the panopticon economy

[Eugen Leitl]

http://www.sacurrent.com/news/story.asp?id=69607

The panopticon economy

The NSAbs new data-mining facility is one component of a growing local
surveillance industry

Greg M. Schwartz

It looks innocent enough, but no loitering, please: The NSAbs Texas
Cryptology Center, under construction at 410 and West Military.

By Greg M. Schwartz

Surrounded by barbwire fencing, the anonymous yet massive building on West
Military Drive near San Antoniobs Loop 410 freeway looms mysteriously with no
identifying signs of any kind. Surveillance is tight, with security cameras
surrounding the under-construction building. Readers are advised not to take
any photos unless you care to be detained for at least a 45-minute
interrogation by the National Security Agency, as this reporter was.

Therebs a strangely blurry line during such an interrogation. After viewing
the five photos Ibd taken of the NSAbs new Texas Cryptology Center, the NSA
officer asked if I would delete them. When I asked if he was ordering me to
do so, he said no; he was asking as a personal favor. I declined and was
eventually released.

Americabs top spy agency has taken over the former Sony microchip plant and
is transforming it into a new data-mining headquarters b oddly positioned
directly across the street from a 24-hour Walmart b where billions of
electronic communications will be sifted in the agencybs mission to identify
terrorist threats.

bNo longer able to store all the intercepted phone calls and e-mail in its
secret city, the agency has now built a new data warehouse in San Antonio,
Texas,b writes author James Bamford in the Shadow Factory, his third book
about the NSA. bCosting, with renovations, upwards of $130 million, the
470,000-square-foot facility will be almost the size of the Alamodome.
Considering how much data can now be squeezed onto a small flash drive, the
new NSA building may eventually be able to hold all the information in the
world.b

Bamfordbs book focuses on the NSAbs transformation since 9/11, with the
impetus for the new facility being a direct ramification of those attacks. At
the time, the NSA had only about 7 percent of its facilities outside the
Washington D.C./Baltimore area. But the realization that additional attacks
could virtually wipe out the agency catalyzed a regional expansion. [See
bSecret Agency Man,b November 5, 2008.]

The new facility is a potential boon to the local economy since itbs
reportedly going to employ around 1,500 people, but questions remain about
whether there will be adequate oversight to prevent civil-rights violations
like Uncle Sambs recent notorious warrantless wiretapping program. The NSA
would suggest the facilitybs ability to sort through surveillance data is one
of Americabs top defenses against terrorist threats, but the NSAbs presence
comes with concerns that abuse of its secretive power could see the agency
become akin to the bThought Policeb of 1984, George Orwellbs classic novel
depicting the nightmare of a total surveillance society b and all for
nothing. Even as the facility is completed, a new government-backed report
has concluded that data surveillance is an ineffective method for identifying
potential terrorists or preventing attacks.

So just what will be going on inside the NSAbs new San Antonio facility?
Bamford describes former NSA Director Mike Haydenbs goals for the data-mining
center as knowing bexactly what Americans were doing day by day, hour by
hour, and second by second. He wanted to know where they shopped, what they
bought, what movies they saw, what books they read, the toll booths they went
through, the plane tickets they purchased, the hotels they stayed inb& In
other words, Total Information Awareness, the same Orwellian concept that
John Poindexter had tried to develop while working for the Pentagonbs
[Defense Advanced Research Projects Agency].b

Bamford details how Hayden, now head of the CIA, had originally leaned toward
being overprotective of civil rights, not wanting to see the NSA revisit the
scandal-ridden era of the 1970s and the violations of bProject Shamrock.b But
9/11 altered Haydenbs philosophical direction 180 degrees. The Total
Information Awareness project supposedly died when the plan was exposed,
Poindexter resigned, and Congress cut off further funding. But Bamford and
others have reported that the project simply migrated to the NSA, ban agency
with a far better track record than DARPA for keeping secrets.b The NSA
remembers the Alamo

