The Science of What Is and Isn't Happening with the NSA's Phone Surveillance
Editor's Note: If you have not yet made Charlie Martin one of your regular, Read-Everything-They-Write authors, then I submit this article from him for your consideration. Over the past 6 months Charlie has emerged as one of PJ Lifestyle's most engaging, intelligent contributors. His 13 Weeks Self-Improvement Experiment is giving birth to a movement. What began as Charlie trying various methods to improve his health so he could live longer has now set the theme for each Saturday with Sarah Hoyt, me, and, beginning this Saturday, Rhonda Robinson also following his lead. So I've asked Charlie to start writing more on other subjects too. In addition to his 13 Weeks reports on Saturdays, also tune in each Sunday for his Buddhism reflections and Thursdays for his science geek articles. This is the first in his science series and I can't wait to see what he comes up with next.
- David Swindle
So, there's this NSA thing. Since the stories about the NSA, Edward Snowden, PRISM, and so on have broken, there has been more misinformation, disinformation, bad information, speculation, ignorant commentary and flat out nonsense going around than any topic in recent memory. And to tell you the truth, I've been working on this article for two weeks and never finishing because there is always one more howler. Let's see if we can clear some of this up.
One of the things I'm going to complain about, by the way, is the number of authoritative opinions being offered by people who clearly don't actually know much more about it than what they've read from other people's poorly informed speculation. Someone might reasonably then ask why they should believe me? Especially since recently I seem to have been mainly a diet and health blogger. So let's just summarize.
I started working on defense systems in the late 70s, when I got a polygraph clearance -- an "EBI," or "extended background check" clearance -- and went to work on some very sensitive stuff and no I can't tell you what even today. But I've spent a fair bit of time overseas, "covert" under the law that Valerie Plame certainly wasn't covert under, and I've worked directly with both the CIA and the NSA on many occasions.
Then when I went to graduate school, I got involved in DARPA-funded security research, where I came up with the original architecture for a highly secure version of the X windowing system, and helped write the Navy's handbook for evaluating secure and trusted systems under the old DoD TCSEC -- the "Orange Book." I've been a security subject matter expert on projects for Sun Microsystems, StorageTek, the Navy, and a half-dozen major banks and Wall Street firms, and I've got about a dozen patents either issued or in process, many of them having to do with security "in the cloud," cryptography, and Big Data.
Basically, secure systems, cryptography, and Big Data have been my day job for most of the time since about 1979.
Talking the talk
With that out of the way, let's start by getting some terminology right. To understand how the intelligence business really works, let's make an extended metaphor. Imagine that you know someone has lost a bearer bond, redeemable by whoever has it, worth a billion dollars -- hell, make it ten billion, no, a hundred billion, so as not to get into Dr. Evil's embarrassment. What's more, you know it's been shredded, and scattered in a big open lot as part of paper mulch.
This is more or less the situation you start with in intelligence. You know things are happening, and that knowing them would be worth a lot to you -- after all, the 9/11 attack cost the U.S. economy three thousand people and over a trillion dollars.
For $100 billion, you know it's worth some effort, so you put together a big team of people to try to piece it together, or at least piece enough of it together to get it reissued. So you send a whole bunch of people out with shop vacs to vacuum the entire field. The stuff from the field comes back in bags, but as well as the bits of the bond, you've hoovered up not just the mulch, but sticks, stones, twigs, seeds, leaves, ants, beetles, and the occasional sleepy field mouse.
You take these sweepings back to a warehouse, which you have populated with expert janitors, champion jigsaw puzzlers with jewelers' loupes already screwed into one eye, and a few CPAs and lawyers to determine if you really have found the bond you're looking for. (There's a "Bond, James Bond" joke to be made here, but I think I'll leave it as an exercise for the interested reader.)
This is really more or less what doing intelligence is like. You collect all the sweepings because, well, if you knew where to find the good stuff you would just get that, but you don't, so you can't. The people with shop vacs are, technically, doing what's called acquisition; bagging it and returning it to the warehouse is called collection.
