[privacy] FW: U.S. Government to Ask Courts to Toss Phone

["Lindsey, Ben J" <ben.lindsey () centerpointenergy com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


(Offline message to coderman, slightly modified for proper English, etc...) 

- -----Original Message-----
From: Lindsey, Ben J 
Sent: Monday, June 12, 2006 2:48 PM
To: 'coderman'
Subject: RE: [privacy] U.S. Government to Ask Courts to Toss Phone

> On 6/12/06, Lindsey, Ben J <ben.lindsey () centerpointenergy com> wrote:
> > ...
> >   When it comes to tapping international phone calls that 
> the "government" (whoever that may be) feels are made to/from 
> possible terrorists, I have to admit this doesn't 
> particularly bother me.  I consider that it's a time of war 
> and if it ever puts me out in some manner, it's the least I can do.
>
> here's a different question: are there different types of "at war" to
> consider?  the war on terrorism is like the war on drugs; it will
> never be "won", only mitigated to varying degree.

  I personally wouldn't compare the two "wars" -- but that's just me.  I see them as being very different.  I do agree 
there will be no defining moment of victory.  I certainly hope that one day it will certainly be a smaller problem (or 
perhaps a less worrisome one) so that we might get on with things as usual.

> how comfortable are you with a continued "state of war" where the
> battlefield is the american homeland (and the resulting military
> intelligence directed at domestic targets)?

  I'm not comfortable with this by any means, but I tolerate it, to a certain degree I accept it as part of the 
situation.  I don't think any "state of war" (or "national security risk" for those who don't see people getting killed 
on TV every day) by anyone's definition in the US or abroad was meant to be comfy for those involved -- and I think 
(personally) that people in the US (as they are possible targets) are in fact involved.  I don't live in fear of 
terrorism -- simply in the knowledge that I am not untouchable.
 
> this is really the crux of the debate: how much legal authority was
> granted to the executive in this situation when we formally entered a
> "war on terrorism".

  By law written previous to the war, or by more recent legislation?  And when you think about this, remember that the 
President is not only head of the executive branch, but the commander-in-chief of armed forces -- as such, if he 
requires something to carry out that duty, I have no problem considering it -- but others seem to throw up a wall 
without consideration.  I honestly can't tell anymore whether that is simply because of who he is (which is certainly 
an issue) or the thing he asks for -- it has become blurry in that respect.  I would certainly say the wording the 
Authorization of Military Force was (at best) nebulous.

> >   Domestic calls are a slightly different ball of wax to me.
> >
> >   On the one hand I have no problem with my phone records 
> (who I called and who called me) being sent to the 
> government.  As a former ELINT/SIGINT specialist, I 
> understand the wealth of information which can be gleaned 
> from this once you have identified a particular bad 
> guy/terrorist via some other means. (international calls to 
> UBL for instance:)) So many times we wished we had known the 
> endpoints of traffic we handled, and God knows what we missed 
> because of it.  But I also have to add that this is really 
> only acceptable to me during wartime or when there are 
> perhaps grave national security concerns.
>
> call data records and endpoint analysis are probably here to stay.
> there is precedent for dialed numbers / pen registers.  i was a little
> confused over the daytona / carrier CDR's deal since this is much less
> interesting than the deep inspection by the narus equipment for
> example.

  I find the Narus deal a bit fishy for the same reasons I wouldn't want citizens to have their phone calls listened to 
without sufficient cause.  As juicy as all that data may seem, with no oversight, it’s a nightmare.  Mostly I see the 
Narus deal as a waste -- for instance: why watch all the channels all the time if the only one with shows you care 
about also gives you the ability to concentrate!  There is simply to much data there to comprehend, via human or 
machine.  (I wouldn't begin to compare the data involved in call tracking and tapping with the trillions of reams of 
data this will create.)

> >   However, unless I am talking to a suspected terrorist, I 
> cannot accept for any reason the monitoring of my domestic 
> telephone calls without warrant.  Sure, I don't care who 
> knows what number I dialed -- but what was said during the 
> call was personal and private.  I know how many people have 
> access to the phone record data already, so I'm not 
> particularly bothered if the NSA (or other appropriate 
> agency) wants it for their database.
>
> agreed.  and this hints at another problem: how much privacy invasion
> has been offloaded to commercial data providers.  ChoicePoint and
> Acxiom and the smaller (often more shady) companies get some heat now
> and then, but not nearly as much as deserved.

  Ah yes, ChoicePoint and Acxiom...  (And yes, there are far more shadowy entities.)  The data they deal is (to my way 
of thinking) something that should never have been placed in private hands -- much less the analysis of such data.  
(Private companies with this data should provide it to private citizens as well -- somewhat like credit histories..)

> >   The views expressed (in general) on these matters in the 
> list seem (to me) to indicate that nothing of the above is 
> acceptable at any time without the standard warrant process 
> -- whether there is previous precedent for it or not.  Things 
> much worse (in the eavesdropping vein) have taken place 
> during (and outside of) national emergencies in the past, but 
> there seemed to be no media talking it up (or complaints) 
> until this current action.
>
> can you provide some examples of the much worse that went unnoticed?

  I can only think of things I was aware of because of my former position -- but certainly you can think of situations 
in US history where certain rights were suspended or flat-out run over in order to address an issue of "national 
security."  (War or no war.)