The NSA was waffling on selection of a home for its new facility when the
City of San Antonio sent a mission to NSA headquarters in January 2007 to
lobby for it, part of a continuing effort to woo the agency. On January 18,
Microsoft announced its selection of San Antonio for a new data center. The
NSA followed suit three months later. Bexar County Judge Nelson Wolff was
part of the effort to entice the NSA to choose San Antonio. He says talks
centered on economic factors and what the city could do to facilitate the
NSAbs plans.

bTheybre pretty tight on what they do; they donbt share that information with
you,b says Wolff. bI hope that the administration will be addressing
[civil-rights violations], and I hope theybre correcting those concerns.b

Bamford writes about how NSA and Microsoft had both been eyeing San Antonio
for years because it has the cheapest electricity in Texas, and the state has
its own power grid, making it less vulnerable to power outages on the
national grid. He notes that it seemed the NSA wanted assurance Microsoft
would be here, too, before making a final commitment, due to the advantages
of bhaving their miners virtually next door to the mother lode of data
centers.b The new NSA facility is just a few miles from Microsoftbs data
center of the same size. Bamford says that under current law, NSA could gain
access to Microsoftbs stored data without even a warrant, but merely a
fiber-optic cable.

bWhat the Microsoft people will have will be just storage of a lot of the
email that is being sent. They keep this email b I donbt know why b and there
should be some legislation saying how long it should be kept,b said Bamford
in a phone interview last week. bThe post office doesnbt keep copies of our
letters when we mail letters; why should the telecom companies or the
internet providers keep copies of our email? It doesnbt make sense to me. But
therebs no legislation. So they need a place to store it, and thatbs where
theybre storing all this stuff.b

(Microsoft did not return a call for comment before press deadline.)

The new NSA facility boosts the agencybs already formidable presence in South
Texas, where they have 2,000 employees on the Medina Annex of the Lackland
Air Force Base b mostly Signals Intelligence, or Sigint, specialists, who use
cutting-edge technology to intercept anything from faxes to emails and
satellite communications.

NSAbs new facility also gives the agency easy access to UTSAbs Institute for
Cyber Security and the schoolbs Center for Infrastructure Assurance and
Security. The ICS was founded in 2007 with a $3.5-million grant from the
Texas Emerging Technology Fund to continue efforts to protect American
communities against cyber-attacks, with the CIAS b a think tank launched in
2001 b being rolled into the ICS. All of this led U.S. Representative Ciro
Rodriguez (D-San Antonio) to declare San Antonio bthe center of
cybersecurity, in the country and the world.b

ICS Founding Executive Director Ravi Sandhu acknowledges some synergy between
the NSA presence in San Antonio and UTSAbs cybersecurity work.

bCybersecurity in the public domain has largely been about defense, but
therebs certainly an attack component to it. To some degree, the U.S.
Department of Defense and intelligence agencies are now starting to talk
about the attack component in the public domain,b says Sandhu.

Sandhu says UTSAbs cybersecurity students are recruited by many of San
Antoniobs local employers and doesnbt doubt that NSA is one of them.
bRecruiting is one end b& but itbs an attractive thing for NSA employees
[too]. They can further their education b they can do degrees part-time, they
can do advanced degrees b& so there are advantages beyond direct recruitment
of NSA students.b Does automated data mining even work?

While the opening of the NSAbs massive new data center heightens existing
civil-rights concerns, a new report from the National Research Council
questions whether such data-mining is even effective. Sponsored by the
Department of Homeland Security and the National Science Foundation and
released in October of this year, the report suggests that pattern-based
data-mining is not even a viable way to identify terrorists.

The 352-page study bbProtecting Individual Privacy in the Struggle Against
Terroristsb b concludes that identification of terrorists through automated
data-mining bis neither feasible as an objective nor desirable as a goal of
technology development efforts.b It also says inevitable false positives will
result in bordinary, law-abiding citizens and businessesb being erroneously
flagged as suspects.

bActions such as arrest, search, or denial of rights should never be taken
solely on the basis of an automated data-mining result,b says the report. The
question, then, is how rigorously will human analysts vet such information
before alleged leads are pursued, and who has oversight of the process?

