“Our government is committed to helping promote internet freedom.… We are urging U.S. media companies to take a proactive role in challenging foreign government’s demands for censorship and surveillance.”
—Former US. Secretary of State Hillary Rodham Clinton, January 2010.
Booz Allen Hamilton is an extremely successful private contractor. U.S. national security agencies in particular rely heavily on its “management and technology consulting services.” These services come at a hefty price. For fiscal year 2012 alone, the company boasted a revenue of $5,86 billion. Booz Allen Hamilton has also employed Edward Snowden for the last three years. It paid the twenty-nine-year old systems administrator a handsome salary. The job, though, despites its perks, was gradually eating up the young man’s conscience. This month, he blew this whistle:
Since 2007, the National Security Agency (NSA) specialists and security-cleared private contractors enjoy full access to all private e-mails, audio and video chats, photographs, documents and connection logs stored on central servers of nine leading U.S. internet companies. In one month alone, the NSA reports to have collected 97 billion pieces of intelligence from computer networks worldwide, include roughly 3 billion pieces from within the U.S.A.
Some suspected it all along, but now we know. As the main stream media grows accustomed to reporting national security leaks with increasing regularity, it often focuses primarily on the story of the individual whistleblower and the response of the U.S. government. This post attempts to dig deeper and reflects on the meaning of the exposed practice, its wider context, and its likely ramifications.
What does all of this mean? Daniel Ellsberg, who in 1971 smuggled one of the few sets of the top secret Pentagon Papers from the offices of the RAND Corporation before handing various copies to the press, calls Snowden’s act the most significant leak in American history. Granted, we know precious little about the extent to which the U.S. government has acted on intercepted communication. Censorship and persecutions are, thankfully, not part of the story. Make no mistake, however. What we know is gut-wrenching enough. On the one hand are the privacy infringements of gigantic proportions. Yet, the leaks also reveal—yet again—the systematic failure of democratic control mechanisms. Another item in the hall of shame is the overreliance on private contractors for inherently
governmental delicate missions. Add to this the alleged collusion of various foreign intelligence agencies with the U.S.-owned data-mining program and you have the contours of a global scandal. It amounts to another, albeit louder, wake-up call for ordinary citizens who for the most part do not spend their free time plotting terrorist acts: do not trust the mantra-like justifications of excessive government secrecy. The caveat “if you knew what we know” regularly does not pass the test. Even Senator John McCain now concedes possible overreach.
Let me unpack each of the feature items before arguing how we might be able to put the crisis to good use.
Privacy infringement. Across the globe, people are using Gmail, Facebook, Skype, YouTube, and various other handy services of companies such as Microsoft, Google, Yahoo, Apple, and PalTalk. All data—not just the metadata—is stored on central servers and Prism (the data-mining program) provides unfettered access for the NSA and its hordes of private contractors. If for any reason someone, such as Edward Snowden, decides to hone in on you, he or she would find all your information right at their fingertips—real-time intelligence without complicated authorization proceedings. Such accessibility, of course, differs significantly from the carefully marketed privacy protection pledges of those giant U.S. Internet companies.
Think of it. Given the enormous amount of data that the NSA has already collected, can we meaningfully distinguish between “private citizen “ and “public government”? Why not just switch to “public citizen” and “private government”?
Failure of democratic control. Members of the U.S. security establishment like to refer to rigorous congressional oversight proceedings put in place to protect the interests of private citizens from an overweening executive. Time and again, such measures turn out to be utterly dysfunctional and counterproductive—so much so that the veneer of legitimacy they provide should be subject to a national debate and, hopefully, some genuine reform. Often, members of the intelligence oversight committees do not get to see the most relevant information and occasionally receive what are quite simply untrue answers to their questions. Consider the following excerpt from a recent New York Times article dealing with the access to information for intelligence overseers on the legal rules guiding signature drone strikes:
But the administration withheld the opinions governing strikes targeting non-Americans that the committee has also sought, arguing that they are confidential legal advice to the president. As a result, the detailed legal rules for a vast majority of drone strikes, including so-called signature strikes aimed at suspected militants whose names are unknown to the people targeting them, remain secret even from the Congressional intelligence committees.
