On Security, Liberty and Government Action

The drip-drip-drip of information related to the leak of classified surveillance information by former National Security Agency contractor Edward Snowden has re-focused the debate about balancing liberty and security in an increasingly interconnected, digital world.
We now know, for example, that the NSA has basically cracked almost all routine Internet encryption, including SSL — the same technology that you rely upon when you submit your online banking information or log in to your insurance company. The NSA has some sort of agreement with all the major domestic tech companies and can effectively subvert pretty much all smartphone security. It’s even been alleged that the NSA has deliberately tampered with standards and coerced large commercial security venders to plant secret backdoors.
Are you OK with this? Are you OK with a government that feels justified in breaking or bending the law to sweep up protected information about U.S. citizens? Are you willing to nod respectfully to President Obama when he smiles and says, “Let me be clear: Trust me!” Do you believe a government that screwed up the Affordable Care Act and laughed about shovel-ready jobs while the IRS targeted ideological opponents will somehow be pure as the wind-driven snow when it comes to citizen metadata in the hands of the FBI, CIA and NSA?
(Hint: Apparently, intelligence operatives illegally peering at ex-lover files occurred often enough that it was given a humorous inside-the-NSA code name of “LOVEINT.” Think about that.)
Take, for context, the security theater that occurs at every airport in the United States. American citizens, possessed of an inherent right to travel, are nevertheless subjected to sundry humiliations like shoe removal, nude body scans and invasive luggage searches. Unless, of course, you feel like paying the Transportation Security administration $85 and agree to being fingerprinted. The rationale? To protect Americans from terrorism. The reality? You have better statistical odds of being struck by lightning while being infected by the Ebola virus than you do of perishing in an act of terrorism. The TSA’s response is wildly disproportionate to the risk, but we nevertheless take off our shoes and belts at the airport — and sometimes witness children, the elderly and disabled veterans be subjected to humiliating personal searches — just to look like Uncle Sam is being effective.
You know how you saddle-break a horse? Start by throwing a blanket over its back. Let it adjust. Then add a saddle. Adjust. Then a bridle. Adjust. Then sit on top. Adjust. Before you know it, the horse thinks the rider is a natural extension of itself, even though horseback riding is — from the horse’s perspective — a raw deal. TSA is saddle-breaking Americans to accept an intrusive security regime. We should all be wary of that.
There’s an old saying: To a man with a hammer, every problem looks like a nail. To a man with a security clearance and a defense contract, every problem looks like an opportunity for paramilitary-style surveillance operations with cool code names and the feelings of importance that come from being on Big Brother’s inside. The most significant philosophical problem with America’s current surveillance fixation isn’t whether it’s effective: It’s whether the folks manning the security state understand that there’s more than one way to skin a cat.
American-style security remains averse to human risk, so it relies on a dragnet. Instead of putting boots on the ground — in neighborhoods, or in hostile zones — America’s guardians prefer to suck up data and then pretend that they can divine meaning out of it. We’re masters of collecting everything but understanding little. Yet time and again, the default response to a public threat is to build yet another agency, pilfer ever more data, inconvenience Americans ever more directly … and without any real, obvious payoff. So, we hoover up the data, fire up the drones and pretend like it’s effective. We do that, in lieu of sending cops on the street, spies in the field and Tomahawks into the terrorist caves.
Al-Qaeda’s still here. And thanks to them, we have the TSA. Want to bet whether al-Qaeda would be around today if 9/11 had happened to the Israelis? Or the Chinese? Or the Russians?
Think of the current Intelligence Community like a project manager at your place of employment. The goal is a good outcome, but the process can unfold in myriad ways. Some PMs balance research with experimentation. Others obsess about information and are reluctant to act outside of authority. Others still rely on relationships to muddle through. There’s no one right way to run a project — just like there’s no one right way to protect a country — but some methods admit to better relative balance than others. Right now, Uncle Sam’s instinct seems to be to avoid direct confrontation and instead play with numbers. There are plenty of advantages to this strategy, but there are some real downsides, too.
So what would a well-balanced security regime look like?

