Big Metadata and Big Government

Jay Stanley and Ben Wizner, privacy experts at the ACLU, argue that metadata is more sensitive than we think.

big-data-eye

Jay Stanley and Ben Wizner, privacy experts at the ACLU, argue that metadata is more sensitive than we think.

[A]ny suggestion that Americans have nothing to worry about from this dragnet collection of communications metadata is wrong. Even without intercepting the content of communications, the government can use metadata to learn our most intimate secrets – anything from whether we have a drinking problem to whether we’re gay or straight. The suggestion that metadata is “no big deal” – a view that, regrettably, is still reflected in the law – is entirely out of step with the reality of modern communications.

So what exactly is metadata? Simply, if the “data” of a communication is the content of an email or phone call, this is data about the data – the identities of the sender and recipient, and the time, date, duration and location of a communication. This information can be extraordinarily sensitive. A Massachusetts Institute of Technology study a few years back found that reviewing people’s social networking contacts alone was sufficient to determine their sexual orientation. Consider, metadata from email communications was sufficient to identify the mistress of then-CIA Director David Petraeus and then  drive him out of office.

The “who,” “when” and “how frequently” of communications are often more revealing than what is said or written. Calls between a reporter and a government whistleblower, for example, may reveal a relationship that can be incriminating all on its own.

Repeated calls to Alcoholics Anonymous, hotlines for gay teens, abortion clinics or a gambling bookie may tell you all you need to know about a person’s problems. If a politician were revealed to have repeatedly called a phone sex hotline after 2:00 a.m., no one would need to know what was said on the call before drawing conclusions. In addition sophisticated data-mining technologies have compounded the privacy implications by allowing the government to analyze terabytes of metadata and reveal far more details about a person’s life than ever before.

As technology advances, the distinction between data and metadata can be hard to distinguish. If a Website’s content is data, is the Website’s address metadata? The government has argued it is.

But like the list of books we check out of a library, the sites we “visit” online are really a list of things we’ve read. Not only do URLs often contain content – such as search terms embedded within them – but the very fact that we’ve visited a page with a URL such as “www.webmd.com/depression” can be every bit as revealing as the content of an email message.

They’re of course right. But, as I’ve argued before, this is only worrisome if the government is permitted to access these data at the individual level. Petraeus was found out, not through a data mining operation, but because of a specific FBI investigation that, one presumes, had the proper warrants to comb through his emails, phone calls, and the like. If the NSA is simply combing through all metadata using computer algorithms and looking for patterns related to terrorist activity, I’m hard pressed to get excited about it. If they’re going on fishing expeditions into people’s personal lives for reasons unrelated to terrorism, it’s an epic scandal.

This, however, is worrisome:

[L]aw enforcement and intelligence agencies have long appreciated the value of metadata, and the outdated view that metadata surveillance is far less invasive than eavesdropping has allowed those agencies to use powerful surveillance tools with relatively little judicial oversight.

They can do this because, decades ago, long before the Internet altered all aspects of modern communication, the Supreme Court ruled that when we voluntarily divulge personal information to any third party, we waive our privacy rights and lose all Fourth Amendment protection over that information.

That decision would make sense if it was about, for example, why we can’t reasonably expect something to remain private when we loudly boast about it in a bar.  But the court extended that logic to phone calls. The argument was that since we “share” the phone numbers we dial with the phone company – which needs that information to connect the call – we can’t claim any constitutional protection when the government asks for that data.

That’s crazy. Alas, the courts have pretty consistently sided with law enforcement—even outside the context of terrorism—in construing the 4th Amendment’s protections against unreasonable searches and the 5th Amendment’s protections against self-incrimination in the narrowest possible way.

David Sirota pushes back against the notion that the government’s having access to this information is no worse than the various corporations who already have it.

Like so many carefully sculpted political talking points, it sounds logical, except when you remember the key facts being omitted — in this case, the fact that the government is using its law enforcement power to obtain the data without the public’s permission. Yes, that’s right: unlike a company with which you personally do business — and with which you sign an agreement about your personal information — the Obama administration is using the government’s unilateral power to simply grab your information across multiple platforms.

