Author Archives: jjn1

Mission Creep and the NSA

Posted on by

The big question, it seems to me, is whether comprehensive surveillance of the kind we now know the NSA and its sister agencies conduct, is compatible with democracy in any meaningful sense. This is one post in that ongoing thread.

The NSA’s Mission statement says:

The National Security Agency/Central Security Service (NSA/CSS) leads the U.S. Government in cryptology that encompasses both Signals Intelligence (SIGINT) and Information Assurance (IA) products and services, and enables Computer Network Operations (CNO) in order to gain a decision advantage for the Nation and our allies under all circumstances.

Note the phrase “a decision advantage for the Nation and our allies under all circumstances“. [Emphasis added.]

When the NSA was set up by Harry Truman on October 24, 1952, the mission involved monitoring all the electronic communications technologies of the time — radio, television, telex, telephone, telegraph. When the ARPAnet arrived in 1968, cellular telephony in 1973 and the Internet in 1983 it was logical to include monitoring of these systems within the NSA’s remit.

But, guess what? Exponential growth is more or less baked into the Internet because of its architecture. So it grows like crazy, and so — therefore — does the NSA’s remit. But surveilling the Net isn’t the same as doing the old wiretapping stuff with telephones. You can’t just dip into the firehose to pick out the stuff you’re interested in: you need the whole firehose. Or, to use another metaphor: if you’re looking for needles in a haystack, you need the entire haystack.

Which the NSA has been collecting. Which in turn means that mission creep is effectively built into the NSA’s remit. For if the Agency is conscientiously to fulfil its mission, then it too has to grow continuously, in line with the growth of the Internet. Of course Moore’s Law helps a bit, but only a bit: the incessant expansion of the Net — 2+ billion users today, the next five billion in the next decade or so — means that the NSA will always be running just to keep up. And that’s not taking into account the surges that will come from the “Internet of things”.

So if nothing changes, the NSA will continue to grow.

What forces might constrain this growth?

One is politics. Could it happen that lawmakers, driven perhaps by public revulsion at comprehensive surveillance, might decide to curtail the Agency financially. Its budgets might be frozen, or even cut.

Dream on. Post-9/11 hysteria and the ‘war on terror’ mean that instead of rational budgetary considerations coming into play, with the NSA having to tighten its belt just as other public agencies do in times of financial stringency, exactly the opposite happens: the NSA continues to get whatever public resources it claims to need — currently $10.8B. And I haven’t even mentioned the pressures coming from the powerful — and vast — military-industrial-information complex which is parasitic upon the US government (one of which parasites, ironically, employed Edward Snowden as a sysadmin.)

The obvious conclusion therefore, is that unless some constraints on its growth materialise, the NSA will continue to expand. It currently has 35,000 employees. How many will it have in ten years’ time? Who can say: 50,000, maybe? Maybe even more? So we’re confronted with the likelihood of the growth of a bureaucratic monster.

How will such a body be subjected to democratic oversight and control? Let me rephrase that: can such a monster be subjected to democratic control?

Optimists might answer ‘yes’ and point to the FBI as an example of a security apparatus which is under fairly tight legal control.

On the other hand, those with long memories recall the fear and loathing that J. Edgar Hoover, the founder — and long-term (48 years) Director — of the FBI aroused in important segments of the American polity. The relatively restrained Wikipedia entry for him claims that even US presidents feared him and quotes Harry Truman as saying that “Hoover transformed the FBI into his private secret police force”. “We want no Gestapo or secret police”, Truman is reported as saying. “FBI is tending in that direction. They are dabbling in sex-life scandals and plain blackmail. J. Edgar Hoover would give his right eye to take over, and all congressmen and senators are afraid of him.”

Hoover’s power was based on a combination of astute PR, sycophantic or intimidated mass media, his absolute control of an army of agents, and the databases they could compile using the relatively crude tools of the time. He assiduously collected information about the private lives of politicians, public figures and journalists and used it to secure their approval or silence. When the journalist Ray Tucker hinted at Hoover’s homosexuality in an article for Collier’s Magazine, he was investigated by the FBI and information about his private life was leaked to the media. When this became known, other hacks were frightened off, with the result that his sexual activities were never disclosed to the American public during his lifetime — despite the fact that he effectively blackmailed public figures who were themselves homosexual. Under him, the FBI investigated many Americans –like Martin Luther King — who held what Hoover regarded as dangerous political views; the Bureau also investigated protestors against the Vietnam war and other political dissidents.

The idea that the FBI, under Hoover, was subjected to tight democratic oversight is, well, fanciful. That doesn’t mean that the Bureau didn’t also do excellent law-enforcement work during Hoover’s tenure — just that, even in those technologically-limited circumstances, the level of democratic oversight was patchy.

