Past surveillance programs could predict Prism's path
Remember Clipper Chip? Carnivore? The current debate over domestic monitoring isn't the first such controversy.
Past controversial electronic surveillance efforts by intelligence and law enforcement agencies could mark the way forward for the National Security Agency's recently disclosed gathering of meta-data from phone and Internet traffic, say privacy and communications experts.
There was NSA's Clipper Chip in the early 1990s, for example, which sought to give the government back-door access to the public's encrypted electronic messages via classified algorithms. The Federal Bureau of Investigation's Carnivore packet-sniffing technology for public telephone networks, introduced later that decade, allowed law enforcement to surreptitiously surf the web along with a criminal suspect. And the 1994 Communications and Law Enforcement Assistance Act (CALEA) instructed telecommunications carriers to provide digital wiretapping capabilities to law enforcement.
Each of these programs, as well as other of the years, generated initial public outrage when they began. Once revealed, however, more open, public debate ultimately shaped their fate. Transparency in the adoption process, say privacy and communications experts, is critical to the future of the federal government's surveillance capabilities.
"Public debate is essential to these programs," said Mike Jaycox, policy analyst at the privacy advocacy group, the Electronic Frontier Foundation. "We saw it in the '50s and '60s when mass domestic spying was uncovered and we must see it again in the 2010s."
"If NSA were more upfront, people would be a lot more comfortable," said Michael Nelson, senior technology and telecommunications analyst at Bloomberg Government. Nelson, who has worked at the White House as a science advisor, as a technology analyst at the Federal Communications Commission and as part of President Obama's campaign team, said the debate over surveillance technology faces a basic, nagging problem. "There is fundamental tension between consumers who want privacy and vendors who want to know everything about them." In simple terms, government agencies can be likened to vendors, he said, driven by similar motives of providing service to the public. In the case of the NSA, he said, that service is safety.
Lawmakers and private industry alike are calling for a more honest, open exchange in the wake of the disclosure of the two NSA programs.
Internet technology companies that have supplied the government with information on their users to fuel intelligence agencies' Foreign Intelligence Surveillance Court (FISA) surveillance requests have begun pushing for more openness from the NSA. The companies, which include Google, Microsoft and Facebook, say they are being unfairly implicated as accomplices in privacy violations. Google sent a letter on June 10 to FBI director Robert Mueller and U.S. attorney general Eric Holder asking them to allow the company to explain more publicly how the NSA's requests for information about users are handled. The letter sought to allow wider release of the numbers of national security requests the company received and how many it fulfilled.
On June 11, a group of eight senators, including Sen. Patrick Leahy, (D-Vt.) chairman of the Senate Judiciary Committee, introduced a bill that would make the U.S. attorney general declassify FISA rulings. "There is plenty of room to have this debate without compromising our surveillance sources or methods or tipping our hand to our enemies," Sen. Jeff Merkley (D-Or.), one of the bill's sponsors, said in a June 11 statement. "We can't have a serious debate about how much surveillance of Americans' communications should be permitted without ending secret law."
In the past, public outcry over web surveillance and wiretap efforts have produced tighter control, or at least an increase in circumspection about some of the government's surveillance technologies. For instance, the later version of the FBI's controversial 1990's Carnivore email surveillance device was renamed to a more innocuous "DCS-1000," before it was apparently abandoned by the agency in 2001 in favor of commercial technology. Privacy groups had pushed the FBI to release thousands of pages of information on the technology through Freedom of Information Act requests that detailed exactly how the technology operated. Updates to CALEA wiretap capabilities incorporated input from a wide range of dissenting parties, including privacy rights groups, telecommunications carriers and the public. Currently, proposals to expand the law to include voice over Internet protocol (VoIP) services and other peer-to-peer tools are under discussion in government and industry.
The effectiveness of NSA's Clipper Chip was ultimately blunted in the mid-1990s by private companies offering strong cryptographic alternatives and a publicly disclosed flaw in the Clipper Chip's design. Ultimately, however, ideas about privacy rights and the nature of data are themselves shifting, reshaping the entire notion of surveillance. "Thirteen year olds with iPhones probably have very different expectations of privacy" than most older people, said Nelson. Younger people may be more comfortable with giving up some of their privacy when using technology.
A recent poll by the Washington Post and the Pew Research Center showed that 56 percent of Americans believed court orders that allow the government to track their phone calls are acceptable.
Nelson said developing a "mutually-assured disclosure" approach by the government might be more productive than secrecy. "Stop arguing and add transparency about the process." In doing so, he said, the government should show the benefit of its monitoring, like a possibly safer world, in exchange for Americans disclosing some of their data.
NEXT STORY: Security beyond the firewall