> to me the biggest issues are:
> 1. intentionally bypassing FISA (with an apparent recognition that
> approval would be refused)

  I'm not so sure it wouldn't have been approved under FISA -- but I do know the time it would have taken could have 
made a large blind spot during the wait, or even worse, spilled the beans.  Given the wording of the Authorization of 
Military Force by the house and senate, the administration may have even felt there was no need.  I would also imagine 
that they needed this to remain under the radar as long as possible in order for it to be effective.  It is difficult 
to say if that was the reasoning, and as you say, this remains an issue.  I can only think of possible reasons it was 
done as it was, I'm not what you might call a proponent of breaking the rules.

> 2. taking programs denied in congress (TIA) into deep black rather
> than terminating them.

  I already told you what I used to do for a living, so there is little I can say other than deep black often serves a 
vital purpose -- even though on the face of it I agree, it often does look deceitful.  I remember a certain military 
intelligence project for instance that had information about 911 terrorists before the fact.  Whether the information 
they gleaned would have been effective had it become known to the proper domestic authorities is not something I can 
begin to speculate about.  I can't say how "black" a project that was, except to say it is likely that congress/senate 
would not have liked it.

> 3. structuring highly classified/compartmentalized programs with as
> little oversight as possible.

  Oversight is great, so long as it does not compromise the mission, otherwise why even try?  If oversight could be 
safely achieved, I would certainly jump on the oversight bandwagon.  Trouble is, we don't have people capable of proper 
oversight at this point.  Sure, we have lots of politicians (of all kinds) who like to say the word, but I'm not sure 
they understand the possible consequences of doing it wrong.  I'm sure we will get there eventually though, I imagine 
everyone would like to know that there were competent watchers watching the watchers.

> the daytona database and call data record analysis is much less
> interesting or concerning than the domestic call eavesdropping
> (purportedly if one end is foreign, though this is in doubt) and the
> deep packet inspection of data communication (narus taps, etc).

  ECHELON rises again, huh?  Very interesting, I agree.

> >   Further:  If you are in the US, but not a citizen (or 
> diplomat of some kind) -- should I care if the NSA listens to 
> *every* word you say on the phone?
> >   Am I misreading everyone (because really its not just 
> this list, I am not pointing fingers -- again, just seeking 
> clarity about the issue and views surrounding it) -- or am I 
> in a state of misunderstanding about what is (or perhaps the 
> depth of what is) going on?
>
> perhaps i misunderstood; the domestic eavesdropping involved citizens,
> not foreign nationals on US soil.  is that what you meant by the above
> with regards to diplomats in the US?

Yes, it involves citizens, but also foreign nationals -- but no one (to my knowledge) has ever said, "Stop taking our 
information and privacy and only take theirs.."

> as far as the list goes, i think most of the concern is about keeping
> the proper oversight and accountability in place when surveillance is
> used.  the recent Canadian incidents are a good of example of how
> useful good intelligence can be for protecting the public.  but
> contrary to giving the spies a blank check, i think this underscores
> the need to keep them (the intelligence agencies) well within the
> bounds of the law and continually under reputable oversight /
> accountability processes so that they can continue to be effective.

  Accountability is something that is measured in stages, to say there is no accountability in this situation would (to 
me) be a supposition at this point, there will be accountability, but how many fingers can be in the informational pie 
before it is unacceptable.

  Oversight is another step in getting something done -- is this step always helpful?  Could this step frequently cause 
additional problems?

> lack of accountability only breeds abuses and incompetence to the
> detriment of legitimate uses of these services.

  Agreed. Totally.  But I'll take accountability instead of oversight anytime.

> for example trying to find terrorists with profiling (the TIA
> programs) is theoretically and empirically ineffective and counter
> productive, as evidenced by the flood of worthless leads turned over
> to the FBI by this program and the inherent limits of such statistical
> profiling to identify such a small subset of the population (the
> terrorists).  this is an example of a program that is worthless and
> should not be implemented, yet continues on despite the will of
> congress and without sufficient oversight and probably outside the
> legal boundary of reasonable search.

  I will certainly say that TIA is not a mature program -- but to say that what it is intended to do cannot have a more 
useful future seems to contradict the entire method.  (which is to say, the more data you get and the better you become 
at interpreting it -- the more true positives you will receive)  If indeed it cannot be perfected however, I agree, 
chuck it -- for now, I'll give it time.

  When citizen A places a call to suspected terrorist B at the Tora Bora hideout, it would certainly be nice to know 
that there were capable people keeping an eye on Mr. A and his friends.  To be honest and simplistic, I think this is 
the singular goal of the entire domestic program.

> and last but not least, i am strong advocate of personal
> responsibility for your own privacy.  if you are concerned about your
> data communication being sifted and filtered through, implement end to
> end privacy with any number of available tools and support projects
> and efforts to do so.
> (defeating endpoint / social network analysis requires zero knowledge
> mixing, which is much more complicated and latent)

  Indeed, it is quite simple to defeat just about everything under the sun.  Surely though you can see the value in 
collecting data from convenient sources until such time as all the bad guys get wise....   ;)

  Thanks a ton for your mail, I appreciate it a great deal.  It is quite nice to have a good conversation about this 
for a change.  Thanks to everyone actually, this has been a pleasure thus far.

Take care!

- -bjl

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.6 (Build 6060)

iQA/AwUBRI7EERccr+NAdBIpEQLhKACgiIINFMIpCkHOjCaV6eLdNK4cZukAoOWW
8AEtFEMCTdCno/7TffVaixDq
=/jeb
-----END PGP SIGNATURE-----

_______________________________________________
privacy mailing list
privacy () whitestar linuxbox org
http://www.whitestar.linuxbox.org/mailman/listinfo/privacy