  1. Airline travel would restore a bit of sanity. Cockpit reinforcement pretty much solved the pre-9/11 hijacking problem. Add armed sky marshals to the mix, to maybe two-thirds of flights — or better yet, provide some degree of combat or weapons training to flight crews — and the problem is solved without citizens having to surrender their nail clippers and bottles of water. Sure, I’ll be X-rayed to make sure I’m not bringing loaded firearms in the passenger cabin, but beyond that, extra security is more illusion than salvation.
  2. Citizens should enjoy a right to anonymity — not just from the government, but also from commercial data aggregators. I own my data. I own my data profile. Neither the government nor private companies should be allowed to collect information about me beyond what I explicitly authorize, or beyond the minimum requirements of reasonable laws. Companies like Axciom and Radaris and Facebook and Google and the like, which spy on online transactions and pattern-match consumer behavior to create elaborate dossiers about individual citizens — ought to be very, very strictly opt-in.
  3. Encryption should be impervious to sweeps by government agencies. If I want to encrypt my hard drive or send secret email, so what? Who’s business is it, anyway? Slyly suggesting that only criminals or terrorists use encryption is a clever bit of misdirection, but it’s patently false, too. As a matter of law, I as a citizen am entitled to security in my communications. That’s baked into the Fourth Amendment. If you think I’m breaking the law, investigate. Note, however, that investigation isn’t just electronic surveillance. It’s also sending a cop on the beat.
  4. The “officer safety” rationale for SWAT-style policing must be put out to pasture. Reason magazine has done some yeoman reporting about the increasing reliance of domestic police agencies to go full-SWAT on even routine warrant service. Barge in the wrong house, shoot the family dog, and say, “Well, it was all for officer safety.” That’s bullshit. Police officers aren’t overlords; they’re citizens, too. And they need to play by the same rules as everyone else. Including regarding videotaping.
  5. Intelligence-gathering operations should favor HUMINT over SIGINT. America seems to think it can enjoy supremacy without blood loss. That error will someday come back to bite us in the butt — the first terrorist organization or foreign government that learns how to hack the NSA basically cuts us off at the knees. Americans are masters of signals intelligence — Internet monitors, spy satellites, drones — but we suck at connecting the dots (remember the “Saddam has WMD” line?) through experienced human intelligence. Our personnel, who aren’t all that deeply embedded in hot spots around the world, lack subtle clues borne of cultural familiarity to help sift the wheat from the chaff. We need to get out from behind the computer monitor and spend more time infiltrating agents into terrorist cells and hostile governments.
  6. Routine monitoring must meet minimal safety requirements and be routinely scrubbed. Stuff like RFID-tagged license plates ought to be off-limits. DNA databases, too. Traffic cameras — useful for real-time monitoring — should be erased after a brief period (12 or 24 hours). There’s no good reason to maintain vast archives of data about citizens. Any suspected wrongdoing may generate a warrant to segregate some archival data, but beyond that — delete it. Permanently.

Security isn’t something that can be erected, like a moat. It must be nurtured with good sense, expert judgment and tactical flexibility. America’s systems today are a case study in why the Maginot Line failed to protect the French in 1940: Just when you think you’ve built strong enough safeguards to keep the bad guys at bay, they find a way around … and when they do, you’re utterly unprepared for the consequences.
America can do better. We can have better security policies that don’t impinge upon citizen liberty. The question is, Will we do the right thing, even though it’s harder, or do the convenient thing that’s less effective but easier to demagogue?

Why is @WeeklyStandard Leading Conservatives Astray on NSA Monitoring?

The more you struggle to justify something, the more likely the odds that the subject is inherently unjustifiable. As such, it’s disappointing that the June 24 issue of The Weekly Standard spends so much time trying and failing to reassure conservatives that the recently disclosed monitoring activities of the National Security Agency constitute a “nothing to see here, move along” moment.

Consider:

  • In The Scrapbook, we learn that “[g]iven the choice between impersonal surveillance, and a repetition of 9/11, most Americans understand what’s at stake.” Because, apparently, there are no options between impersonal surveillance and a repetition of 9/11.
  • Bill Kristol’s lead editorial — titled “IRS Bad, NSA Good” — is a veritable piñata of fallacies. He cites “two leading libertarian legal thinkers, no friends to intrusive government” who support the NSA’s activities and who are quoted, without a hint of irony, as suggesting that we “can’t cite a single case” of government abuse of NSA data. Apparently, Kristol hasn’t surveyed the overwhelmingly negative reaction to the program within the pages of Reason (the propaganda arm of the modern libertarian movement) or considered that perhaps the NSA (like the IRS or EPA) doesn’t actually disclose its abuses. After deploying the libertarian red herring, Kristol devotes half a page to an odd paean about conservatives being able to “walk and chew gum at the same time” before concluding with the non sequitur that … well, I’m not sure. The entire second half of the editorial is as perplexingly off-topic as a Krugman column.
  • Stephen F. Hayes, in “Our Disappearing President,” tell us that since Congress authorized NSA monitoring, and the four top Congressional overseers of the intelligence community are peachy-keen with things, that the only real scandal here is that President Obama hasn’t been more forceful in defending the NSA.
  • We then learn from Reuel Marc Gerecht, in “The Costs and Benefits of the NSA,” that the document leaker, Edward Snowden, is “a serious flake” and that “[c]ivil liberties after 12 years of the global war on terrorism are actually as strongly protected in America as they were in 1999.” A proposition that will come as a surprise, no doubt, to anyone who’s ever passed through a TSA screening checkpoint. Then Gerecht tells us that it’s more likely for civil liberties to be violated by “smaller organizations — the FBI, the CIA or the Secret Service” than by the presumably larger NSA. What a relief! And, by the way, someone should tell political scientists that there’s a direct positive correlation between the size and ethical integrity of a given bureaucracy. We are also invited to trust, on Gerecht’s assertion alone, that the NSA “would probably break down bureaucratically if it attempted to shift gears from foreign observation to domestic surveillance in any threatening way.” Because, of course, it’s apparently impossible to replace people from the old regime with members of the new.