bPart of the problem is b& jurisdiction over national-security issues is very
divided in Congress. You have the Homeland Security committee, the Justice
committee, but, of course, you also have some basic issues b government
oversight, appropriations,b says Professor Fred Cate, the NRC committee
member who wrote most of the report and who serves as director of Indiana
Universitybs Center for Applied Cybersecurity Research. bSo I think in some
ways one of the issues is the need for a more streamlined oversight system so
that somebody takes responsibility for it.b

Cate says the migration of the TIA project to the NSA is part of the problem.

bBecause so many different agencies are involved and because there are no
consistent oversight mechanisms, itbs very hard [to monitor]. And Congress
created a Privacy and Civil Liberties Oversight Board, and then it didnbt
like the way it created it initially, so then it recreated it with more
powers, but it never confirmed any members to it,b says Cate. bSo for the
past year, therebs been nobody in that critical position. So I think one
immediate step for Congress and the new president will be to nominate members
and get them confirmed.b

The lack of clearly delineated oversight remains a vital yet unsolved issue.
Senator Jay Rockefeller (D-W.Virginia), Chairman of the Senate Intelligence
Committee, would appear to be the Congressman with the most power to pursue
such oversight.

bEisenhower warned of the military-industrial complex, but now itbs mostly
the security, industrial complex; itbs these people that build all the
hardware and software for Homeland Security and Intelligence and all that,b
says Bamford. bAs far as I can see, nobody has a handle on how many
contractors are out there, what theybre doing, how much moneybs going to
them, how much is useful, how much is wasted money.b

Cate says the NRC committee is not necessarily opposed to data-mining in
principal, but is concerned about how itbs carried out. bThe question is can
you do it and make it work so that you donbt intrude unnecessarily into
privacy and so that you reach reliable conclusions.b

Bamford writes in the Shadow Factory of how the NSAbs Georgia listening post
has eavesdropped on Americans during the Iraq War, including journalists,
without a warrant or any indication of terrorism. He also reports on NSA
eavesdropping on undecided members of the United Nations Security Council in
the run-up to the vote on the Iraq War resolution, with the Bush regime
seeking information with which to twist the arms of voting countries. The
spying was only revealed due to British Parliament whistleblower Claire
Short, who admitted shebd read secret transcripts of UN Secretary-General
Kofi Annanbs confidential conversations.

bThe UN people have been aware of [NSA eavesdropping] for a long time, but
therebs not much they can do about it,b says Bamford.

A common response to concerns about data surveillance is that those who keep
their noses clean have nothing to worry about. But the reach of the NSAbs
surveillance net combined with lack of oversight and the political paranoia
escalated by the 9/11 attacks means that almost anyone could wind up on the
terrorist watch list.

bThe principal end product of all that data and all that processing is a list
of names b the watch list b of people, both American and foreign, thought to
pose a danger to the country,b writes Bamford. bOnce containing just twenty
names, today it is made up of an astonishing half a million b and it grows
rapidly every day. Most on the list are neither terrorists nor a danger to
the country, and many are there simply by mistake.b

Bamford reports that consequences of being on the list could include having
an application for a Small Business Administration loan turned down; having a
childbs application to one of the military academies rejected; or, because
the names are shared with foreign governments, being turned away after
landing in Europe for a vacation or business trip. All without ever being
told why.

A senior intelligence official concerned about the situation told Bamford
bthe system is a disaster,b adding that the list at the National
Counterterrorism Center isnbt even compatible with the NSA and CIA systems.

bThey could be snooping on just about anything right now and not be
accountable and be able to hold their hands up and go, bOur system doesnbt
track that,b when in many cases the system does, but the code is so
convoluted you could never know it,b says the official.

Bamford also reports on Uncle Sambs skyrocketing use of bnational security
lettersb for obtaining personal information. The NSLs, which do not require
probable cause or court approval, jumped from 8,500 in 2000 to 143,074
between 2003 and 2005, according to a 2007 Justice Department inspector
generalbs report. Under the revised version of the 1994 Communications
Assistance for Law Enforcement Act, itbs not only a crime for any company to
refuse to cooperate, itbs also become a crime for company officials to even
disclose their cooperation.

bThere was a lot of pressure by the FBI in b94 to have CALEA enacted b& but
the Clinton Administration was in favor of doing all that,b says Bamford.

