The current controversy over widespread domestic intelligence gathering by the National Security Agency has produced a strange brew of program defenders and critics. Normal conservative/liberal separation on issues is inoperative, although most politicians inside the Beltway seem intent on being defenders of shadow government. This is in part because of the nature of our politics and the conventional wisdom that we must fight terrorism through secret means.
Along with that, however, the issue remains muddled on a broader scale, because normal cues and clues to the underlying truths involving America's vast and fast-growing intelligence apparatus are hard for many of us to divine, precisely because the program is fundamentally so secret.
But that very secrecy as it is now exposed unexpectedly provides us a clear indication of how we should regard the NSA program. In short: It's overgrown and out of control, and not for the reasons some conspiracy buffs might think. More below the fold.
To understand my take on the NSA fiasco, it might first help to understand the state of computing some 30 years ago. Back in the 1980s I was still a practicing, mainstream journalist, mostly banging out magazine articles. One of my pieces in mid-decade was a cover story concerning a new phenomenon emerging from the personal computing revolution. I found a group of like-minded, Milwaukee-area computer buffs, teens and young adults who might in our present day be considered criminal hackers.
In those days, as today, the term "hacking" within the computing community was an honorific; it didn't imply a person who committed computer-based crimes, but rather described a person who would push the envelope, writing their own programming code or exploring what was even then the vast, largely undiscovered country of computers and computer networks. But then as now, the mainstream media tended to use the term "hacker" as a pejorative, as did law enforcement.
Several of the youths I interviewed were quite open about their exploits, in part because computer crimes had not for the most part yet been legislated into existence. These individuals become very adept at creating their own, above-ground, dial-up computer networks -- BBSes, in the vernacular of that decade. The eighties were, of course, an era when many PCs carried (literally) a million times less RAM than today's cell phones. Processors were a thousand times slower. Computer cursor keys were the only way to select an item on-screen, and all the items were text-based. This also was before the World Wide Web existed, but that didn't slow down individual hackers and loosely associated groups like the one I wrote about.
Besides running legitimate BBSes, no small feat, several of these young people also figured out how to hack into institutional computers, for example a mainframe at a public school several attended. They thought themselves explorers of these wondrous systems and were able to move about fairly freely, as common security protocols were pretty simple. Yes, these hackers had fantasies along the lines of "War Games" (a 1983 film) in which they would hack their grades and give themselves A-pluses. They never actually did any of that, as I recall, but their sometimes clumsy and under-informed expeditions into other computers on occasion messed up systems inadvertently, even bringing down networks.
Eventually, a couple of the youthful hackers I wrote about found themselves among hundreds around the country rounded up by local, state and even federal agents, making the covers of national news magazines. Their computers were seized and they were banned for a time from getting back into computing once they had moved into probation after serving their soft (or in a few cases, hard) time.
But while these hackers were at first seen as a universal evil, some in private industry and government gradually realized that their hacking skills were well-suited for working in legitimate positions as IT security specialists. And so, just like the wayward youth co-opted in the Anthony Burgess novel "Clockwork Orange," some of the perps went on to become computer-industry consultants. It takes one to know one.
What does this history have to do with the NSA and PRISM and all the rest of it? Just this: We are reliving the computer security story of the '80s, only several dozen rungs up the development ladder. Based on published statistics from the US government, some 1.1 million individuals who work for private contractors have security clearances giving them access to some of the nation's biggest secrets.
Among those, nearly a half a million private individuals working for contractors have top-secret security clearance. By my reckoning that latter figure means something like one in about every 500 adult US residents has a high security clearance and is a potential leaker or whistleblower (take your pick) of highly classified information.
That reality in turn means something else: Keeping US government secrets, well, secret is getting harder by the day, precisely because there are so many more secrets, and so many more people who have access to them. "Open secrets" is more like it, as time goes on. Which many Internet users will find fitting, seeing as how that vast super-network has become one big fishing expedition.
[Ironically, the federal government's huge reliance on the private IT industry has grown in part because of moves by conservatives in Congress to limit the size of federal agencies along with spending cuts. What did Lenin say about capitalists selling the rope that would be used to hang them?]
Edward Snowden, the fugitive whistle blower whose document dump renewed the decades-long debate about the scope of the US intelligence complex, worked for Booz Allen Hamilton, one of the private firms with, literally, a huge presence within secure government networks. Indeed, half of that consulting firm's 25,000 employees reportedly possess top federal security clearances.
Given all this, it's not statistically surprising that, at some point, information from programs run by the CIA or NSA or one of the numerous other federal spy agencies would leak out. What is surprising is that there are not more such leaks. What is surprising is just how much access Snowden had, given his relatively low status. What is surprising is just how unconcerned our government bureaucracy and in particular Congress seemed to be about this, despite earlier leaks, including recent news that the Chinese government has raided these supposedly secure networks, stealing some of the Department of Defense's most valuable information.
From an Associated Press story dated June 11,2013:
Analysts caution that any of the 1.4 million people with access to the nation's top secrets could have leaked information about the program — whether they worked for a contractor or the government. It was a government employee — U.S. Army Soldier Bradley Manning — who was responsible for the last major leak of classified material, in 2010.
So the witch hunt for perps continues, Snowden the newest target. But he didn't even need to hack into the NSA's computers to steal state secrets. Rather, the government paid his firm to have him go into secret government computers and he was handed a figurative key to do it.
Like Bradley Manning before him in eye-opening revelations about US operations in the Mideast, and Daniel Ellsberg in the Pentagon Papers case 40 years earlier, Snowden's avowed purpose in releasing secret government documents was not to harm the US but to call attention to its failings. Snowden sought to expose -- to use that government term -- metadata regarding the way the NSA program works. This content may well be classified, but its release arguably does not represent a true national security threat. Logically it couldn't, based on what we know so far about a program that secret, that expansive and that unregulated (FISA courts? Okay, but who watches the watchers? Not Congress, evidently, at least not in any meaningfully proactive sense).
Snowden, civilly disobedient though he may be, has not only blown the whistle on a problematic and expensive government program, but also exposed just how ungainly, potentially intrusive and unreliable the nation's security apparatus has become. If as it seems Snowden could out the NSA so easily, how could that agency and its most secret program possibly be construed as truly secure, truly well thought out? It's like that Italian cruise liner that ran aground atop shallow reefs: Impressively huge and powerfully built, but done in by careless direction and weak links.
Snowden's act is in its own way the very sort of service that those '80s computer hackers ended up performing for businesses and governments of their era. If it ain't broke, try breaking it. If it's broken, fix it. But first, people have to reach a consensus, based on the facts, that something is broken. More and more, it seems the only way Americans can get those facts is when some among us spy them out. Actively or potentially, in a largely disinformative and even noninformative world where networks reign, we are all spies, now.
Snowden and the journalists he approached may be the American equivalent of the old Soviet Union's samizdat -- the mass pass-around among citizens of government-censored information. Snowden may be regarded as an enemy of the state, if only by the state, but his act could be regarded as an instance of total information awareness, this time on behalf of the citizenry as a whole. Knowledge, it turns out, really is power. In a democracy, the biggest issue is always who has access to what knowledge.