That’s hardly, as the dismissive phrase goes, a “distinction without a difference.” As I noted on CNN, when it comes to civil liberties, the Bill of Rights is all about constraining the power of the government to encroach on our freedoms. It does this because the founders recognized that the government isn’t just another institution in society — it isn’t, say, just a private bank or a polling firm. It is granted special powers (subpoena, warrants, etc.) that those other institutions don’t have — but it was granted those powers in exchange for that authority being properly constrained. When such constraints are removed, our liberties are inevitably restricted (this, by the way, is why Senator Obama sponsored legislation to outlaw what President Obama is now doing).

Belcher and other Obama officials likely know all this, but also know that the best way to at once defang the NSA scandal and normalize the government’s assault on civil liberties is to pretend it’s the same as any other company using data in the creepy ways we’ve all gotten accustomed to. It’s the old “nothing to see here, move along” trick. The only question is: Will America fall for it?

I’m pretty sure that we have. For understandable reasons, presidents of both parties push the envelope in the name of national security. And most of the Congressional leadership is eager to go along, especially in the post-9/11 universe.

But it’s not simply scaredy-cat tendencies. The sophistication of modern communications technology makes it very easy for organized terrorist outfits to operate in secret. Given the diffusion of these cells, with many manifesting few open signs of their orientation before launching their first attack, the intelligence community naturally wants the tools to keep up. While I think we’ve traded too much liberty in the name of this fight, I’m not persuaded that this particular trade-off is excessive. But, as I keep emphasizing, it’s not at all clear that we know what precisely it is we’re trading.

FILED UNDER: General
James Joyner
About James Joyner
James Joyner is Professor and Department Head of Security Studies at Marine Corps University's Command and Staff College and a nonresident senior fellow at the Scowcroft Center for Strategy and Security at the Atlantic Council. He's a former Army officer and Desert Storm vet. Views expressed here are his own. Follow James on Twitter @DrJJoyner.

Comments

  1. James in Silverdale, WA says:

    Sorry, not buying the “we only capture the meta-data” argument. Not one little bit. There is absolutely no way to confirm what is being captured or how it is being used. Secret program, secret court, people who love to keep secrets, people who would never tell us what they are doing, even under a court order, which cannot be obtained, because the program does not exist.

    Secure meshnets are coming.

  2. Gold Star for Robot Boy says:

    Yes to everything written above, but so what?

    The American people have decided the freedom to not be blown up by Muslims is more important the freedom from their metadata being picked over by computers. Until someone can convince the citizenry this is a bad exchange, this is how things will be for the foreseeable future.

    As an aside, I’m finding it darkly amusing to read the national-security and civil-liberties reporters’ freak-outs as they come to terms that their fellow Americans think they’re on the wrong side of the War on Terror.

  3. James Joyner says:

    @James in Silverdale, WA: Yeah, we don’t know. That it’s only metadata strikes me as plausible precisely because it’s so valuable and much easier to comb that actual conversations.

    @Gold Star for Robot Boy: Oh, I’ve long been aware of that on everything from airport screening to drones. As a theoretical matter, as Sirota notes, the Constitution trumps the popular will. But if the elected leaders trample on the Bill of Rights and the courts go along, political will is all that matters.

  4. anjin-san says:

    @ James

    Like I said yesterday, does any of this surprise anyone? This is the world we made. A lot of people were cheering at the top of their lungs while the foundation for all of this was laid.

  5. DC Loser says:

    It’d be funny when someone figures out congressmen and senator personal phone numbers, clone them on burner phones, and make lots of calls to ‘questionable’ and embarrassing phone numbers.

  6. Rafer Janders says:

    The sophistication of modern communications technology makes it very easy for organized terrorist outfits to operate in secret.

    Umm, it was always very easy for organized terrorist outfits to operate in secret — in many ways, it was even easier in the past. The “sophistication of modern communications technology” isn’t what allows them to operate in secret; rather, what allows them to operate in secret is simply what allows anyone to operate in secret — you keep your plans to yourself.

  7. john personna says:

    I don’t think the average reader really grasps “mirroring.”

