Privacy Paradox

Reengineering Surveillance Oversight

By Siobhan Gorman
Wednesday, September 6, 2017, 1:00 PM

This piece is part of a series on Tim Edgar's new book, "Beyond Snowden." 

One of the most important revelations following the disclosures by former National Security Agency contractor Edward Snowden was the inadequate oversight of highly invasive U.S. surveillance programs.

Both internal and external checks failed to quickly identify illegal collection of domestic communications. Tim Edgar’s new book, Beyond Snowden, serves as an important reminder that the oversight system remains badly broken, and recommends that government surveillance programs rely more on technology to enforce privacy protections.

In the current political environment where the same party controls both Congress and the executive branch, the danger that U.S. surveillance program misuse will remain undetected is even greater, because there’s less incentive to probe the activities of one’s own party.

The current oversight system still largely relies on self-reporting by NSA, which has repeatedly failed to detect its own missteps in a timely manner. At the same time, both congressional and judicial oversight of complex surveillance programs lack sufficient technical expertise to independently look under the hood, making them highly reliant on the attestations of top NSA officials.

Having seen the government’s national security operations from both inside the Office of the Director of National Intelligence and the White House, Edgar provides a striking critique of all branches of government. “Far too often, the three branches of government have competed with each other not in keeping surveillance within bounds but in avoiding accountability,” he writes.

NSA oversight is critical, given the agency’s long history of mismanaging large, sensitive programs. In more than a decade covering the spy agency as a journalist, I found repeated instances of mismanagement at NSA, stretching back to at least 1999, when a pair of NSA studies cited lack of vision at the agency.

The secret loosening of internal checks on NSA programs following the 9/11 terrorist attacks resulted in the warrantless surveillance program, Stellar Wind. This program incorporated portions of an earlier NSA program, known as ThinThread, but with its privacy protections stripped out.

Edgar reminds us that the judicial checks put into place after parts of Stellar Wind were revealed by The New York Times and USA Today in 2005 and 2006 failed to prevent or even quickly identify problems with the NSA’s program that tapped the internet backbone and collected vast swaths of domestic phone records. This failure led to repeated violations of court orders and, in the case of the internet backbone taps, Fourth Amendment protections against unreasonable search and seizure.

The agency chalked up these problems to misunderstandings of its own technology, rather than a desire to pry into the lives of tens of thousands of Americans. That defense was hardly confidence-inspiring.

These admissions of program failures, which didn’t come straight from the Snowden trove but from the political pressure he triggered, was one of the most significant revelations that followed the Snowden disclosures.

Continued problems with NSA’s program that taps the internet backbone led it to curb an element of the program, because it proved too difficult to execute without committing privacy violations. That the agency made this decision, and made it public, signals progress, but it came eight years after the issue was initially identified.

The best way to resolve the NSA oversight dilemma is to make it far less reliant on agency self-policing, lawmakers’ political incentives to probe the powerful spy agency, and a secret court that lacks sufficient technical expertise.

Edgar points to multiple technical solutions that show promise and should at least be piloted as part of the next round of surveillance reform, when Congress reevaluates a critical component of the Foreign Intelligence Surveillance Act, known as Section 702.

While Edgar somewhat facetiously calls this approach technical “magic,” it’s just math. By creatively using encryption techniques—an approach somewhat similar to those deployed in the ThinThread program before those privacy protections were stripped out—the NSA could design its technology to police itself.

With the goal of enabling national security analysis without collateral damage to privacy, Edgar points in particular to processes known as encrypted search or homomorphic encryption, which allow analysts to conduct complex analysis of data sets while they are still encrypted. Analysts would only obtain the data that is truly relevant to their search.

“You can collect the data you need, but only if you provide a rigorous technical proof that offers guarantees for the privacy of the data you do not need,” Edgar writes

Privacy benefits aside, creating a more disciplined collection system is arguably more effective, because it is more focused. Given the NSA’s chronic challenges with managing large programs, designing programs to collect data sets that are more focused on the information it truly needs will ultimately benefit our national security.

Topics: