Privacy advocates have a problem.
People who want to increase the amount of surveillance in society, whether it's wire-tapping, closed-circuit cameras, or data mining, have an easy argument. There are terrorists and criminals out there, and these tools can help stop violence and crime, they say.
Philosopher Sandro Gaycken, a PhD student at Germany's Institut für Wissenschafts- und Technikforschung in Bielefeld, wants to give pro-privacy forces stronger arguments to counter these concerns. Speaking today at the Chaos Communication Camp, he conceded that activists' justifications for their concerns often fail to resonate with the broad public. Many anti-surveillance arguments are based on vaguely emotional concerns, or appeals to abstract values, as opposed to the hard facts of suicide bombers or commuters killed on the subway.
In response, Gaycken argued that there are well-established psychological consequences to being watched, observed consistently in studies. People change, tailoring their behavior to fit what they believe the observer wants (or in some cases actively rebelling against those wishes).
Now imagine a society where everyone knows they are or may be watched as they walk through the streets, or while surfing online. That – as in societies like Hitler's Germany or Soviet Russia – will have tangible and widespread psychological consequences, reinforcing conformity, and literally crippling the ability to make autonomous and ethical decisions, he argued.
An analogy might be the well-studied population of children with overprotective mothers, the philosopher said. Studies show that such children tend to be indecisive, dependent on others, have little "ethical competence," and often live suppressed and unhappy lives.
As or more disturbing may be the political implications of having a surveillance infrastructure in place.
Many philosophers reject the notion that given technologies are inherently politically neutral, Gaycken said. Surveillance, for example, can be used to support democratic values of freedom, equality, and state neutrality – but its tendency to create a watched and a watching class lends itself better to totalitarianism. In a country such as Germany, which has seen democracy slide into the Nazi state, such a warning resonates strongly.
"Surveillance stabilizes totalitarianism, and destabilizes democracy," Gaycken warned.
Are these issues enough to harden privacy advocates' arguments against the apocalyptic warnings of surveillance supporters? Not everyone in this hackers' audience was entirely convinced, with some asking for still more concrete arguments to counter Cheneyesque predictions of violence and chaos.
Others offered their own practical suggestions for action. Philippe Langlois, a French programmer, told of his own project hanging Christmas decorations on the closed-circuit cameras in Parisian Metro stations, thus drawing people's amused – but often shocked – attention to the devices' prevalence.
"That's a hack, too," he said. "Besides, it's fun."
UPDATE: Photo above is a picture of Langlois' project in Paris, provided by him.
How the NSA Threatens National Security
Secret NSA eavesdropping is still in the news. Details about once secret programs continuetoleak. The Director of National Intelligence has recentlydeclassified additional information, and the President's Review Group has justreleased its report and recommendations.
With all this going on, it's easy to become inured to the breadth and depth of the NSA's activities. But through the disclosures, we've learned an enormous amount about the agency's capabilities, how it is failing to protect us, and what we need to do to regain security in the Information Age.
First and foremost, the surveillance state is robust. It is robust politically, legally, and technically. I can namethreedifferent NSA programs to collect Gmail user data. These programs are based on three different technical eavesdropping capabilities. They rely on three different legal authorities. They involve collaborations with three different companies. And this is just Gmail. The same is true for cell phone call records, Internet chats, cell-phonelocation data.
Second, the NSA continues to lie about its capabilities. It hides behind tortured interpretations of words like "collect," "incidentally," "target," and "directed." It cloaks programs in multiple code names to obscure their full extent and capabilities. Officials testify that a particular surveillance activity is not done under one particular program or authority, conveniently omitting that it is done under some other program or authority.
Third, U.S. government surveillance is not just about the NSA. The Snowden documents havegivenusextraordinarydetails about the NSA's activities, but we now know that the CIA, NRO, FBI, DEA, and local police all engage in ubiquitous surveillance using the same sorts of eavesdropping tools, and that they regularlyshare information with each other.
The NSA's collect-everything mentality is largely a hold-over from the Cold War, when a voyeuristic interest in the Soviet Union was the norm. Still, it is unclear how effective targeted surveillance against "enemy" countries really is. Even when we learn actual secrets, as we did regarding Syria's use of chemical weapons earlier this year, we often can't do anything with the information.