U.S. congressional intelligence overseers do hold all the appropriate security clearances. Yet apparently that does not mean that they get to see what they need to see to adequately assess the propriety of government conduct. Truth to be told, many overseers readily act as consultants to the executive branch but few have the political will to seek, to double-check, and to challenge the limited information they receive. All of this amounts to a striking and consequential failure to exercise a significant part of their remit. Congressional oversight—ideally rigorous and not ceremonious—bestows legitimacy on the actions of the executive branch.
Coming back to the NSA scandal, we know that Director of National Intelligence James Clapper (a former Booz Allen Hamilton executive) misled Congress when asked, on March 12, 2013, whether the NSA collects any type of data on millions or hundreds of millions of Americans. “No, sir,” was his answer then.
Thank you, then, Edward Snowden, for allowing this rare insight into government malfeasance in the name of national security. In light of the severe limitations to congressional oversight, a public debate about it is all the more important. President Obama welcomes it. Good, so does the American public, let alone us poor foreigners who don’t know the whereabouts of our private information.
Overreliance on private contractors and excessive secrecy. Secrecy, some argue, will make a genuine debate unlikely. Indeed, government secrecy and private contractors have grown like Topsy in and around Washington throughout the last decade. For fiscal year 2012 alone, U.S. taxpayers paid more than $11 billion for keeping secrets secret. This figure does not even include the far greater costs required to classify and declassify the records of the U.S. intelligence apparatus. These secrets, then, are shared, as indicated, with a growing cohort of private contractors. Dana Priest’s and Tim Shorrock’s work on private intelligence springs to mind. Private intelligence, mind you, pursues its own rather narrow-minded business interests (that is, profit), which can regularly be at odds with the more diverse interests of the general public. An overreliance on them influences sober policy decision-making on what instruments are needed and what kind of objectives take priority over others. Revolving doors (that is, former public servants turning their knowledge and professional network into profit in the private sector and vice versa) go open and shut in the nondescript office buildings along the Potomac and on Pennsylvania Avenue. As argued, it is incredibly difficult to establish any meaningful accountability for public intelligence malfeasance. Yet how does one hold private systems administrators to account? Indirectly, Edward Snowden grappled with the same question. Knowing the limitations of constitutional control mechanisms, to whom should he have turned when confronted with egregious abuses of the governmental prerogatives?
Wider implications. The NSA scandal is not just a problem for the American democracy. Other American, European, Asian, and African people have also a right to know the whereabouts of their private data. National inquiries will soon investigate the extent to which non-U.S. intelligence agencies have circumvented their own national laws and possibly colluded with the NSA in the effort. The sheer technological prowess of the NSA is not to be overlooked. People regularly invoke notions of information overload or warn against the risk of drowning in a flood of information. That may still be true, but today’s NSA has definitely caught up, at least in regard to its ability to systematically mine through enormous amounts of data.
Can we put this crisis to good use? There is a chance that these revelations will be remembered as a tipping point toward a revived, global campaign for Internet freedom. At the moment, we are observing gridlock in the global governance of cyberspace. Ronald Deibert and Masashi Crete-Nishihata recently analyzed various “practices that undercut cyberspace as open commons of information and communication” and rightly diagnosed “norm regression.” No such Internet freedom. De facto, China and the United States (despite noble initiatives such as Society 2.0 and the like) seem to move closer together in their attempts to “bring the state back in.”
The debate that President Obama anticipates and appreciates should be extended far beyond the Beltway. Depending on the repercussions of parliamentary inquiries, frank diplomacy and—above all—relentless campaigning for more Internet freedom, we might see gradual change toward “norm diffusion” again.
Finally, kudos to Hillary Clinton. Whatever the challenges of counterterrorism, she said, “these challenges must not become an excuse for governments to systematically violate the rights and the privacy of those who use the Internet for peaceful political purposes.”
Dr. Thorsten Wetzling is a Senior Researcher at The Hague Institute for Global Justice interested in contemporary European and North American security and intelligence governance.