Kevin Drum - June 2013

Plan B Drives Conservatives Crazy

| Tue Jun. 11, 2013 8:30 AM PDT

Over at The Corner, Wesley Smith passes along the story of a mother who pretended to be her 12-year-old daughter and successfully trapped an online sexual predator. Then, for some reason, he adds this:

Now, think about this story in the context of the Obama Administration’s decision to allow “women of all ages”—in the parlance of the radical reproductive rights crowd—to obtain the morning-after-pill without supervision. It will be yet another way in which parents could be kept in the dark about what is happening to their own children, perhaps even when they are victims of sexual predation. Truly sickening.

These people don't even make sense any more. Apparently the existence of online creeps is a good reason to prevent teenagers from deciding whether or not they want to bear children. Or something. Jesus.

Advertise on MotherJones.com

What Does PRISM Do? How Does It Work? Take 2.

| Mon Jun. 10, 2013 9:20 PM PDT

I learned today that the military—which, as you know, runs NSA—has long had an unclassified software package called PRISM that's a sort of workflow or project management tool for information collection. Here's a description from the Army Field Manual:

The description here of a "collection manager" initiating a sequence that results in a "mission tasking order" sounds fairly close to the Washington Post's description of PRISM as a tool that allows "collection managers [to send] content tasking instructions" to equipment installed at Google, Microsoft, and other companies.

So now I'm curious: Is Edward Snowden's PRISM the same as the piece of software described here? Is it just a vanilla piece of project management software that's widely used throughout the military? Or is it something else that's more specialized and just happens to have the same name? I'm not sure who can clear this up, but perhaps either Glenn Greenwald or Barton Gellman have some insight into this.

New Poll Says American Public is Fine With NSA Surveillance

| Mon Jun. 10, 2013 5:11 PM PDT

Pew is out with the first poll asking the public what it thinks of the NSA phone record surveillance program. Unsurprisingly, the public thinks it's just peachy, by a margin of 56-41. What is surprising, though, is the epic size of the change in partisan attitudes since 2006. Back then, Republicans approved of the (recently revealed) NSA program by 38 points more than Democrats. Now, Republicans disapprove by 12 points more than Democrats.

This isn't the last word on the subject. The wording of the question is different this year compared to 2006, and that might account for a bit of the difference. But probably not much. Basically, when Bush was president, Republicans thought that monitoring telephone traffic was a great idea. Now, when Obama is president, they're not so sure—but Democrats think it's fine and dandy. This is about as remarkable a turnaround as I've seen on any subject in recent years.

Unfortunately, it's going to be harder than I thought to eventually get a firm read on this. I had figured that early polls would be tentative because so few people would understand what the NSA program entails (i.e., legal vs. warrantless, every call vs. some calls, metadata vs. listening in). Later polls would get progressively more accurate as this stuff became better known. But now that the PRISM program has also been revealed, it's likely that future polls will be forced to use mushy wording and public opinion will be a bit more confused. Oh well.

Why the NSA Surveillance Program Isn't Like "The Wire"

| Mon Jun. 10, 2013 10:06 AM PDT

David Simon, creator of The Wire, got a lot of attention over the weekend for his defense of the NSA program that collects records of every phone call made in the United States. It's really nothing new, he says:

Allow for a comparable example, dating to the early 1980s in a place called Baltimore, Maryland.

There, city detectives once began to suspect that major traffickers were using a combination of public pay phones and digital pagers to communicate their business. And they took their suspicions to a judge and obtained court orders — not to monitor any particular suspect, but to instead cull the dialed numbers from the thousands and thousands of calls made to and from certain city pay phones.

Think about it. There is certainly a public expectation of privacy when you pick up a pay phone on the streets of Baltimore, is there not? And certainly, the detectives knew that many, many Baltimoreans were using those pay phones for legitimate telephonic communication. Yet, a city judge had no problem allowing them to place dialed-number recorders on as many pay phones as they felt the need to monitor, knowing that every single number dialed to or from those phones would be captured. So authorized, detectives gleaned the numbers of digital pagers and they began monitoring the incoming digitized numbers on those pagers — even though they had yet to learn to whom those pagers belonged. The judges were okay with that, too, and signed another order allowing the suspect pagers to be “cloned” by detectives, even though in some cases the suspect in possession of the pager was not yet positively identified.