Ubiquitous surveillance should have died with the fall of Communism, but it got a new—and even more dangerous—life with the intelligence community's post-9/11 "never again" terrorism mission. This quixotic goal of preventing something from happening forces us to try to know everything that does happen. This pushes the NSA to eavesdrop on online gaming worlds and on every cell phone in the world. But it's a fool's errand; there are simply too many ways to communicate.
We have no evidence that any of this surveillance makes us safer. NSA Director General Keith Alexander responded to these stories in June by claiming that he disrupted 54 terrorist plots. In October, he revised that number downward to 13, and then to "one or two." At this point, the only "plot" prevented was that of a San Diego man sending $8,500 to support a Somali militant group. We have been repeatedly told that these surveillance programs would have been able to stop 9/11, yet the NSA didn't detect the Boston bombings—even though one of the two terrorists was on the watch list and the other had a sloppy social media trail. Bulk collection of data and metadata is an ineffective counterterrorism tool.
Not only is ubiquitous surveillance ineffective, it is extraordinarily costly. I don't mean just the budgets, which will continue to skyrocket. Or the diplomatic costs, as country after country learns of our surveillance programs against their citizens. I'm also talking about the cost to our society. It breaks so much of what our society has built. It breaks our political systems, as Congress is unable to provide any meaningfuloversight and citizens are kept in the dark about what government does. It breaks our legal systems, as laws areignoredorreinterpreted, and people are unable to challenge government actions in court. It breaks our commercial systems, as U.S. computer products and services are no longer trusted worldwide. It breaks our technical systems, as the very protocols of the Internet become untrusted. And it breaks our social systems; the loss of privacy, freedom, and liberty is much more damaging to our society than the occasional act of random violence.
And finally, these systems are susceptible to abuse. This is not just a hypothetical problem. Recent history illustrates many episodes where this information was, or would have been, abused: Hoover and his FBI spying, McCarthy, Martin Luther King Jr. and the civil rights movement, anti-war Vietnam protesters, and—more recently—the Occupy movement. Outside the U.S., there are even more extreme examples. Building the surveillance state makes it too easy for people and organizations to slip over the line into abuse.
It's not just domestic abuse we have to worry about; it's the rest of the world, too. The more we choose to eavesdrop on the Internet and other communications technologies, the less we are secure from eavesdropping by others. Our choice isn't between a digital world where the NSA can eavesdrop and one where the NSA is prevented from eavesdropping; it's between a digital world that is vulnerable to all attackers, and one that is secure for all users.
Fixing this problem is going to be hard. We are long past the point where simple legal interventions can help. The bill in Congress to limit NSA surveillance won't actually do much to limit NSA surveillance. Maybe the NSA will figure out an interpretation of the law that will allow it to do what it wants anyway. Maybe it'll do it another way, using another justification. Maybe the FBI will do it and give it a copy. And when asked, it'll lie about it.
NSA-level surveillance is like the Maginot Line was in the years before World War II: ineffective and wasteful. We need to openlydisclose what surveillance we have been doing, and the known insecurities that make it possible. We need to work toward security, even if other countries like China continue to use the Internet as a giant surveillance platform. We need to build a coalition of free-world nations dedicated to a secure global Internet, and we need to continually push back against bad actors—both state and non-state—that work against that goal.
Securing the Internet requires both laws and technology. It requires Internet technology that secures data wherever it is and however it travels. It requires broad laws that put security ahead of both domestic and international surveillance. It requires additional technology to enforce those laws, and a worldwide enforcement regime to deal with bad actors. It's not easy, and has all the problems that other international issues have: nuclear, chemical, and biological weapon non-proliferation; small arms trafficking; human trafficking; money laundering; intellectual property. Global information security and anti-surveillance needs to join those difficult global problems, so we can start making progress.
The President's Review Group recommendations are largely positive, but they don't go nearly far enough. We need to recognize that security is more important than surveillance, and work towards that goal.
Categories: Featured, National Security Policy, Privacy and Surveillance