OODA OriginalUncategorized

Of Privacy and Security

Most of the critics of IC activities fall into one of two camps (with some cross-pollination). The first are almost not worth discussing since the main thrust of their arguments center on the words “Bush” and “lied” and it gets no more robust than that. The second camp likes to play tricks with the language in order to make what our intelligence services are doing seem like something nefarious. The use of the phrase “domestic spying” or “domestic eavesdropping” or even “domestic surveillance” seeks to stress the point that the focus of the IC is you and me and our respective grandmothers. Replacing the word “domestic” with “terrorism” takes the edge off but semantic games distract us from the concepts in question: privacy and security.

When your conception of intelligence work comes from popular culture it is easy to think that brigades of men like Tommy Lee Jones and Will Smith are going around the country using advanced technology to find and zap evil doers. Chloe O’Brien’s on 24 is a fantasy but to the paranoid she’s just your average government system administrator. The truth: every man, woman and intern working counterterrorism would use a spoon to mutilate themselves beyond recognition if 1/100th of those fantasies were reality. The people who are networked, high-tech, and dynamic aren’t in CTU; they’re the terrorists.

The real debate here is not about the rise of a police state that will seek out and punish real or perceived misdeeds of the average citizen. The government is not spying on you, nor is it even surveilling you. At worst the government is glancing over the most common piece of data that is connected to you, and unless you are al-Qaida, 100 times out of 100 it is rejecting you as completely benign. If the government were surveilling you it would not merely sift through that most common piece of data but burrow deep down into all the connected bits of data associated with it to figure out who you were and what you were doing. You wouldn’t be reading this post, you’d be in jail. At the very least you’d have been visited by the FBI.

Don’t believe me? Try this experiment: Ask everyone you know and every stranger you feel comfortable talking to if they have proof that the government has spied on them; then ask those same people if they’ve had their identity stolen by a common civilian information-age thief. Let me know when you get tired of counting the number of people in the second category.

Something else that is given short shrift in this debate is the people and culture of NSA. I’ve done their job and walked those halls, which reminds me of a joke:

Q: How do you identify the extroverts at NSA?
A: They’re the ones staring at your shoes as you walk down the hall.

As I was saying, the culture at NSA is a major factor in this debate. If there is one thing that is drilled into the heads of the brainiest mathematician or the most junior private doing traffic analysis, it is that you DO NOT use your skills and tools to listen to fellow citizens. You hear it on day one and almost every day after that until the day you leave. The mere presence of second of un-accented English picked up by accident in a sweep of the audible spectrum is enough to turn the SIGINT system into a whirling dervish. If given the choice between swapping places with John Walker Lindh and the guy who screws up the protocol for handling the possible intercept of a “US Person,” I’ll take the Jihadi’s spot every time.

General Hayden stated in his D/CIA confirmation hearings that when they kicked off the program that is being used to help identify terrorists in this country that 80-90 people were on hand. That’s 80-90 people who probably had at least a decade of service (and probably much, much more) under the “do not spy on Americans” regime; 80-90 people who were convinced that the program as designed did not violate the single most important rule in their professional lives; 80-90 potential whistle-blowers who amazingly did not feel compelled to run to Congress.

No innocent citizen’s privacy is at risk because the odds that their phone number is even retained after an initial scan are so incredibly slim that you’ve got a better chance at getting struck by lightning while claiming your Powerball check. When there is no data on hand, there is no data to abuse. When there is no chance for abuse, there is no threat to liberty.

Privacy-mad pundits rail about the “surveillance culture” that is supposedly being cultivated in this country. They connect data points like the proliferation of red-light cameras, the loss-prevention system at the department store, and RFID chips in passports – toss in allusions to national intelligence activities – and then would have you believe that Enemy of the State is real life. They suggest that they’ve changed their behavior and speech because of big brother, all the while knowing full well that 1984 is still just a book. For all the disparaging comments echoing from this quarter about “movie plot threats,” their rants sound suspiciously like a Hollywood production.

Citizens today don’t have to worry about trading privacy for security; the systems in place are designed to provide security with privacy. Were it any other way we would have heard it by now: the Pulitzer prize-winners would have told us.

Michael Tanji

Michael Tanji

Michael Tanji spent nearly 20 years in the US intelligence community. Trained in both SIGINT and HUMINT disciplines he has worked at the Defense Intelligence Agency, the National Security Agency, and the National Reconnaissance Office. At various points in his career he served as an expert in information warfare, computer network operations, computer forensics, and indications and warning. A veteran of the US Army, Michael has served in both strategic and tactical assignments in the Pacific Theater, the Balkans, and the Middle East.