    Database mirroring is the creation and maintenance of redundant copies of a database. The purpose is to ensure continuous data availability and minimize or avoid downtime that might otherwise result from data corruption or loss, or from a situation when the operation of a network is partially compromised. Redundancy also ensures that at least one viable copy of a database will always remain accessible during system upgrades.

    We could add to that “provide full anonymous access by government, without giving government write privileges back to the source.”

    Yes, the NSA has specific rules for when they make FISA queries against the Google database, but we know that with Verizon they have a mirror. They have a private copy of the metadata.

    James:

    They’re of course right. But, as I’ve argued before, this is only worrisome if the government is permitted to access these data at the individual level.

    You are still thinking in terms of individual, and fine grained, FISA requests. The NSA needs to make no such requests to access their own private copy, the mirror. Once the mirror is made, it is theirs.

  8. john personna says:

    We also learned this week that companies which are more grudging still use the mirror mechanism. It is a rule based mirror rather than a full copy. Each FISA (however broad it is with them) adds a rule and makes the mirror a bit bigger.

    So after umpteen FISAs the NSA does not have “direct access” to the Google database, they “only” have direct access to a subset of the Google database.

  9. Rafer Janders says:

    This of it this way: a world in which a terrorist group can’t communicate in secret is, by necessity, also a world in which no one — friends, famlly, lovers, an adulterous couple, a man with a secret fetish, a woman planning an abortion, a gay-rights group, political dissidents, opposition parties, doctors and patients, a battered wife, etc. — can communicate in secret.

    If you’re willing to accept that, there’s nothing I can do about it. But I’d recall Benjamin Franklin’s well-worn maxim that those are willing to trade liberty for security eventually wind up with neither.

  10. michael reynolds says:

    A Massachusetts Institute of Technology study a few years back found that reviewing people’s social networking contacts alone was sufficient to determine their sexual orientation.

    Yes. Or they could look at the thing where they ask you which gender you’re interested in. If you’re a guy and you say, “Women,” you’re likely to be straight. But by all means, MIT, carry on.

  11. James Joyner says:

    @Rafer Janders: Well, sure. But operating secretly is only easy if it’s a handful of people. Communicating with the higher headquarters and their superior resources through websites, VOIP, various encrypted email accounts, burner phones, and so forth is a relatively new set of capabilities.

    @john personna: Practically and technically, sure. But legally, not so much. The question is whether they’re following the law. The answer is: We hope so but have no way of knowing.

    @Rafer Janders: But we should be able to craft rules whereby NSA and other government agencies have access only to the former without access to all the other. There’s no reason for government to be interested in our sex lives; there’s good reason for them to be on the lookout for terrorist cells planning to murder innocents.

    @michael reynolds: Yeah. Increasingly, sexual orientation is not something people feel a need to keep secret.

  12. john personna says:

    @James Joyner:

    Practically and technically, sure. But legally, not so much. The question is whether they’re following the law. The answer is: We hope so but have no way of knowing.

    I’m not sure I understand. Are there any laws regulating what the NSA may do with their copy of the Verizon meta-data? Is there any oversight of data that has gone across the NSA gateway and into the dark?

    As I understand it, FISA inspection was considered the regulatory gateway. Everything beyond that, in the increasingly large government big data stores, is opaque.

    See also:

    U.S. Never Really Ended Creepy “Total Information Awareness” Program*

  13. anjin-san says:

    @ john personna

    My understanding is that FISA is something of a rubber stamp. We need to ask ourselves if it is a gateway, or an onramp…

  14. James Joyner says:

    @john personna: Stewart Baker, former general counsel of the NSA, in an FP piece I quoted yesterday in another post:

    No one has repealed the laws that prohibit the National Security Agency (NSA) from targeting Americans unless it has probable cause to believe that they are spies or terrorists. So under the law, the NSA remains prohibited from collecting information on Americans.

    On top of that, national security law also requires that the government “minimize” its collection and use of information about Americans — a requirement that has spawned elaborate rules that strictly limit what the agency can do with information it has already collected. Thus, one effect of “post-collection minimization” is that the NSA may find itself prohibited from looking at or using data that it has lawfully collected.