So what do we take away from all of this reassurance?

First, TWS resorts surprisingly often to ad hominem attacks against Snowden and we see many more false-binary and straw-man arguments on this subject than I’m accustomed to seeing from this otherwise intellectually solid magazine. This rhetorical approach hints at an ideological meta-narrative: The writers cannot paint a principled conservative argument in favor of a wide intel dragnet, so they rely on insinuation, assertion and misdirection to arrive at a semi-plausible but logically sketchy conclusion that does comparatively little institutional violence to the muscular interventionist worldview the magazine did so much to promote during the George W. Bush administration. Perhaps the editors adjudged it better to defend the NSA, albeit imperfectly, than to acknowledge honestly that civil liberties really can be (and potentially are) a casualty in the Global War on Terror.

Second, the tack followed by TWS tracks the course charted by leaders in Congress and within the intelligence community — that without the kinds of surveillance presently underway by the NSA, America stands at risk for another 9/11.

It’s not so much that Washington leadership asserts, without proof, that surveillance has averted terror attacks. It’s not even the “trust me, there are no abuses here” line that gets tossed about with reckless abandon. Rather, the problem is the paradigm, the Hobson’s choice that our options are either to accept the surveillance or risk death by terrorist.

America may plausibly pick from any combination of anti-terror initiatives on a very long list of options. The policy currently favored in Washington indicates a bunker mentality: We’ll collect everything, everywhere, and sort things out retrospectively. We’ll hide behind a wall of security, like TSA screenings, that serve more as theater than effective deterrent. We’ll do something comparatively bloodless, like electronic surveillance, instead of risking boots on the ground or deploying human assets in global hotspots.

But why can’t we deal with terror networks in a manner that’s less disruptive to civil liberties? Why can’t we aggressively attack terror cells where they are, and hold accountable the states that harbor them? Why can’t we engage in behavior-based profiling, like the Israelis do, instead of watching TSA agents search the colostomy bags of disabled WWII veterans? Why can’t we invest in a more robust eyes-and-ears intelligence network instead of relying disproportionally on signals intelligence? Why must the emanating penumbra of the Constitution guarantee my privacy, but only about sex?

There’s a wide range of effective policy decisions between “surveillance state” and “unattended borders.” Conservatives must evaluate the risk/reward matrix for national counter-terrorism activity as part of a broader policy formulation. Is the risk of a massive loss of privacy sufficient to guarantee, for any individual citizen, a miniscule reduction in the already miniscule odds that he’ll be a victim of a terror attack? We need a national conversation about whether the benefits are worth the cost. The real scandal here is that the public hasn’t been engaged in that conversation — that the key choices have been made in secret, by people with a vested interest in building a surveillance state. That it took Snowden’s leaks to disclose a program that President Obama said shouldn’t have been all that secret, speaks volumes.

Personally, I would rather risk another 9/11 while maintaining my freedom of obscurity, than to surrender that freedom for the illusion of safety. I have no conspiracy-laden fear of the NSA or of surveillance, per se. I do object to the mindless aggregation of data that serve no useful purpose, but which one day, when an abuse does occur, puts my freedom at some small but non-zero risk.

There’s no such thing as true risk avoidance. The best you can do is balance different strategies to arrive at an optimal cost-benefit ratio. America really hasn’t addressed the cost-benefit ratio — not yet, anyway. What a shame that The Weekly Standard seems content to short-circuit the debate with a “nothing to see here” issue that proved short on substance but long on misdirection. The conservative movement deserves better leadership than this.