Chapell & Associates

Monday, December 26, 2005

Spy Agency Mined Vast Data Trove, Officials Report

NY Times - December 24, 2005
The National Security Agency has traced and analyzed large volumes of telephone and Internet communications flowing into and out of the United States as part of the eavesdropping program that President Bush approved after the Sept. 11, 2001, attacks to hunt for evidence of terrorist activity, according to current and former government officials.

The Chapell View
While it remains somewhat unclear exactly what the NSA's surveillance program constitutes, it seems fairly certain that what they're doing could be best described as "data mining" - that is, creating a broad drag-net for international communications and searching within the collected email and telephone calls for certain "hot" headers or numbers.

This is an extension of what the NSA normally does - internationally. Except that the 1978 Foreign Intelligence Surrveillance Act didn't authorize domestic collection without warrants. Intuitively, then, the NSA's current actions would violate that law.

But, as Justice Richard Posner of the 7th Circuit Court of Appeals wrote in the Washington Post this week, there may be a loophole. Posner argues that because the information is aggregated and tagged by a computer and not scrutinized unless tagged as "hot" - ergo, reasonably suspicious - there is no unjustified invasion of privacy. In other words, when the NSA invades privacy, it does so for justifiable reasons - the email header or telephone number is somehow suspect - and the mere collection of communication data, done by a computer, does not count as invasive of personal privacy.

This is a frightening argument, and it is strange, I think, to imply that searches cannot be invasive as long as they are done by a computer. After all, the information is still being collected and aggregated - there is still a search, human actor or not. Not to mention that the entire notion of privacy in the online sphere falls apart if computer based aggregation of data does not count as a matter relevant to individual privacy.
posted by Isaac on Monday, December 26, 2005

© 2005 by Alan Chapell & Associates LLC