    I would not be surprised to discover that minimization is the key to this peculiarly two-party, three-branch “scandal.” That is, while the order calls for the collection of an enormous amount of data, much of it probably cannot actually be searched or used except under heavy restrictions. (If I’m right, the administration is likely to find itself forced quite quickly to start talking about minimization, perhaps in considerable detail.)

    And:

    Here’s the DNI:

    By order of the FISC, the Government is prohibited from indiscriminately sifting through the telephony metadata acquired under the program. All information that is acquired under this program is subject to strict, court-imposed restrictions on review and handling. The court only allows the data to be queried when there is a reasonable suspicion, based on specific facts, that the particular basis for the query is associated with a foreign terrorist organization. Only specially cleared counterterrorism personnel specifically trained in the Court-approved procedures may even access the records.

    All information that is acquired under this order is subject to strict restrictions on handling and is overseen by the Department of Justice and the FISA Court. Only a very small fraction of the records are ever reviewed because the vast majority of the data is not responsive to any terrorism-related query.

    In short, there’s less difference between this “collection first” program and the usual law enforcement data search than first meets the eye. In the standard law enforcement search, the government establishes the relevance of its inquiry and is then allowed to collect the data. In the new collection-first model, the government collects the data and then must establish the relevance of each inquiry before it’s allowed to conduct a search.

    If you trust the government to follow the rules, both models end up in much the same place. I realize that some folks simply will not trust the government to follow those rules, but it’s hard to imagine a system with more checks and restrictions and doublechecks than one that includes all three branches and both parties looking over NSA’s shoulder.

    I don’t think it matters whether the information is on Verizon’s server or an NSA mirror; they’re not allowed to access that information.

  15. john personna says:

    @James Joyner:

    I’m afraid I see that as contradictory with the actual data flow.

    In the first quote it talks about what the NSA may not collect, but we know they already have it.

    In the second quote it talks about what courts may limit, but again that is back at the FISA stage, and before the data is acquired.

    (If the Verizon data stays NSA-only this may not be a huge issue. They may search it randomly without much affect for random Verizon customers. Of course, we get to interdepartmental data sharing laws at the next point, and if the NSA has all that Verizion data, when the FBI may make an interdepartmental request.)

  16. rudderpedals says:

    @James Joyner:

    I don’t think it matters whether the information is on Verizon’s server or an NSA mirror; they’re not allowed to access that information.

    Do these strictures restrain our overseas intelligence partners?

  17. john personna says:

    Another way to say it would be that if the courts were making FISA review stick for every data request, then the NSA would have no data mirror, and would have to take the path through the courts every time.

  18. Al says:

    If the NSA is simply combing through all metadata using computer algorithms and looking for patterns related to terrorist activity, I’m hard pressed to get excited about it

    The thing is, I have a very hard time seeing this as the case. The hard part about analytics is building up the data needed for a model to score effectively. Once you’ve got the data, building more models isn’t all that difficult. The idea that the NSA only has a model built on scoring terrorist activity and not ones to score child porn distribution, drug distribution, tax evasion, insider trading, illegal downloading of movies and anything else you can think of in the next sixty seconds is nuts.

    NSA management will look at the mathematicians and scientists that they have to keep around to maintain their terrorist model and think: Why not put them to work?

  19. @rudderpedals:

    Do these strictures restrain our overseas intelligence partners?

    I would guess so. NSA Agent X would have to jump through the hoops first to even know what to send to MI6.

  20. DC Loser says:

    @James Pearce,

    Sharing is a lot more easy than you think. This is just the perspective from the Canadians. The Brits, Aussies, and Kiwis also are in on the deal.

  21. @Al:

    The idea that the NSA only has a model built on scoring terrorist activity and not ones to score child porn distribution, drug distribution, tax evasion, insider trading, illegal downloading of movies and anything else you can think of in the next sixty seconds is nuts.

    Why would the NSA be interested in the illegal downloading of movies or any of that other stuff?

    If anything, you should be worried about the NSA sharing that info with the FBI, which could happen….but not likely with the approval of a FISA court.

  22. @DC Loser:

    Sharing is a lot more easy than you think.

    Well, I think the sharing would be extremely easy.

    But I do not think that foreign intelligence services will have access to this information that US intelligence services don’t. That is….MI6 may get access to this data in the end, but only after jumping through the NSA’s hoops.