Point taken. But Simon's point only goes so far. Suppose, instead, his detectives had gone to a judge and asked for permission to monitor calls on every pay phone in Baltimore County; to monitor those phones indefinitely; to use the records for any purpose they chose; and to keep those records permanently. Would the judge still have approved it?

I'm guessing not. But that's what's been approved for the NSA. It's very different from Simon's example in Baltimore, and one thing that surprises me a bit is how little of the conversation surrounding the NSA program has addressed the key reason for this difference: Simon's detectives were focused on a specific enterprise happening in the present. NSA is focused on anything that might happen in the future.

This cuts both ways in the debate. On the one hand: I find it quite likely that NSA isn't currently abusing the phone surveillance program. They really and truly don't care about Occupy Wall Street. They care about Al Qaeda, and that's where their focus is. But who cares? Programs like this often start with good intentions. The problem is that this kind of indefinite data collection makes abuse far more likely in the future. Someday there will be a different president in the White House, there will be a different head of NSA, and there will be different professionals running the program. What will they do with all that data the next time something happens that makes America crazy for a few years? I don't know, but I do know that if they don't have the data in the first place they can't abuse it.

On the other hand: You can make a pretty good case that groups like Al Qaeda are only truly dangerous if they get their hands on nukes or weaponized biological weapons. So our real counterterrorism emphasis, the place we should be willing to spare no effort, should be on preventing that. But nukes and biologicals are hard things to get hold of, and they can't be acquired solely via carrier pigeons and couriers. One way or another, they'll almost certainly leave a digital footprint, and this means that our best way of preventing a mass attack is to keep very close track of digital communications around the globe. Thus the need for NSA's phone surveillance database.

I have no idea how to evaluate either of these things, and I don't have a third hand to offer. But the future is what we should be talking about. Even if NSA's programs haven't been abused yet, that doesn't mean they're okay. Likewise, even if they haven't produced any great benefits yet, that doesn't mean they're stupid and useless. It's the future that matters.

What's On the Other 37 PRISM Slides?

| Mon Jun. 10, 2013 8:52 AM PDT

Here's an interesting tidbit from Barton Gellman's account of dealing with Edward Snowden, the guy behind the leaks about PRISM and other NSA surveillance programs:

Snowden asked for a guarantee that The Washington Post would publish — within 72 hours — the full text of a PowerPoint presentation describing PRISM, a top-secret surveillance program that gathered intelligence from Microsoft, Facebook, Google and other Silicon Valley giants....I told him we would not make any guarantee about what we published or when. (The Post broke the story two weeks later, on Thursday. The Post sought the views of government officials about the potential harm to national security prior to publication and decided to reproduce only four of the 41 slides.)

As near as I can tell—unless I missed something—Glenn Greenwald and the Guardian made the same decision: they published four or five slides out of the PowerPoint presentation but not the rest. Naturally I'm curious about what's on these other slides. If PRISM really is an outrageous infringement of personal liberty, shouldn't we all know as much about it as possible? Snowden seemed to think so. Instead, we've substituted Gellman's and Greenwald's judgment for both Snowden's and the U.S. government's. Given this, it would be helpful if the two of them wrote a little bit more about why they decided to hold back the bulk of the PRISM slides. If nothing else, it certainly suggests that they disagree with Snowden's judgment, and that's newsworthy all by itself.

On a second note, could Snowden really not find anyone who would publish the full PowerPoint deck? That's hard to believe.

Sheila Bair Tells Us How the Financial System Should Work

| Mon Jun. 10, 2013 8:24 AM PDT

Sheila Bair does a Q&A with herself:

1) Does anybody have a clear vision of the desirable financial system of the future?

Yes, me. It should be smaller, simpler, less leveraged and more focused on meeting the credit needs of the real economy. And oh yes, we should ban speculative use of credit default swaps from the face of the planet.

You had me at "less leveraged," Sheila. Read the rest here.

Advertise on MotherJones.com

IRS Manager Behind Tea Party Screening is a "Conservative Republican"

| Mon Jun. 10, 2013 7:53 AM PDT

Last week, Darrell Issa released a few carefully chosen excerpts from interviews with IRS managers in Cincinnati which tried to imply that "Washington"—by which he meant the White House—was behind the targeting of tea party groups. Today, Democrats are fighting back with their own set of carefully chosen excerpts from the interviews. For example, this one from the manager of the IRS Screening Group in Cincinnati:

He states that he has worked at the IRS for 21 years as a civil servant and supervised a team of several Screening Agents in that office. When asked by Republican Committee staff about his political affiliation, he answered that he is a "conservative Republican."