Here, by the way, is where we can point out the first bit of mis-or dis-information: James Clapper, the director of National Intelligence, has basically claimed that by taking all of the Verizon metadata they're doing acquisition but not collection, so it's not true that they're "collecting" everyone's phone records.
To which I say "yeah, right." They're putting it in the warehouse; just because they claim they aren't actually looking at it doesn't impress me.
Meanwhile, back in the warehouse, the junior-varsity puzzlers have been digging through the bags of stuff, which they have dumped out on big tables; there are occasional shrieks of terror when the field mouse, awakened by being vacuumed up and put in a bag, makes a break for it and scampers off into the darkened recesses of the warehouse. The JV puzzlers now start looking through the material on their tables, looking for anything that looks like it might be a part of a bond, picking up shredded canceled checks and those annoying looks-like-a-check direct mail advertisements as well. This stuff they put to the side. They also pick up occasional small change, lost earrings, and so forth, and put them aside in another pile; it's not what you're looking for but it's nice to find.
In intelligence, this is the process called analysis.
The collected information is taken in with a very wide net. This net, when it deals with electronic communications, is run by NSA and called "signals intelligence," SIGINT; if you're instead asking people for information, that's "human intelligence," HUMINT, and it's the job of CIA. The business of NSA is primarily collection -- although they also crack codes, which could be called analysis, and they are the responsible agency for matters of computer security.
The primary business of the CIA is analysis -- although they also have other jobs, in particular the National Clandestine Service, which used to be called the Directorate of Operations. Those are the real James Bond, shoot-em-up, covert ops spies. You can, believe it or not, find the CIA's org chart online here.
While we took that little digression, our JV jigsaw puzzlers have taken their piles of scraps of paper to the champion puzzlers, who are now piecing together the shreds of paper until they have something that looks like a bond. Those they take to the CPAs and the lawyers, who take the pieced-together stuff to the Boss -- in the real world, political appointees like the National Security advisor, the secretaries of State and Defense, and eventually the POTUS.
NSA, Networks, and Pen Registers
SO now let's get out of the metaphorical garbage, and into the real world garbage.
What appears to be happening is that the NSA has started collecting the "call metadata" from the major callphone service providers, and possibly -- this isn't clear -- landline metadata as well. This is often called a "pen register," a name that came up originally back in the days of telegraph. A pen register was simply a device that used clockwork to pull a strip of paper under a pen controlled by a solenoid and was attached to the telegraph, and later to radio. When the person keying the telegraph was holding down the key, it made a line of long and short marks on the paper, like
.. ..-. -.-- --- ..- -.-. .- -. .-. . .- -.. - .... .. ... -.-- --- ..- .- .-. . --- .-.. -..
It's called a pen register because it uses a pen to register the Morse code. Simple enough. (It also tells you how they came to be called dots and dashes.)
Think forward to rotary phones (look them up, younger readers). They sent the phone number by sending a number of clicks that drove a series of rotary switches, and a pen register could be used to record the clicks. So recording what calls someone made came to be called a pen register.
Now, these are usually called "billing records" -- for obvious reasons -- or "call metadata." ("Metadata" is just data about data. If you have a manila file folder with your 2012 tax return in it, and you write "2012 tax return" on the tab, that's metadata.)
With cell phones in particular, there's a good bit of this metadata. As well as recording your number, the number you called, and how long you talked, they record the cell towers you were using to make the call, and may even record your exact location by GPS. (Most, nearly all, cell phones have GPS built in; it's activated when you call 911 so they can find you.)
Now, this is a place where people get confused. This information doesn't include your actual call. Just getting the metadata doesn't mean you can hear what was said. Congressman Jerrold Nadler caused a lot of furor recently when he claimed that NSA operators could actually listen to calls, based on a classified briefing he'd had; he later retracted this in a characteristically self-congratulatory way.
