acm-header
Sign In

Communications of the ACM

ACM News

Nsa's Surveillance Program Could Dig Deep


View as: Print Mobile App Share:
A wiretapper listening to a conversation.

With the NSA's surveillance of telephone and Internet data largely shrouded in secrecy, it's hard to know how effective it is in fighting terrorism.

Credit: Paramount Comedy Channel

The collection of telephone and Internet data by the U.S. National Security Agency (NSA) could be exposing a lot of Americans’ personal information to government scrutiny, and it may or may not be helping to combat terrorism. With the NSA’s activities shrouded in secrecy, it’s hard to know, experts say.

"We know too little about what they’re doing right now to be able to make statements about it," says Susan Landau, a former Distinguished Engineer at Sun Microsystems and author of "Surveillance or Security? The Risks Posed by New Wiretapping Technologies."

Yet it can be said that the data being collected has the potential to reveal a lot of personal information. Documents leaked by Edward Snowden show the NSA is collecting telephone metadata—numbers called and the time and length of the phone calls. Although President Obama said in a press conference, "nobody is listening to your phone calls," Landau says that a lot can be deduced just from calling patterns, without any knowledge of the actual conversation. For instance, someone who watched telephone records during a period in 2010 when the CEOs of Sun and Oracle spoke to each other, then spoke to their legal counsels, then spoke to each other again, and so on, probably would have been able to figure out a merger was in the works before it was announced.

"You can learn a huge amount by knowing who someone’s calling and when they call and how often they call," says Fred H. Cate, professor of law and director of the Center for Applied Cybersecurity Research (CACR) at the University of Indiana. Calls to a suicide hotline or an HIV testing clinic, for instance, might give away private information. Calling patterns might indicate that someone is having an affair, or goofing off at work. An unscrupulous government agency might use such information against political enemies, or employees with access to the data might use it for their own ends; Cate says Snowden himself proves that that is possible.

None of this information is protected by the Fourth Amendment, Cate says, as a result of the Supreme Court’s "third party doctrine" — when someone calls someone else on the telephone, they’re telling a third party (the telephone company) the number they’re dialing, and thus have no expectation of privacy, so no warrant is needed for the government to access that information, the Court has ruled.

Snowden’s leaks revealed a second program, called PRISM, in which the NSA is collecting user data from large Internet companies, including Google, Microsoft, Yahoo, and Apple. The companies deny data is being collected en masse directly from their servers, and say they only supply information about specific individuals based on legal requests from the government. Those requests are approved, in secret, by the Foreign Intelligence Surveillance Act (FISA) court, but there are few limitations, Cate says.

Prism, as it turns out, is also the name of a piece of software developed by Palantir Technologies of Palo Alto, CA, which (among other markets) sells software to the government for use in intelligence gathering. The company says there’s no connection between that software and the NSA program. Forbes Magazine quoted Palantir’s legal counsel Matt Long as saying, "Palantir’s Prism platform is completely unrelated to any U.S. government program of the same name."

However, the company’s website says its intelligence software can pull together data from disparate sources to help the government identify terrorist threats. A description of the software says, "Enterprise data sources, unstructured cable traffic, structured identity data, email, telephone records, spreadsheets, network traffic and more can all be searched and analyzed without the need for a specialized query language."

The website also says the company builds privacy protections into its software. "Palantir is constantly looking for ways to protect privacy and individual liberty through its technology while enabling the powerful analysis necessary to generate the actionable intelligence that our law enforcement and intelligence agencies need to fulfill their missions," the site reads.

To get an order from FISA to collect data on a US citizen or permanent resident, Cate says, the government must supply a reason but doesn’t have to show probable cause, the standard for obtaining a warrant. For people outside of the US, or for someone employed by a foreign government, not even a reason is required. Because the whole process is secret, "You’ll never know if under a FISA court order you’ve been looked into," Cate says.

Another concern is how effective the NSA’s domestic surveillance is at catching terrorists. General Keith Alexander, the NSA director, told a Congressional hearing that the agency’s surveillance had helped stop "over 50" potential acts of terrorism in the years since 9/11. Landau, however, in an article in IEEE Security and Privacy, says that without more details, it’s hard to know how serious those threats were, and whether it was NSA telephone surveillance or other means that uncovered them. In one serious case, a plot to plant bombs in New York City’s subway, it was a tip from British intelligence, and not metadata collection or the PRISM program, that led to the suspect, Landau says.

In a 2008 study, "Protecting Individual Privacy in the Struggle Against Terrorists," the National Academy of Science questioned the effectiveness of data collection programs. To be effective, analysts have to filter out the relevant information from huge quantities of data; unlike standard data mining, such searches must deal with terrorists’ deliberate efforts to obscure their intent. Automated detection of terrorist attacks may not be possible at all, the report warns, adding, "even in well-managed programs such tools are likely to return significant rates of false positives, especially if the tools are highly automated. Because the data being analyzed are primarily about ordinary, law-abiding citizens and businesses, false positives can result in invasion of their privacy."

The patterns that data mining programs find might not be enough to identify a terrorist group. People who change addresses fairly frequently and who buy things with pre-paid cards might be a terrorist cell, or might be college students without an extensive credit history or a long-term residential address. "Students and terrorists look a lot alike," Cate says. Small groups of people who communicate mainly with other group members could also look suspicious, Landau says. "It could be a terrorist group, or it could be a start-up or a rock band, and statistically it’s more likely to be the latter."

Such computer-generated leads would need to be followed up by human investigators, so too many false leads could be counter-productive. "The question is, where do you put a finite amount of resources?" Landau says. "You have a choice between following leads provided by people and building more and more complex systems that give you leads."

The Snowden revelations also raise challenges for both business and international relations. Non-US businesses may be unwilling to store their data in a cloud service offered by an American company when they have no assurance the government won’t be poring through it, Cate says. And trying to pressure China, for instance, on cybersecurity issues has become politically more difficult since the Snowden leak, he adds.

Ultimately, both Cate and Landau say, there should be more public discussion of what the government should be doing with people’s data; perhaps a new version of the Church Committee, a post-Watergate Senate committee that reviewed the intelligence-gathering operations of the NSA, Central Intelligence Agency, and Federal Bureau of Investigation.

Cate says people need to develop a whole new mindset to think about the kind of data that’s available about us and what can be done with it. "What we’ll be living in in the future is a world in which everything we do is giving off little digital trails," he says. "If you can collect these and you have enough computational power, you can put these together in ways I don’t think most of us can imagine."

Landau says there may be technological means to reduce invasions of privacy, but they can’t be separated from policy solutions, and can’t even be considered without knowing more about what the government is doing. Cate agrees: "There are no technological solutions, because this is really going to be a situation where the solutions have to be imposed by law."

Neil Savage is a science and technology writer based in Lowell, MA.


 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account