Saturday, June 18, 2016

Geoffrey Stone on Snowden

NSA headquarters
Geoffrey Stone, a University of Chicago law professor and well-known champion of civil liberties, was a member of a White House review panel appointed in the wake of the Snowden revelations to examine NSA's communications surveillance programs and offer recommendations on improving oversight.

In a recent published interview, he offered some sharp criticisms of Snowden and described his own surprise in discovering, in the course of the panel's work, that his initial assumption that NSA had "run amok" was "completely wrong":
The more I worked with the NSA, the more respect I had for them as far as staying within the bounds of what they were authorized to do. And they were careful and had a high degree of integrity. My superficial assumption of the NSA being a bad guy was completely wrong.
I think his criticisms of Snowden are well founded and worth reading in full, especially where he scores Snowden for his arrogance in assuming he could singlehandedly confer on himself the right to decide what information should and should not be classified, and for his contention that his actions ought to be above the law since they were in a good cause.  (In Stone's words, "I don't doubt that Snowden was courageous and did what he did for what he thought were good reasons. But I think he was unduly arrogant, didn't understand the limitations of his own knowledge and basically decided to usurp the authority of a democracy.")

And I also agree with Stone that most NSA employees I have met are honest, decent people, acting with integrity, and that NSA did in fact develop and implement comprehensive procedures to try to insure that the masses of data vacuumed up in its bulk collection programs were used only to locate and identify legitimate foreign terrorist targets.

Nonetheless, I think Stone is a bit too easy on the agency in two key respects.

First is that NSA almost certainly violated the law, and probably the Constitution, when it first began collecting masses of telephone and internet data without a warrant, acting on a "presidential authorization" in 2001 that flatly contradicted statutory law.

The President's Surveillance Program directed NSA to intercept without court approval communications when one party was believed to be a member of al-Qaeda, even if the other party was a US citizen or resident.

But that is a situation that the law specifically says requires a warrant: The Foreign Intelligence Surveillance Act, enacted in the wake of the Watergate scandals (which revealed that NSA, among other things, had targeted for surveillance US citizens on Nixon's "enemies list," including newspaper columnists, political opponents, and domestic antiwar activists), in fact makes it an explicit criminal offense for any government official acting under color of law to conduct surveillance on a US person without a warrant from a special court created by the same law, the Foreign Intelligence Surveillance Court (FISC). 

Likewise, even after NSA's bulk telephone calling data ("metadata") collection program was (possibly) legalized under section 215 of the 2001 Patriot Act, the FISC (as we now know) repeatedly chastised the agency for "substantial misrepresentations" to the Court of the extent of its data bulk collection programs and for overstepping court-mandated rules to "minimize" the "incidental" collection of US citizens' data.

These are not trivial points or technical hairsplitting. One of the most fundamental protections in the Constitution is the right of privacy embodied in the Fourth Amendment and its rejection of dragnet-like sweeps by government officials. This was a legacy of English common law and the famous John Wilkes case, long celebrated by champions of liberty at the time of America's founding, in which the Lord Chief Justice held that "a general warrant is no warrant": that a search warrant could not authorize officials to go through every house in an area searching for subversive publications, but had to specify the exact place to be searched and the items being sought, and provide at least some grounds for believing that these items were present there. NSA's bulk collection programs stood directly on its head this fundamental protection of the right to privacy.

Wilkes and Liberty, celebrated on a punchbowl from Colonial Williamsburg
The second real problem with NSA's actions in operating the bulk collection programs is one that comes right out of the agency's Cold War history (the subject of my just-published book Code Warriors). Throughout its existence, NSA has always been intensely driven in its mission by its own technological capabilities: if it can do it, it did do it, and it always was trying to increase what it could do. Some of this is human nature; some of it is unique to the bureaucratic forces acting on military and intelligence agencies, which always have an incentive to maximize technical capabilities regardless of mission needs—just as in the Air Force and Navy the imperative to buy newer, bigger, faster, more expensive planes and ships always came first, while the military justifications for them were often almost an afterthought.

But the point is that the capability was there to carry out unprecedented monitoring, tracking, and spying on American citizens by a government agency, a capability that all known bureaucratic forces were working to expand ever further. And NSA's history offered small comfort to the idea that none of this should worry us because the agency's own internal rules and procedures prevented this capability from being abused. The whole reason for the FISA court's establishment was to provide an outside check and legal oversight of NSA by an independent body.

Recent congressional action to end the NSA bulk telephone data program was a small but important step in addressing both these dangers: of too much reliance on internal self-restraint, and too much technological capability in the hands of government. It's a rare case where the lessons of history I think have been heeded.