“Collect it all.” That’s how an anonymous former senior intelligence officer describes National Security Agency Director General Keith Alexander’s approach to personal data in a story in today’s Washington Post.
The title and first paragraphs claim the “terrorist threat drives [Alexander’s] passion” to collect everything. Just after Alexander took over at NSA in August 2005, he instituted a program to collect “every Iraqi text message, phone call and e-mail” as a way to combat roadside bombs. As such, the article suggests this data grab is all about dead bodies. “[I]f we give up a capability that is critical to the defense of this nation, people will die,” the Post quotes Alexander saying last month.
But the headline and the first paragraphs overstate the degree to which the story is about terrorism (even assuming every Iraqi targeting U.S. troops in 2006 was a terrorist rather than a counter-occupation force). As it notes, Alexander’s urge to “collect it all” also stems from his mandate to protect against cyberattacks and — in his other role as the head of Cyber Command — to conduct offensive attacks such as the StuxNet sabotage of Iran’s nuclear centrifuge program.
Indeed, much later the story reveals a meeting where Alexander proposed having NSA operate on banks’ networks and in their databases in search of malware that might compromise their systems. What may have once been about protecting American service members in Iraq has become an imperative to protect private companies’ property at the expense of their customers’ privacy (and taxpayer dollars). “Wow. That’s kind of wild,” one of the executives present at the meeting described the financial executives’ response to the Post.
Moreover, the Post does not prove Alexander’s maximal approach worked. While the number of roadside bombs in Iraq did decline from an annual high in 2006 (they continued to rise in Afghanistan during the same period), and fell on a month-to-month basis after August 2006, numbers of all U.S. casualties rose after March 2006 (though that is, in part, due to the surge of troops in Iraq).
As Sens. Ron Wyden and Mark Udall disclosed in a statement two weeks ago, “intelligence agencies’ assessments of the usefulness of particular collection programs – even significant ones – are not always accurate.” So it would be useful to see much more comprehensive proof that “collecting it all” saves many more lives than collecting exclusively on known extremists.
Ultimately, though, the article mirrors an approach the government itself and the secretive Foreign Intelligence Surveillance Court that serves as oversight have used to justify this ever-expanding collection of data.
When the FISA Court of review authorized collecting criminal evidence as one purpose of a FISA intercept in 2002, it justified what it called a “close” question in terms of the Fourth Amendment by pointing to terrorism. “After the events of September 11, 2001, though, it is hard to imagine greater emergencies facing Americans than those experienced on that date … Our case may well involve the most serious threat our country faces.”
The Bush administration used the same excuse to justify its illegal wiretap program. As part of each new 45-day authorization, the intelligence community would put together a “scary memo” describing the risk of terrorist attack in the U.S. The memo would certify that “the individuals and organizations involved in global terrorism (and discussed in the memoranda) possessed the capability and intention to undertake further terrorist attacks within the United States.”
As Eric Lichtblau reported recently, the FISA Court used the same excuse to further expand the “special needs” collection that now encompasses almost every American’s phone records in 2004 and 2006 and since. “FISA judges have ruled that the N.S.A.’s collection and examination of Americans’ communications data to track possible terrorists does not run afoul of the Fourth Amendment.”
The NSA is collecting data from all of us in the name of finding terrorists.
Testimony from John Brennan reveals one of the problems with these secret claims about the threat of terrorist attacks. When he oversaw providing such declarations as the head of the Terrorist Threat Integration Center from 2003 to 2005 (which includes the beginning of the period, according to the Post, when Alexander was pushing to “collect it all” in Iraq), he relied on and submitted intelligence from CIA’s interrogation program, which was still using torture. A 2004 Department of Justice memo by Jack Goldsmith also confirmed much of the intelligence used to establish the terrorist threat drew “particularly from the interrogations of captured al-Qaida operatives.”
In the secret FISA Court and within NSA, no one gets to challenge the claims about terror the government uses to justify collecting data on us all.
It’s high time the government — and major newspaper stories — stopped relying unquestioningly on such claims. Not only has the government not always succeeded in using more targeted collections to find terrorists (for example, in spite of the fact that NSA and FBI were collecting Anwar al-Awlaki’s communications in the months before the underwear bomber’s attempt to blow up a Detroit-bound plane, they either didn’t see or didn’t respond to a text from the bomber to Awlaki discussing jihad).
But the aspiration to camp out on our banks’ networks has, at most, only tangential ties to terrorism. It is, instead, exposing our most personal data in the name of protecting private property at risk from criminals. The risk is sometimes exacerbated by corporate negligence about protecting their own networks.
Perhaps we really do need a militarized NSA to oversee our bank deposits to protect ourselves from hackers (though one wonders how many private corporations the government claims it needs to protect). But if so, that’s what we need to talk — and debate — about. Not unproven claims about dead bodies from terrorist attacks.