[ExI] Technology, Not Law, Limits Mass Surveillance

Wed Jul 3 09:43:36 UTC 2013

http://www.technologyreview.com/view/516691/technology-not-law-limits-mass-surveillance/

Ashkan Soltani

July 1, 2013

Technology, Not Law, Limits Mass Surveillance

Improved technology enabled the NSA’s mass surveillance programs. Future
improvements will make collecting data on citizens easier and easier.

Recent revelations about the extent of surveillance by the U.S. National
Security Agency come as no surprise to those with a technical background in
the workings of digital communications. The leaked documents show how the NSA
has taken advantage of the increased use of digital communications and cloud
services, coupled with outdated privacy laws, to expand and streamline their
surveillance programs. This is a predictable response to the shrinking cost
and growing efficiency of surveillance brought about by new technology. The
extent to which technology has reduced the time and cost necessary to conduct
surveillance should play an important role in our national discussion of this
issue.

The American public previously, maybe unknowingly, relied on technical and
financial barriers to protect them from large-scale surveillance by the
government. These implicit protections have quickly eroded in recent years as
technology industry advances have reached intelligence agencies, and digital
communications technology has spread through society. As a result, we now
have to replace these “naturally occurring” boundaries and refactor the law
to protect our privacy.

The ways in which we interact has drastically changed over the past decade.
The majority of our communications are now delivered and stored by
third-party services and cloud providers. E-mail, documents, phone calls, and
chats all go through Internet companies such as Google, Facebook, Skype, or
wireless carriers like Verizon, AT&T, or Sprint. And while distributed in
nature, the physical infrastructure underlying the World Wide Web relies on
key chokepoints which the government can, and is, monitoring. This makes
surveillance much easier because the NSA only needs to establish
relationships with a few critical companies to capture the majority of the
market they want to observe with few legal restrictions. The NSA has the
capability to observe hundreds of millions of people communicating using
these services with relatively little effort and cost.

Each of the NSA programs recently disclosed by the media is unique in the
type of data it accesses, but they all share a common thread: they have been
enabled by a massive increase in capacity and reduction in cost of
surveillance techniques.

NSA’s arrangement with just a few key telecom providers enables the
collection of phone records for over 300 million Americans without the need
to set up individual trap-and-tracer registers for each person. PRISM
provides programmatic access to the contents of all e-mails, voice
communications, and documents privately stored by a handful of cloud services
such as Gmail, Facebook, AOL, and Skype. A presidential directive, PPD20,
permits “offensive” surveillance tools (i.e hacking) to be deployed anywhere
in the world, from the convenience of a desk at CIA headquarters in Langley.
Finally, Boundless Informant, the NSA’s system to track its own surveillance
activities, reveals that the agency collected over 97 billion pieces of
intelligence information worldwide in March 2013 alone. The collection,
storage, and processing of all this information would have been unimaginable
through analog surveillance.

Recent documents indicate that the cost of the programs described above
totaled roughly $140 million over the four years from 2002 to 2006, just a
miniscule portion of the NSA’s approximately $10 billion annual budget.
Spying no longer requires following people or planting bugs, but rather
filling out forms to demand access to an existing trove of information. The
NSA doesn’t bear the cost of collecting or storing data and they no longer
have to directly interact with their targets. The technology-enabled reach of
these programs is vast, especially when compared to the closest equivalent
possible just 10 years ago.

What we have learned about the NSA’s capabilities suggests a move toward
programmatic, automated surveillance previously unfathomable due to
limitations of computing speed, scale, and cost. Technical advances have both
reduced the barriers to surveillance and increased the NSA’s capacity for it.
We need to remember that this is a trend with a firm lower bound. Once the
cost of surveillance reaches zero we will be left with our outdated laws as
the only protection. Whatever policy actions are taken as a result of the
recent leaks should address the fact that technical barriers such as cost and
speed offer dwindling protection from unwarranted government surveillance
domestically and abroad.

Ashkan Soltani is an independent researcher and consultant focused on
privacy, security, and behavioral economics.

-- 
You received this message because you are subscribed to the Google Groups "ZS-P2P" group.
To unsubscribe from this group and stop receiving emails from it, send an email to zs-p2p+unsubscribe at googlegroups.com.
To post to this group, send email to zs-p2p at googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/zs-p2p/20130703094336.GK24217%40leitl.org.
For more options, visit https://groups.google.com/groups/opt_out.