  23. Rafer Janders says:

    @James Joyner:

    But we should be able to craft rules whereby NSA and other government agencies have access only to the former without access to all the other.

    Maybe we should be able to, but obviously we don’t. And given that these rules will be administered by human beings, they will always be abused.

    There’s no reason for government to be interested in our sex lives; there’s good reason for them to be on the lookout for terrorist cells planning to murder innocents.

    Oh, c’mon. You’re not actually this gullible. There’s plenty of reason for plenty of people in government to be interested in the sex lives of their political opponents, their ex-wives, their girlfriends, their political enemies, the leader of the civil rights group which is threatening to sue them, the investigative journalist who’s writing articles that are making them nervous, the whistleblower, etc.

  24. Al says:

    @James Pearce (Formerly Known as Herb):

    Why would the NSA be interested in the illegal downloading of movies or any of that other stuff?

    Forward thinking managers will always be wondering where the next threat is coming from and what they need to do to keep their agency relevant. Building a wide variety of models is an easy way to hedge bets.

    The argument could also be made that a lot of that stuff could be tangentially related. Whether or not that argument is bogus wouldn’t really be relevant.

    If anything, you should be worried about the NSA sharing that info with the FBI, which could happen….but not likely with the approval of a FISA court.

    Right, and the likelihood that FISA would deny such a request is pretty small. The only thing really stopping it from happening now is that the NSA probably wouldn’t want to share their toys with the FBI. What happens when it’s suddenly in the NSA’s interest to do so?

  25. James Joyner says:

    @Rafer Janders: @Al: But you’re accusing people of serious crimes without evidence. The IRS, for example, has a whole host of sensitive information on us. For even the president to use it against his political opponents is an impeachable offense. The fact that it could happen isn’t evidence that it’s happening.

  26. Ben Wolf says:

    There’s a new article on an NSA program called Boundless Informant:

    http://www.guardian.co.uk/world/2013/jun/08/nsa-boundless-informant-global-datamining?commentpage=1

    At the end is this gem from an NSA spokeswoman:

    The continued publication of these allegations about highly classified issues, and other information taken out of context, makes it impossible to conduct a reasonable discussion on the merits of these programs.

    This woman should be drummed out of public service immediately. How could we have had a discussion about these programs when she and her comrades have done everything in their power to prevent us from ever knowing of their existence? The only reason we can have a discussion is because a very brave person or persons decided to risk everything they had to make the American people aware of them.

  27. James in Silverdale, WA says:

    @Rafer Janders: “Oh, c’mon. You’re not actually this gullible.”

    Indeed. After the lies into war, torture, and the creation of this and other draconian extensions of the police state, the line between data and metadata is tissue-thin. What’s a little eavesdropping after the killing of hundreds of thousands in Iraq alone?

    ISPs should have the freedom to opt-out of this. ISPs which resist it are going to become very popular. especially if they find a way to package easy, ubiquitous strong encryption. Demand groweth by the hour.

    Only to be followed by the political pornography of President Obama claiming nothing at all wrong with the very programs Senator Obama abjured.

    Gullible, aye.

  28. john personna says:

    I think the pipeline is that a federal agency gets FISA approval for a data set. After that it is government data, and FISA is done. Combine that with:

    Officials say unified government-wide databases with shared access is the future

    Before an audience of defense contractors and security professionals at the AFCEA Homeland Security Conference held last week in Washington, D.C., several senior government technology officials from DHS, the FBI, and the Department of Defense outlined their vision for more flexible and efficient government-wide databases.

  29. john personna says:

    (James seems to think that FISA lives on, attached somehow to a data set, and restricting uses on that data going forward. That would be extremely burdensome for the data architect, and … is anyone really making him?)

  30. Jeremy R says:

    @Ben Wolf:

    My impression is that Greenwald and his reader/fan source are engaged in activism related to the Manning trial and Greenwald’s advocacy for Mannaing/Assange. From the NYT GG profile yesterday:

    http://www.nytimes.com/2013/06/07/business/media/anti-surveillance-activist-is-at-center-of-new-leak.html

    While Mr. Greenwald notes that he often conducts interviews and breaks news in his columns, he describes himself as an activist and an advocate.

