Traditional watch lists as well as TARGETED modern surveillance would identify them as well. The question is whether mass surveillance performs significantly better enough to justify the massive amount of both human and monetary resources needed to implement and keep it running in comparison to targeted surveillance.
The issues mentioned cannot be fixed. Data mining is simply not meant to be used for the apprehension of terrorists. Back when he was the director of the NSA, General Keith Alexander argued that if mass surveillance was in place, 9/11 would never have happened. That seems highly unlikely given that he wasn’t able to to prevent the Boston bombings of 2013, even though one of the terrorists was on the terror watch list. Had they performed targeted analysis on the people on the watch list, they would have probably found more incriminating evidence against him. The NSA had in fact collected data on one of the terrorists, but failed to realize that it was in fact more important than that they had collected on millions of other citizens. Mass surveillance didn’t catch Umar Farouk Abduldmutallab in 2006, even though his father had repeatedly warned the U.S government that he was dangerous. And the liquid bombers who attempted to destroy 13 passenger aircraft were not caught due to mass surveillance, but rather through traditional police work.
This is the crucial point. Taxpayers are wasting billions to implement such systems instead of utilizing it on investigation and intelligence and not getting the protection we deserve. Their efforts to make us more secure have actually made us less so.
0 comments:
Post a Comment