The question for us then becomes who, if anyone, is watching the watchdogs?
One organization devoted to such duty is the Electronic Frontier Foundation,
a San Francisco-based non-profit whose mission is to protect electronic civil
liberties. Reducing the use of NSLs to gag and acquire data from online
service providers is one of the planks in EFFbs proposed privacy agenda for
the new Obama administration.

bThe issue here is that when people are gagged, you canbt talk about it and
[people] donbt know what kind of abuses there are,b says EFF media-relations
coordinator Rebecca Jeschke. The EFF privacy agenda also includes repealing
or repairing the FISA Amendments Act, reforming the Electronic Communications
Privacy Act, and reform of the State Secrets Privilege, the latter which has
been used by the Bush regime to shield its electronic surveillance activity
from judicial review.

The EFF filed a lawsuit against the NSA in September on behalf of AT&T
customers who were victims of warrantless wiretapping, with defendants
including President Bush, Vice President Cheney, and NSA Director Keith
Alexander. The EFF also filed suit against AT&T b until this summer
headquartered in San Antonio, the telecom giant still maintains a sizable
presence here b for participating in the illegal surveillance program, and is
challenging the FISA Amendments Act passed by Congress in July b which gave
retroactive immunity to the telecom companies b as being unconstitutional.

bWhere I disagreed was the immunity to telecommunications entities b& and
thatbs why I couldnbt support something that provided for the immunity
provision,b says U.S. Representative Charlie Gonzalez (D-San Antonio) of the
FISA Amendments Act. bWe had something that we thought in the House was good,
and then the Senate did their own thing. But I was never happy with the
inclusion of the blanket-immunity provision to telecommunications entities,
because I thought it relieved them of a responsibility and duty that they owe
as corporate citizens.b

Gonzalez added that he thinks btherebs still tremendous shortcomings in the
law when it comes to making sure that you donbt have abuses of the authority
of eavesdropping.b

The Electronic Privacy Information Center in Washington, D.C., a public
interest research group whose mission is similar to EFFbs, is suing the
Department of Justice for access to documents authored by government lawyers
regarding President Bushbs warrantless wiretapping program. These opinions,
prepared by the Office of Legal Counsel, provided the legal rationale for
Uncle Sam to wiretap American citizens in the United States without court
approval. On October 31, a federal judge ordered the DOJ to provide for
independent judicial inspection of documents relating to the program.

The latest news in Uncle Sambs ongoing surveillance scandal happens to come
from the FBIbs involvement with the NSA. The Washington Times reported in
November that Supervisory Special Agent Bassem Youssef, who oversees the
FBIbs role in the NSAbs warrantless surveillance program, says the FBI
engaged in unlawful acts while carrying out that surveillance. Youssef, who
now fears career retaliation for stepping up as a whisteblower, is due to
testify with the Justice Department.

Whether or not the new Obama administration will enact any demonstrable
change in the personnel and policies that created the civil-rights violations
of recent years remains a question mark.

bEverything Ibve seen so far with Obama has not been focused on change. Itbs
been focused on bringing back the old Clinton Administration or continuing
the same,b says Bamford, noting the President-electbs decisions to nominate
Hillary Clinton as Secretary of State and keep Robert Gates as Secretary of
Defense. Bamford mentions Wisconsin Senator Russ Feingold as someone he feels
would fight for greater accountability.

bThatbs a person I would like to see rewarded for making the right decision,
instead of people being rewarded for making the wrong decisions,b says
Bamford of Feingoldbs record in voting against the revised FISA Amendments
Act and being the only senator to vote against the Patriot Act.

Bamford ends The Shadow Factory by quoting Senator Frank Church, the first
chairman of the Senate Intelligence Committee, during the original hearings
on the NSA in the 1970s. bIf a dictator ever took charge in this country, the
technological capacity that the intelligence community has given the
government could enable it to impose total tyranny, and there would be no way
to fight back, because the most careful effort to combine together in
resistance to the government, no matter how privately it was done, is within
the reach of the government to know. Such is the capability of this
technology,b said Church more than three decades ago.

That technology now sees its latest evolution occurring at the shadowy
building on San Antoniobs West Military Drive. b"