Now spool forward a decade or so and imagine a Director of the NSA, a charismatic ‘securocrat’ imbued with a mission to protect the United States from terrorists and whatever other threats happen to be current at the time. He (or she) has 50,000+ operatives who have access to every email, clickstream log, text message, phone call and social-networking post that every legislator has ever made. S/he is a keystroke away from summoning up cellphone location logs showing every trip a lawmaker has made, from teenager-hood onwards, every credit- and debit-card payment. Everything.

And then tell me that lawmakers will not be as scared of that person as their predecessors were of Hoover.

Coase and the Penguin

Posted on by

This morning’s Observer column remembering Ronald Coase.

When the news broke last week that Ronald Coase, the economist and Nobel laureate, had died at the age of 102, what came immediately to mind was Keynes’s observation that “practical men, who believe themselves to be quite exempt from any intellectual influences, are usually the slaves of some defunct economist”. Most of the people running the great internet companies of today have probably never heard of Coase, but, in a way, they are all his slaves, because way back in 1932 he cracked the problem of explaining how firms are structured, and how and why they change as circumstances change. Coase might have been ancient, but he was certainly not defunct…

The NSA never takes “no” for an answer

Posted on by

Terrific column by Jack Shafer.

The NSA’s techno-dodges give civil libertarians a choice of two large pitches on which to throw their fits. Should they be more angry about the national security bureaucracy first seeking the public’s consent to drink from the national information stream and then, when told “no,” ignoring the thumb down? Or is the greater outrage the fact that the vast and secret surveillance program was established at all, and not how it was established? As a fit-throwing civil libertarian, I intend to alternate from one field to the other. On even days I’ll scream about the basic outrage. On odd days, I’ll stamp my feet over the “you asked for permission, I said ‘No,’ and you went ahead and did it anyway” transgression.

Who made the U.S. government’s decision to bootleg its expansive surveillance system into place? To compromise the Internet and the devices we use to connect? To intentionally weaken the existing security systems by installing secret “back doors,” thereby making us all more vulnerable to a hostile cyber-attack by foreign powers or individuals who discover them? To reverse the popular will — or least the politically possible — without any further discussion? That last move would smack of totalitarianism, except that totalitarians make no pretext about needing the consent of their citizens to rule.

And there’s more…

Can somebody explain to the NSA that Snowden has merely done to the NSA what the NSA has been doing to U.S. citizens and business for decades? Snowden deceitfully ignored the legally binding promises he made to the NSA; the NSA similarly runs roughshod over both the letter and the spirit of surveillance legislation (and systematically lies about it, something Snowden doesn’t do). Snowden stole secrets; the NSA steals secrets (and encryption keys, according to yesterday’s reports), only at a more colossal level. Snowden took it upon himself that he, not the NSA or his government, knows best; the NSA and its governmental partners believe they know best; Snowden creatively exploited the technical weaknesses in the computer matrix to accomplish his goals; so does the NSA.

Neatly highlights the question that’s been bothering me for months. Is it possible to have the kind of comprehensive surveillance that the NSA and its overseas franchises operate and also have democracy. My answer: no.

If Big Data is “the new oil” then we’re the wells

Posted on by

This morning’s Observer column.

Should you be looking for an example of hucksterish cynicism, then the mantra that “data is the new oil” is as good as they come. Although its first recorded utterance goes as far back as 2006, in recent times it has achieved the status of an approved corporate cliche, though nowadays “data” is generally qualified by the adjective “big”. And if you want a measure of how deeply the cliche has penetrated the collective unconscious, ponder this: a Google search for “big data” turns up more than 1.5bn results. And a search for “data mining” turns up 167m results.

The idea of big data as a metaphor for oil is seductive. It’s also revealing in interesting ways. Given that the oil business is one of the biggest industries in the history of the world, for example, the metaphor hints at untold future riches. But it conveniently skates over the fact that oil wealth overwhelmingly benefits either ruling elites in corrupt and/or authoritarian countries, or huge corporations in democratic states.

But at least oil is a physical, non-renewable resource that is extracted from the earth. Big data, on the other hand, is extracted from the activities of people and machines…

Remembering Seamus Heaney

Posted on by

Seamus Heaney was my idea of what a great Irishman should be: deeply conscious and proud of his ancestry, yet alive to the vicious contradictions of our history. Alert to his eminence, yet never trading on it — a sensible move in a society famous for its “begrudgers”, the folks who are forever seeking to cut down any tall poppy that dares to raise its head. They called him “Famous Seamus”, but the epithet never did him any damage.

One of the few things that made me proud of my country in recent years was the discovery that, at the state banquet to mark Queen Elizabeth’s landmark visit to Ireland, Heaney was seated at the top table, opposite the Queen. It was such a lovely change to see that a country which for so many years vilified and ignored its writers (“the old sow that eats her farrow”, as Joyce put it) finally had the grace to recognise a native genius.

