This has been quite the weekend for revelations about the state of government surveillance in this day and age. The suspicions of a lot of paranoid people were validated as we learned that the U.S. government is indeed collecting a vast amount of communications metadata and cloud data from citizens and non-citizens alike. For those of us who aren’t exactly thrilled about this series of events, it’s just another step down the path that we have trod since 9/11. But given the vastness of the news uncovered this week, it’s time to have an honest talk about what is and isn’t possible about the state of government surveillance these days.
First, let’s be honest: Moore’s Law has made increasing government surveillance an inevitability. The NSA program is the direct result of ridiculously cheap storage and computing power. Ten years ago, this wasn’t possible, and ten years hence, with Google Glass 7.0 with multi-target facial recognition, voice recognition that can follow and identify 100 simultaneous conversations in a crowd, and advanced data analytical techniques, this will look like child’s play. The increase in computing power guarantees that we will have more surveillance and less privacy in the future, and there is very little we can do about it.
After all, large corporations already have this. We let Amazon decide what we should buy, Netflix decide what we should watch. I would highly suspect that Verizon and the rest of the large telecom carriers were conducting their own social networking analyses from phone metadata in order to improve their marketing and product design capabilities. The big difference is that government efforts in their arena get far more attention than private-sector privacy violations: how many people have grocery store loyalty cards? How many of us post our entire social network and our entire social lives on Facebook?
Finally, those of us who oppose widespread surveillance have to reconcile to the fact that the public supports it. Mere majority support is never a sufficient reason to acquiesce to something that is repugnant, but it certainly changes the color of the debate. The previous administration started the expansion of government surveillance after 9/11 and the current administration has expanded it, and at all times it has had majority support.
So what is to be done? As much as I would want it, I don’t think these programs are going to go away anytime soon. But much can be done to make these kinds of things a bit less egregious:
Transparency. This isn’t sophisticated counter-espionage of yore. It’s bulk data collection and mining, pure and simple. There are no fancy techniques to be protected, no tricks of the trade. Simply hoover up as much data as possible and store it for later analysis. And to that end, it’s time to end the secrecy around these programs. Let’s be honest about what is out there so we can have an honest debate about the programs. Furthermore, let’s be honest about the consequences of these programs. No more “We stopped XX number of terrorist attacks thanks to this, but we can’t tell you how.” We are all adults here. Share.
There may be some people who say “Well then the terrorists will know what we are doing!” They already do, and again, this is not subtle: we are to the point where we can capture just about every digital bit of data about a person that they create. No trade secrets here. And so what if terrorists change their behaviors as a result? What are they going to do, communicate via postcards? Fine by me!
Controls. How is this data protected? Who has access to it? How long is it retained for? What governance structure is there? This relates closely to transparency, since most of these items are currently state secret, but it’s time to thrown open the doors to this. It’s one thing to require a court order to go through a year’s worth of phone records in the wake of a terrorist attack. It’s quite another for the government to page through 30 years of data without oversight in order to look for any manner of wrongdoing. We are assured that reality is closer to the former than to the latter, but is it? Let’s see the controls and determine what we are comfortable with for ourselves.
Privacy. The European Union and Canada have far greater privacy controls for its citizens than here in the United States, including things like the right of access and the right of accuracy. Since it’s unrealistic to expect that both private and public data aggregators are going to go away, shouldn’t we at least have the right to make sure the data that businesses and the government have on us is accurate, and that minimal privacy protections are in place?
Given history and technology, I expect that these kinds of revelations will continue into the future, and they won’t get any less disturbing. I don’t think we’ll ever eliminate this surveillance unless we eliminate technology altogether. Thus, the only rational plan going forward is to ensure that we all have an idea of what the government is actually doing in our name.