Richard Clarke is concerned that Stuxnet, presumed to have been an Israeli-American initiative aimed at Iran’s nuclear program, is being studied by China to use against the U.S. “It got loose because there was a mistake,” he told Smithsonian Magazine. Clarke was angry, calling Stuxnet, “The best cyberweapon the United States has ever developed,” which it “gave the world for free.”
While America might be doing one better – ABC News has reported that work has begun on a new Stuxnet – this threat of “cyberproliferation” is not high on the list of defense analyst Thomas Rid’s concerns. For all the Stuxnets in the world, the real cyber battles are in fact being fought against dissidents in countries such as Belarus, China or Syria. Social media users have been disappeared in Saudi Arabia and North Korea looks to state-run intranets to control their publics. That is the war Thomas Rid says the authoritarian regimes are pursuing, and pursuing effectively.
The fixation on exponentially increasing a security agency’s information gathering and retention rates presents a troubling prospect for any democracy. Not least because authoritarian governments have sought out help from private sector firms in democracies such as the United States, and Germany – who have already prepared equipment for such a contingency. Take the off the shelf gear used for monitoring journalists, recovered from Gaddafi’s staff last year. It was made in the West.
Massive, warrantless surveillance – in particular, growing reliance on the interception of phone calls, social media postings and email exchanges – is obviously not the sole preserve of the dictators of the world. They just use what they can get to maintain their power in a radically changing communications environment, where online and mobile applications like social media offer new ways to organize and disrupt the existing social order.
Hence, it is not enough to just ban a newspaper or deny a protest permit anymore. Now “suspect” persons must be monitored at every stage of their activism, or, more often than not, conducting their personal affairs, if they’re going to be prevented from causing problems. Last year’s lockdown of Lower Manhattan in the early morning hours of November 15th demonstrates clearly just how “unpredictable” and “dangerous” unarmed protesters are viewed, even in countries like the U.S. and UK.
But then, where were the Tories in 10 Downing Street and Westminster not four years ago, when Shadow security minister Baroness Pauline Neville-Jones, a Conservative herself, announced a “clean up” of the Regulation of Investigatory Powers Act (RIPA)? We are now in 2012, where Prime Minister David Cameron is vociferously defending legislation to create a massive online dragnet accessible to the British authorities whenever, wherever, and over whatever they deem to be of interest to an investigation. “Details murky,” the CBC rather succinctly (under)stated at the beginning of April.
The dragnet is seen as sorely needed by its proponents in order to keep pace with unconventional threats. George Osborne won’t have trouble finding contractors if it needs to outsource some bits: “Since 9/11, the amount of data from drones and other surveillance technology has risen 1,600 percent,” the CEO of ITT Exelis Geospatial Systems told Forbes in March, noting that “defense companies who have strong positions producing sensors like satellite payloads and airborne surveillance systems have leveraged their expertise in the collection business to help military customers begin to tackle the challenge of information overload”.
“Big Data” was in the title of the article: big money was the subtext. As the Wall Street Journal cited in a series on surveillance markets, between 2001 and 2011, the “retail” industry for off the shelf monitoring products has grown into a US$5 billion market. That the WSJ now regularly reports on such sales by Chinese firms in Eastern Europe and Western companies in the Middle East, whose wares can intercept, store and alter private emails, demonstrates how the industry has become part of the world economy. What could be more quintessentially American than the fact that there’s a cybersecurity lobby in the Beltway competing for legislators, drafting bills and seeking defense contracts?
STRATFOR is a prime example of such an operator. Internal emails released by WikiLeaks showed how the firm sought to grow its network through online information collection, and also to recruit more retired and active officials with U.S. government agencies. But corporations are also increasingly making use of these private agencies to spy on those who’ve fought them: Dow Chemical reportedly contracted STRATFOR to spy on the Yes Men, a group of artists who’ve “pranked” the company to protest its policy towards survivors of the Bhopal chemical disaster. Say what? The company clearly did not receive the activists’ message in good humor.
A few decades ago, Dow’s liaison with STRATFOR would have been cause for media outcry, or at least a Congressional hearing. After all, the reason the NYPD – whose Demographics Intelligence Unit was recently caught up in an expose by the Associated Press over its surveillance of Muslim Americans – even has such a unit is because the NYPD successfully challenged a prohibition upon the police infiltrating protest movements or “suspect” associations without clear leads. The excesses of A. Mitchell Palmer, Joseph McCarthy, J. Edgar Hoover and Richard Nixon against people who fit an ethnic stereotype, or were their political opponents, were not imagined excesses.
Yet even in a world of easy PATRIOT Act reauthorizations, more traditional methods of gathering information, such as infiltrating agents, are still somewhat proscribed by law. Electronic surveillance is the much more attractive option: text and tapes constitute “hard evidence,” and offer much less risible options when compared with searches of premises or “enhanced interrogation techniques.” It is security on the cheap not in terms of finances, but politics. Indignation is much harder to evoke over the prospect of the government holding onto all your emails for five years for no specific reason than it is for warrantless wiretapping.
Yet even over this pervasive, illegal practice, indignation is muted. Warrantless wiretapping was a creature of the Bush Administration, but it has been the Obama Administration keeping up the Republicans’ “state secrets” defense of the practice and (successfully) shelving efforts to shed scrutiny on the telecommunications firm involved in the program, such as AT&T.
The story behind the National Defense Authorization Act (NDAA) suit brought by former New York Times columnist Chris Hedges and three others demonstrates the pitfalls quite well: a number of FBI contractors, private intelligence companies and police forces came together seeking data on the movement’s organizers (and also the “hacktivists” of Anonymous and WikiLeaks,) despite having no evidence or suspicion of criminal wrongdoing to pursue warrants. Both WikiLeaks disclosures and FOIA requests show that the Department of Homeland Security “closely monitored the Occupy Wall Street movement, providing agency officials with threat assessments, regular updates about protests taking place throughout the country.” The FBI, Leopold says, has not provided information about their own activities here.
These changes are accepted as inevitable and natural occurrences of history, of “the world we live in,” rather than undertakings that have been pursued collectively by a host of agencies and legal advocates over a decade. The danger is less that of the growth of off-the-shelf surveillance technology, but that it is often just seen as an “off-the-shelf” product, as though it has no political significance. If most voters and politicians can agree that a gun purchase in the U.S. has at least something to do with the 2nd Amendment, then the purchase of an email tracking system by a government agency must surely have implications for the 4th? Or the 6th? One Department of Homeland Security Pittsburgh agent has already raised the 1st:
“Both myself and [redacted]…are somewhat concerned that several items contained in this Intel Bulletin might be advocating surveillance and other countermeasures to be employed against activities protected under the 1st Amendment. Would either one or both of you be able to see what could be developed from this document that [redacted] could take back to the Intel staff that produced this so that in the future they have a greater awareness of how to develop intelligence assessments that don’t undermine Constitutionally protected speech and assembly rights?”
Court-admissible information obtained in new ways requires an expansion of legal theory to understand its implications with regard to the American Constitution, to draw the lines between what is admissible and what isn’t based on how it’s obtained. Despite protests from lower courts, the Supreme Court, Congress and Justice Department have so far largely insulated themselves from such scrutiny by permitting the construction of a successful, and very broad, homeland security defense.
At this point, civil libertarians might want to start hoping that if the NSA’s geocaching supercomputer –though sworn to never be used against U.S. citizens – gains sentience, it turns out to have libertarian leanings.