    The leak, he said, came from “a reader of mine” who was comfortable working with him. The source, Mr. Greenwald said, “knew the views that I had and had an expectation of how I would display them.”

    Because he has often argued in defense of Bradley Manning, the army private who was charged as the WikiLeaks source, he said he considered publishing the story on his own, and not for The Guardian, to assert that the protections owed a journalist should not require the imprimatur of an established publisher.

    So they initially considered using the leaks to foment some sort of constitution test case on citizen or blogger ‘journalism’?

  31. Al says:

    @James Joyner: The difference here is that the IRS operates in public, is up front about the data it’s collecting on me (which is all related to tax collection) and is giving me a specific purpose as to why it’s doing so. I may not particularly like it but at least I understand it.

    The NSA, on the other hand, is operating in secret, isn’t divulging what it’s collecting on me (but we know it’s everything about phone calls I make, my credit card activity and somewhere between most and all of my activity on the Internet) nor what it’s doing with the data it’s collected. Its only oversight is a court that doesn’t seem to want to say “no” or even “why” and a Congress that nearly everyone in the country agrees is blindingly incompetent.

  32. john personna says:

    @Al:

    Boy, it is easy to google up all kinds of further mile marks on the road to a surveillance society:

    By taking certain steps, the IRS may share bank data it gets from foreign banks under FATCA with other US agencies

    “Section 6103(i) permits disclosure of tax “return information” to “any federal agency” for use in virtually any matter over which the agency has jurisdiction.”

  33. @Al:

    The argument could also be made that a lot of that stuff could be tangentially related. Whether or not that argument is bogus wouldn’t really be relevant.

    Not really, Al. Pity the prosecutor who seeks to build a case based on information illegally obtained from the NSA. The bogosity of that argument is very relevant.
    Also

    Right, and the likelihood that FISA would deny such a request is pretty small.

    What you really mean is that the likelihood that such a case would even be brought before a FISA court would be pretty small.

    If it was, the likelihood that it would be rejected is very large.

    @Ben Wolf:

    This woman should be drummed out of public service immediately

    I don’t know about that, Ben. I think there is definitely more to this story that didn’t make it into the Guardian or the Washington Post stories.

    And I think many people will discover their first impressions were wrong. They might regret listening so closely to a guy with an axe to grind (Greenwald) or an organization obsessed with The Scoop (Washington Post).

    @James in Silverdale, WA:

    ISPs which resist it are going to become very popular.

    Don’t count on it. During the Bush presidency my ISP (Qwest) refused to hand over information. Business didn’t improve and they later sold out to a smaller company in order to stay in business.

    Most consumers don’t make their decisions like this. They’re concerned with speed, price, reliability, and then way down on the list in last place is the ISP’s willingness to buck the feds.

  34. Gustopher says:

    @James Pearce (Formerly Known as Herb): I think it would be pretty straightforward to claim that drug cartels are a threat to our national security, and expand use of this data to look for patterns of drug dealers all the way up and down that food chain.

    And both terrorists and drug cartels need to launder money, so now you get to look at all bank transactions for everyone even remotely connected, even indirectly.

    Do we worry about someone attacking our economy? Now we can expand the vague scope of national security to cover all financial transactions, insider trading, etc.

    Someone will come up with a rationale for searching for child porn aficionados (“think of the children!” usually suffices, but it may have to be modified to “Islamofascists like little boys!”)

    And that is all assuming the workers are properly trained and not abusing their access to the data.

  35. john personna says:

    @James Pearce (Formerly Known as Herb):

    So I’ve linked to descriptions of the mirrors. I’ve linked to plans for merged federal databases. I’ve linked to free sharing between departments.

    Your answer is that there is secret information that makes all that innocuous.

    Are you sure you are the one with a data-driven argument?

  36. john personna says:

    @Gustopher:

    The Director of National Intelligence’s new PRISM fact sheet is interesting in this regard. The first part, on conditions for collection, is interesting because if you really believed it, they wouldn’t have ALL the Verizon metadata.

    On sharing though:

    Significantly, the dissemination of information about U.S. persons is expressly prohibited unless it is necessary to understand foreign intelligence or assess its importance, is evidence of a crime, or indicates a threat of death or serious bodily harm.

