Privacy is an increasingly important social implication of technology, and we spend quite a bit of time about it in our required undergraduate ethics and social implications of technology class, CS 4001. Since we’re talking about privacy, it makes sense to talk about surveillance. Since 2004, I’ve taught a class about The USA PATRIOT Act, and more recently I’ve added a class on information revealed by Edward Snowden. I spend more time preparing for those classes than for any other two or three put together—it’s confusing and complicated. There are provisions of the Patriot Act that are absolutely essential—like broadening the jurisdiction of warrants to tap phones to the entire country (rather than making you get a warrant in each state). And others that are egregious violations of our liberty—like the section 215 provision that lets the government get the records of any organization without a warrant or probable cause and bars the organization from acknowledging the search. The FBI can simply demand the membership list of a mosque—and they have done so. For the last two years, I’ve assigned my students to watch the PBS Frontline documentary United States of Secrets, about US warrantless surveillance (“The Program”) and information leaked by Edward Snowden. In our class discussion, we don’t focus on Snowden, but on other people—like NSA analyst Thomas Drake—and the tough decisions they had to make. After class on Tuesday where I carefully spell out what’s allowed under the Patriot Act and the Foreign Intelligence Surveillance Act (FISA), I feel like a bit of fool on Thursday when we discuss The Program and the fact that all those rules aren’t really followed anyway.
I do my best not to express any opinions to my class—I present the facts, and ask them what they think. And as much as possible, I emphasize tradeoffs and try to show the issues as complicated. And then I walk back from class and scratch my head—what do I actually think?
After class last week, two things became clearer in my mind. The first is about checks and balances. My children are learning about checks and balances in elementary school social studies class. Checks and balances are fundamental to how our government works. And it suddenly became evident to me that most cases of the system going too far are situations where checks and balances are not occurring. You don’t need a court order to get records with a National Security Letter (NSL). Why not? A secret court like the FISA court could do the job. And if it’s urgent, the review could take place within a reasonable time after the fact (as FISA mandates for surveillance.) It’s too much to ask any one branch of government to police themselves. The FBI needs to pursue things as aggressively as they dare, and the judiciary needs to say, “You may go this far and no farther.” Parts of the Patriot Act removed checks and balances, and procedures without checks and balances are where we get into trouble. Everything you need to know we all learned in elementary school—but somehow, we’ve forgotten it.
The second thought is about means and ends. It is possible for me to describe a fictional situation in which reasonable people would agree that that the ends justify evil means—like recording everyone all the time, or torturing someone for information. If you don’t agree with that statement, make the situation more extreme until you do. But in real life, the evidence for the need is almost never that compelling. If you demand an iron-clad case, you’ll (almost) never say the ends justify evil means in real situations. Real life is not an episode of ’24’.
In 2000, science fiction author Neal Stephenson gave an inspiring talk at the Computers, Freedom, and Privacy (CFP) conference. He entitled it “Zones of Domination.” In the talk, he told the story of a whistleblower at the Hanford Nuclear Reactor. In the “big brother” model of authority, there is one entity and it is irredeemably evil. In Stephenson’s story, he followed our heroic whistleblower as forces from one federal government agency tried to frighten and falsely entrap him, but then the police and courts (local and federal) helped him resist and prevail. Stephenson’s point is that there is not one authority, but many. None are irredeemably evil. And the interesting activity is in the areas of overlap.
Roger Clarke posted some notes on the talk. He summarizes:
Big Brother Threat Model The Domination Systems Threat Model one threat many threats all-encompassing has edges personalised impersonal abstract concrete rare ubiquitous fictional empirical centralised networked 20th century 21st century irredeemable redeemable apocalyptic realistic
(Roger Clarke, http://www.rogerclarke.com/DV/NotesCFP2K.html#Steph, 2000)
In much of the rhetoric about the Wikileaks incident, it seems to me that people are using a naive “Big Brother” model of government. The Government is one thing, and it is irredeemably evil. We can come to a more nuanced understanding of the situation by adopting a Zones of Domination model. There is not one univocal government–there are many interacting entities. None are irredeemable. The enemy is bureaucracy and opacity. The key to achieving just ends is increasing accountability and transparency within and between branches of government.
In the end, what we have is the hardest research problem in Computer-Supported Cooperative Work (CSCW) one could imagine. And the most important. How do we increase transparency within and between branches of government? How do we do that and at the same time keep sensitive information secure? The presence of the Bradley Manning’s of the world makes this critical problem orders of magnitude harder.