Now, we can't say that NSA can't intercept your cell phone calls -- we know they can, because Orrin Hatch blew that operation years ago. There was a recent kerfluffle when someone asked the director of NSA (DIRNSA) if NSA had the ability to intercept phone conversations, and DIRNSA replied that NSA didn't have the authority to do so. A lot of people took this as a big admission, but it mainly demonstrated that DIRNSA is enough of a diplomat that he didn't answer "Well, duh!"
Similarly, it's not news at all that cell metadata is being recorded. As I say, this is what's called "billing data" by the phone companies.
Still, the metadata itself is pretty intrusive. There was a recent paper that showed a very few cell metadata records were sufficient to identify an individual nearly all the time.
So what actually happened?
What it mainly did was reveal a program that was pretty much an open secret -- metadata had been collected on suspected terrorists since just after 9/11. This was a Big Revelation during the 2004 campaign; curiously, even though it was individually targeted against certain people, it was a horrible invasion according to people like then-Senator Joe Biden. At the time it was limited to people directly suspected of a connection to a terrorist group, and only included calls that had at least one party who was not a "US person," a technical term that basically means someone who could be in the US legally.
But here's what we didn't know: the Obama administration had obtained a FISA warrant to allow them to gather all the metadata from cell phone providers -- Verizon drew the short straw in the news cycle because it was their service that was named, but it's clear it's all cell providers -- and store it. Their excuse is that they don't actually look at the data until they have a specific person in mind.
Color me skeptical on that. One of the most productive mathematical methods for looking for terror groups is called "social network analysis," something I know Richard Fernandez has written about before. From the mathematical or computer-geek point of view, you are simply taking individual items and making connections. If 555-0200 calls 555-6060 and 555-6060 calls 555-1234 and 555-1234 calls 555-0200, repeatedly, you can pretty well infer that the people with those four phones are somehow connected socially.
Although the details are a trade secret, Google's page-ranking algorithm works very much the same way: everyone links to instapundit.com in their blog rolls, so all of those individual connections make instapundit a higher-ranking site.
But therein lies the rub. We also know that Google's processing of these page rankings is done using map-reduce, a technique through which a lot of precomputation is done by thousands of small computers to make it easy to process queries quickly. We also know Google sells search technology to NSA and DoD. I think it's very likely that NSA is shading the truth when it says they aren't "looking at the data" -- my guess is that every one of those phone numbers is already connected in a mathematical network that allows an analyst to quickly find out who 555-0200 talks to, whom they talk to, and so on.
Maybe they need a FISA warrant to ask, but the answer is already precomputed.
What it means to you
I have to admit I'm conflicted. If all they really do with the information is look at the network of people actually closely connected to an actual suspect, I might be convinced it's okay. But there are some real problems even then.
First of all is the Kevin Bacon effect: if you can look at all the potential connections, it's rare to find two people who aren't connected in fewer than 6 steps. Hell, my Kevin Bacon number is only 2 -- I was an extra in Bull Durham with Kevin Costner, and Costner was in JFK with Kevin Bacon. So saying you only look at connections to terrorists could mean that actually they look at everyone every time they use the system, even if they're using a FISA warrant aimed at one person.
Second, there's the whole Fourth Amendment thing (along with the cranky observation that the Fourth Amendment seems to mean something different to the press depending on the administration in power). Everything we know about the program under Bush says they needed suspicion about an individual, and then collected information about that individual's calls only. If they saw a connection, they had to make a separate request for that person's metadata.
In the Obama administration program, they just collect all the data from everybody in case they want to look at it later.
Which leads to my third problem with it. The Obama administration has already said that people like Americans for Prosperity are a danger to our system of government; we know that many parts of the executive brancgh have been targeting "radical groups" like the TEA parties for special scrutiny that at best only verges on harassment. President Obama famously said,
If people can’t trust not only the executive branch but also don’t trust Congress, and don’t trust federal judges, to make sure that we’re abiding by the Constitution with due process and rule of law, then we’re going to have some problems here.
I think this would have surprised a number of the Founders; the whole Constitution is a contract that tried to limit the power of government because governments, all governments, can't be trusted. Governments have too much power to be trusted.
image courtesy shutterstock / matka_Wariatka