....Q: In your opinion, was the decision to screen and centralize the review of Tea Party cases the targeting of the President's political enemies?

A: I do not believe that the screening of these cases had anything to do other than consistency and identifying issues that needed to have further development.

This manager goes on to tell committee staff that the decision to elevate the first tea party case was his; that it wasn't motivated by political concerns in any way; and that the use of specific search terms ("tea party," "patriot," etc.) came from a line worker in his group.

Needless to say, this doesn't put an end to things. Cincinnati workers, after all, have a vested interest in denying political motivation, since they could lose their jobs over that. And it's still possible that the attorneys in Washington who reviewed all this stuff had political motivations. Still, it's looking less likely all the time. As happens so often, this is almost certainly a case of incompetence, not malice. More here from the Washington Post.

Map of the Day: Who the NSA Listens To

| Sat Jun. 8, 2013 8:22 PM PDT

The Guardian has gotten access to information about an NSA program that categorizes the information it collects:

The Guardian has acquired top-secret documents about the NSA datamining tool, called Boundless Informant, that details and even maps by country the voluminous amount of information it collects from computer and telephone networks. The focus of the internal NSA tool is on counting and categorizing the records of communications, known as metadata, rather than the content of an email or instant message.

It's hard to know what to think of this. The map shows which countries are surveilled most intensively, and it turns out that NSA collected about 3 billion pieces of data on U.S. communications over a one-month period this year. That's a lot. On the other hand, it turns out that this is only about 3 percent of the total that NSA collects globally, which suggests that their focus really is pretty emphatically on non-U.S. communications.

On a side note, geeks might be interested to know that Boundless Informant—yet another great NSA name, no?—is hosted on free and open-source software. Congrats, open source movement!

UPDATE: It's probably worth noting that the 3 billion number is for DNI data—Digital Network Intelligence. Data collection from American sources makes up about 3 percent of the global total of DNI. But in the same month, NSA also collected about 124 million pieces of DNR data—Dial Number Recognition. It's possible that the U.S. percentage of this is much greater than 3 percent. But we don't know.

It's also worth noting that these numbers appear to relate to the source of the data, not the nationality of the person being surveilled. Those are two different things.

What is PRISM? Part 2

| Sat Jun. 8, 2013 9:06 AM PDT

Does NSA have "direct access" to corporate servers from Google, Microsoft, and other companies? That's what the initial reports said. Then the Washington Post reported that "the arrangement is described as allowing 'collection managers [to send] content tasking instructions directly to equipment installed at company-controlled locations,' rather than directly to company servers." But what does that mean? Today, the New York Times digs a little more:

Instead of adding a back door to their servers, the companies were essentially asked to erect a locked mailbox and give the government the key....The data shared in these ways, the people said, is shared after company lawyers have reviewed the FISA request according to company practice. It is not sent automatically or in bulk, and the government does not have full access to company servers. Instead, they said, it is a more secure and efficient way to hand over the data.

....FISA orders can range from inquiries about specific people to a broad sweep for intelligence, like logs of certain search terms, lawyers who work with the orders said. There were 1,856 such requests last year, an increase of 6 percent from the year before.

Obviously this is still a little fuzzy, but the picture that's developing is substantially different from the initial reporting. If tech companies have agreed only to build more secure ways of passing along data in response to individual FISA warrants, that explains why they've never heard of PRISM and why they deny being part of any program that allowed the government direct access to their data.

Technically speaking, this also makes a lot more sense. The process described by the Times sounds quite plausible, in contrast to the "direct access" story. Further reporting might clear this up even more, for example by explaining just how automated this system is and when human intervention is necessary.

For now, I'm just passing this along as interesting information. I suspect we'll learn more over the next few days.

Could the NSA Keep Track of Who You Send Letters To?

| Fri Jun. 7, 2013 4:28 PM PDT

OK, this is just out of curiosity. Suppose the government started up a program that tracked everyone's mail. They didn't open letters to read them, they merely kept track of the address, return address, and postmark date for every piece of first class mail and every package that anyone sent anywhere. This metadata would, naturally, be collected for anything sent through the postal service, but also for packages sent via FedEx, UPS, and so forth. The postal system is pretty automated these days, so this probably wouldn't be all that hard to implement.

Anyway, how do you think the public would react? Would people care more about this than they do about phone and email records? What do you think?