It’s great that the sunset of Section 215 has reignited the debate about mass surveillance in the United States, but all the focus on this one provision, more specifically on the telephone metadata program it permited, may miss the mark, according to Chris Soghoian, the ACLU’s chief technologist and longtime fixture at the intersection of digital security and privacy. He thinks a lack of technological understanding and diversity of experience is preventing us from asking the most important questions about the ways the United States government is collecting communications data and how effective this collection is in light of the government’s rationales for gathering it.
Last night’s expiration of Section 215 offers the chance to give our readers a taste of a Q+A that yours truly recently did with Soghoian. His comments align with the news about Section 215, but it’s pretty safe to assume Soghoian’s remarks will be relevant to other surveillance-related discussions that emerge in the coming months and years.
The excerpt below stems from a portion of a conversation about the harm being caused by a lack of both diversity of experience and technological expertise among legal experts, policymakers, and journalists involved in the debate over mass surveillance programs. High-level discourse about when government can access data is good, but this discussion should be informed by an understanding of how government actually gathers and uses that data. Bringing in voices with greater technological understanding and a more diverse range of backgrounds would enable more potent oversight, a more thorough understanding of such efforts’ effectiveness, and a better ability to judge the costs and benefits of surveillance programs. A debate that focuses solely on the legality of surveillance without details of a technological infrastructure that may exist through numerous changes in law, policy, and even governments is truly deficient.
Click through the jump to read Soghoian’s comments.
Section 215 and our focus on the wrong collection programs
“[Marcy Wheeler] keeps harping on this point and I think she’s 100% right. The FISA Court issued 180 [Section] 215 orders last year. And five of them were for the domestic telephony metadata program. Five. So we are having a debate right now about reauthorizing 215, but we don’t know what 175 of the 180 215 orders were used for. What kind of debate is that? That is the most fraudulent debate I can imagine. And again, I really think that debate around the metadata program is an intentional diversion. People in the IC have said this is not actually a particularly useful program. When they’re being honest, they’ll say they can live without it. They would rather have the fight be over this than the 175 other uses for this kind of order.
It boggles the mind that in 2015, at a time when most Americans have a smart phone, that the only debate taking place is about how the NSA collects phone records about that device. Of course they’re collecting Internet records. They are a high tech agency that employs thousands of hackers. Of course they are doing Internet metadata collection and analysis. But we’re not having a conversation about how they do domestic Internet collection. We’re not having a debate about how Americans’ data gets transmitted over international links and then gets picked up by the NSA. The trap which we have allowed this debate to be framed solely around — or constrained solely around the program that the intelligence community doesn’t really give a shit about and is willing to have it be sacrificed as a pawn to protect the other things. And we’ve played into their hands. We played into that trap completely. That’s a problem that we’ve not done a good job with.”
Harvard, Yale, diversity and the discussion about effective intelligence efforts
“One of the things I brought up in a recent debate with [former CIA and NSA director] Michael Hayden is we’re having a debate right now about whether we should reauthorize Section 215. If you take the government at their word, what they’re most interested in are calls between someone in Yemen and someone in the United States. Someone who is joining al-Shabaab, whether he’s been radicalized. They want to know who in the hot spots around the world are talking to Americans back here. And if we take them at their word that that’s what they’re really interested in — one of the points with Hayden was — people, Yemeni-Americans or Somali-Americans don’t call Somalia from their landline phone and pay $4.99 per minute in long distance rates. Americans who have family abroad use prepaid calling cards because that’s how you stay in touch with your loved ones. Yet, the 215 debate that’s taking place is solely about records from landline and wireless phone companies. We’re not having a debate about how the government gets records from Skype or other Internet-based calling systems or calling cards.
Again, if we take the government at their word, these are the calls they’re really interested in. There are going to be very few of those calls in the domestic telephony metadata program we’re discussing, and in fact most of what they want is held by other companies who are not the subject of this national debate about surveillance. And I think the reason why we’re not having that debate and the reason why that hasn’t really been pointed out in the public conversation is, frankly, because most of the people who are doing the debating have probably never called Yemen or Pakistan. That isn’t something you need to be a technical expert for. That’s something where you have to travel around the world and have friends and family in foreign countries. But, you know, the lack of diversity in the national security debate — and there is a serious lack of diversity, both racial but also socioeconomic — you may have both men, women, and people of color debating these things, but they all went to Harvard and Yale.
I think that the lack of anyone bringing up the calling card questions really sort of drives home for me the very limited nature of the debate, which I think reflects that for many of these people, these are really just sort of academic questions. What they want to debate is whether the Fourth Amendment protects data in bulk, not where does the government get the data. As a technologist, I want to discuss where the government is getting the data. I want to discuss if the government is exploiting a security flaw in our network to get the data. You know, I want to discuss the meat, the sources and methods. I think there’s also this sort of problem where the things that the technical community are most interested in discussing are the things that the government wants to discuss the least.”
For more on how the focus on Section 215 may distract from more important discussions about surveillance reform, check out Steve Vladeck’s post all about how Rand Paul “hijacked” efforts to rein in sweeping digital spy efforts.