I got a good laugh earlier this month when a federal appeals court ruled that the National Security Agency (NSA) could no longer collect the phone records of all US persons – and then store them in a massive database.
The laugh didn't result from the decision itself, which I wholeheartedly support. It came from the media coverage of the ruling, which made it sound like the NSA could no longer vacuum up all of our electronic data without any meaningful limits.
The decisions issued by the Second Circuit Court of Appeals dealt with the NSA's interpretation of Section 215 of the PATRIOT Act. That section authorizes the government to collect data "relevant" to terrorism investigations. However, whistleblower Edward Snowden revealed that the Bush and Obama administrations interpreted Section 215 as giving the government carte blanche authority to collect the phone records of virtually every person in the US.
This should come as no surprise. For many years, I've documented the phenomenon of "surveillance creep," where a technology or law intended for narrow law enforcement or anti-terrorism purposes is used much more broadly.
- The FBI's National DNA Index System, originally used to track sex offenders, has expanded to the point where the federal government now collects a DNA sample from every baby born in the US. In effect, newborn babies are now ranked with sex offenders.
- The so-called E911 initiative that makes it possible for emergency responders to locate you when you dial 911 in the US quickly morphed into a massive GPS surveillance initiative. US courts have gone along, on the theory that your cell phone location data isn't your property, and you therefore have no "expectation of privacy" that it won't be disclosed.
- And my "favorite" example: In the UK, anti-terrorism legislation now is being used (I kid you not) to investigate dog poop.
And just like DNA surveillance, GPS surveillance, and even dog poop surveillance, the Second Circuit's ruling will do little or nothing to restrict the NSA from sweeping up our electronic data. That will be true even if Congress fails to reauthorize Section 215 of the PATRIOT Act, as appears increasingly likely, and despite the claim by some in Congress that the repeal will "end bulk data collection."
In fact, the PATRIOT Act is just a tiny piece of the global surveillance infrastructure the US government has constructed in the years since World War II. The lynchpin of this effort is the so-called "Five Eyes" club – a top-secret intelligence-sharing alliance first formed in 1946, whereby members agree to share intelligence they collect with one another. The Club's first members were the UK and the USA. Canada, Australia, and New Zealand joined later, to form what we now know as the "Five Eyes."
The Five Eyes agreement – first documented in 1982 in James Bamford's landmark book on the NSA, The Puzzle Palace – contains a really nifty tool. Nifty, that is, if you work for the NSA or another intelligence agency of a Five Eyes signatory. It includes a clause that makes clear that each member agrees not to spy on citizens of another member without permission from that other member.
So, if Congress repeals Section 215, what do you think will happen? Simple. The NSA will simply "outsource" this data collection to one of its Five Eyes partners. Indeed, this type of outsourcing is common and longstanding.
For instance, in the 1970s, the Communications Security Establishment, Canada's equivalent of the NSA, asked the US to monitor the communications of former Canadian Prime Minister Pierre Trudeau's wife, Margaret. Was Margaret a suspected terrorist? A narcotics kingpin? A spy spilling secrets to the former Soviet Union? Not at all… When her marriage to Pierre foundered and they separated, she had affairs with the likes of Ted Kennedy and Mick Jagger. This, of course, justified surveillance by the world's most sophisticated monitoring network.
The Five Eyes agreement isn't the only NSA "solution" to the possible repeal of Section 215. There are numerous other ways the NSA can grab your phone records, and much more.
The most important option is Executive Order 12333, authorized by President Ronald Reagan in 1981. This order gives free rein to the NSA to spy on anyone, as long as the surveillance takes place outside the US. However, if the NSA "incidentally" collects the contents of a communication within the US, the order allows it to be retained.
In today's networked world, "incidental" collection of data is more the rule than the exception. For instance, all major domestic email providers have backup servers outside the US. To retrieve the data, all the NSA needs to do is to tap into these servers – a capability the Snowden leaks demonstrated it has practiced for years.
The bottom line is that if you want to "privatize" your communications, you'll need to work at it. Basically, there are five steps you should take:
- Unsubscribe from or greatly restrict activity on all social networks: Facebook, Twitter, etc.
- Encrypt your text messages, chats, emails, phone calls, data files, etc.
- Encrypt your data stream – the information going back and forth between your smart phone or PC and the Internet.
- If you use webmail services, find a non-US provider.
- Use secure non-US cloud storage.
One thing is for certain: Governments don't cede power willingly. Edward Snowden provided overwhelming evidence that the NSA is much more focused on assembling data for blackmailing current and future political enemies than it is in unearthing terror plots. And it's storing that data, permanently, in mega-facilities such as a data center in Utah that's five times the size of the US capitol building.
Nothing less than a political earthquake will change this status. And the repeal of Section 215 represents only a very small tremor.
Don't say you haven't been warned.Don't forget to Like Freedom Outpost on Facebook, Google Plus, & Twitter. You can also get Freedom Outpost delivered to your Amazon Kindle device here.