I’ve always loved his poetry, especially the way he captured the tactility of things — the smell of sodden flax, the heft of a spade or the weight of a sod of turf. Here he is writing about helping his mother fold the bedlinen:

The cool that came off sheets just off the line
Made me think the damp must still be in them
But when I took my corners of the linen
And pulled against her, first straight down the hem
And then diagonally, then flapped and shook
The fabric like a sail in a cross-wind,
They made a dried-out undulating thwack.
So we’d stretch and fold and end up hand to hand
For a split second as if nothing had happened
For nothing had that had not always happened
Beforehand, day by day, just touch and go,
Coming close again by holding back
In moves where I was x and she was o
Inscribed in sheets she’d sewn from ripped-out flour sacks.

He evoked wonderful responses in people. After he’d had his stroke he was rushed to hospital in Letterkenny in Donegal. Bill Clinton was in Northern Ireland at the time on peace process business, and when he heard about Heaney, he secretly changed his schedule and raced to Letterkenny, astonishing the hospital staff, and no doubt the poet himself. At that moment Clinton went up a mile in my estimation. I cannot imagine a contemporary politician who has that kind of sensibility.

Seamus will have one hell of a funeral. And, who knows, maybe Clinton will come.

How comprehensive surveillance undermines democracy

Posted on by

Preston_column

A key ingredient of a democratic society is the existence of free media that can hold power to account. One essential requirement for free media is the ability of journalists to protect the identity of their sources – a contemporary equivalent of the sanctity of the confessional in earlier times, but with a public interest dimension. The existence of comprehensive surveillance – plus the legal intimidation that goes with it (a la Miranda) – makes it impossible to protect confidential sources. That’s why WikiLeaks’s development of a secure, anonymous drop-box was such a significant innovation. But, given what we now know about the capabilities of the NSA and GCHQ, I don’t think any journalist could now, in good faith, give an undertaking of confidentiality to any source with whom s/he communicated electronically.

One big puzzle for me is why so many journalists – at least in Britain – don’t seem to appreciate how radical the threat to journalism has become. After all – as Peter Preston pointed out in a terrific column yesterday – the next David Miranda might be working for the Daily Mail.

In the British case, there are probably local factors at work – in particular the visceral hatred that the tabloid press has for the Guardian. [Full disclosure: I write for the Observer, which is a sister paper of the Guardian.]

You think I jest? A few years ago, one of the people who worked most closely with Tony Blair when he was prime minister observed to one of my academic colleagues that during the Blair premiership one rule-of-thumb for news management in Downing Street was that “the best way to bury a story was to have it published on the front page of the Guardian“. When my colleague expressed puzzlement, he explained: “because then the Daily Mail wouldn’t touch it”.

Management pseudo-science

Posted on by

I’ve always been amused by the term “management science” which seems to me as absurd as the term “yoga science”. This hasn’t stopped universities and their business schools using the term, though (see this Google search result for UK universities). I’ve been similarly amused by the big-selling business books that one finds in airport bookstalls — so amused, in fact, that I once proposed that people should be able to trade air-miles for an MBA degree. So it was refreshing to find this admirably acerbic post by Freek Vermeulen in – guess where? – the Harvard Business Review!

Management is not an exact science, they say. And I guess most things that involve the study of human behavior cannot be. But I sometimes wonder if that is the reason — or the excuse — that the business sections at airport bookshops are so full of nonsense.

Quite often these books are written with panache. And the authors — aspiring “management thinkers” and “gurus” (never scientists) — have an excellent sense of the pulse of the business public. They are neither crooks nor charlatans; they write what they believe. But that doesn’t make their beliefs right. People can believe vigorously in voodooism, homeopathy, and creationism.

A common formula to create a best-selling business book is to start with a list of eye-catching companies that have been outperforming their peers for years. This has the added advantage of creating an aura of objectivity because the list is constructed using “objective, quantitative data.” Subsequently, the management thinker takes the list of superior companies and examines (usually in a rather less objective way) what these companies have in common. Surely — is the assumption and foregone conclusion — what these companies have in common must be a good thing, so let’s write a book about that and become rich.

In Search of Excellence and Built to Last, to name a few classic examples, followed that formula — including the getting rich bit. One piece of advice to come out of such tomes, for instance, has been to create a strong, coherent organizational culture, like most of high-performing firms studied. However, we now know from academic research that a strong culture is often the result of a period of high performance, rather than its cause. In fact, a very coherent culture can even be a precursor of what is called a competency trap, where firms get stuck in their old beliefs and ways of doing things. Not coincidentally, the list of superior companies frequently starts unravelling when the book is still at the printer’s.

Right on! Worth reading in full.