    “Evidence of a crime” covers most of the suggestions above. I suppose it may not be that bad in a surveillance state. Police could conceivably get a “most likely location” for a suspect, at 3 pm on a Monday afternoon. That might save lives.

    It would still be a surveillance state.

  37. Rafer Janders says:

    @James Joyner:

    But you’re accusing people of serious crimes without evidence.

    No, I’m not accusing anyone of a serious crime. I’m saying that, as an undeniable fact of human nature, there are always people who will abuse their authority, and that plenty of people will, if given the chance, commit serious crimes. It will happen.

    Again, c’mon. Stop playing the innocent naif.

    The fact that it could happen isn’t evidence that it’s happening.

    Since the spying is all happening in secret, ipso facto there won’t be a lot of evidence. It’s a Catch-22 — they spy on us, we accuse them of it, they say prove it, we demand evidence, and they refuse to supply the evidence because of national security.

  38. Rafer Janders says:

    @James Joyner:

    There’s no reason for government to be interested in our sex lives; there’s good reason for them to be on the lookout for terrorist cells planning to murder innocents.

    Think of Karl Rove. Let’s assume Karl Rove, when in government, got information on the sex lives of top Democratic politicians. Think there’s any way he wouldn’t use it in whatever way was most beneficial to him? Karl Rove had every reason to be interested in the sex lives of people opposed to him.

  39. rudderpedals says:

    I’m not comfortable with this at all but it’s going to continue and enlarge anyway. Look at what happened with the transplant policies. The next time a stranger abducts a pretty girl and there’s a chance of these data being useful the pressure to change the law will be irresistible.

    Two things that could help slightly when the time comes:

    1. The FISA authorization needs to be amended to require counsel appointed by the court to flesh out and enforce minimization techniques. The advocate ad litem represents the affected but oblivious US persons caught the dragnets.

    2. The people querying these databases really should be subject to monitoring themselves. The stuff is way too sensitive.

  40. @Gustopher:

    I think it would be pretty straightforward to claim that drug cartels are a threat to our national security, and expand use of this data to look for patterns of drug dealers all the way up and down that food chain.

    It may be less straightforward than that. The drug cartel, I presume, would have to do something more than just deal drugs to capture the NSA’s attention.

    You’re assuming other agencies (the DEA, the SEC, the FBI?) will have access to this stuff. Or that the NSA will cooperate with these other agencies. I don’t think we have enough information to make that assumption.

    It really seems like we’re so busy thinking about all the ways this information could be used that we’re not really thinking about how it is used.

    @john personna:

    Are you sure you are the one with a data-driven argument?

    Nope, not sure of anything. I’m just not jumping to the conclusion that this is as nefarious as it’s being made out to be.

    Indeed, I think it’s pretty obvious that we kind of asked for this. Nay, we demanded it. We told the feds after 9-11, “Next time….connect the damn dots.”

    And they said, “Will do.”

  41. Rafer Janders says:

    @James Pearce (Formerly Known as Herb):

    The drug cartel, I presume, would have to do something more than just deal drugs to capture the NSA’s attention.

    If they’re smuggling goods into the US, that’s all that’s needed. After all, one could say, if they can smuggle cocaine, surely they can smuggle terrorists or weapons or even a small nuclear device.

  42. James Pearce says:

    @Rafer Janders:

    If they’re smuggling goods into the US, that’s all that’s needed.

    I don’t know, Rafer. The federal government is nothing if not a bureaucracy. And while the common image of the bureaucracy is a bunch pencil-necked geeks making our lives harder from behind their desks, it’s actually a way of organizing tasks and functions, making sure these guys do this and those guys do that.

    Maybe the NSA is doing stuff that’s outside their purview. I think the other agencies have it covered though.

  43. Barry says:

    @James Joyner: The whole point of this, James, is that we know they’re doing a lot, but have no ability to know else they are doing.

  44. James Joyner says:

    @Barry: Yes, Barry. I’ve made that point in every post I’ve written on the subject. I find that very troublesome. I just balance it with the notion that these people are professionals sworn to protect the Constitution and the law.