• The NSA’s Biggest Surveillance Program Yet: X-KEYSCORE


    Glenn Greenwald’s latest disclosure from the Snowden files is an NSA program called X-KEYSCORE, which provides access to a truly vast amount of information. How vast?

    The quantity of communications accessible through programs such as XKeyscore is staggeringly large….The XKeyscore system is continuously collecting so much internet data that it can be stored only for short periods of time. Content remains on the system for only three to five days, while metadata is stored for 30 days. One document explains: “At some sites, the amount of data we receive per day (20+ terabytes) can only be stored for as little as 24 hours.”

    To solve this problem, the NSA has created a multi-tiered system that allows analysts to store “interesting” content in other databases, such as one named Pinwale which can store material for up to five years.

    It’s not clear precisely what’s available through X-KEYSCORE, but it appears to be exclusively foreign signals intelligence: phone conversations, emails, chat, etc. Because it’s non-U.S., this includes the content of the communications, not just the metadata:

    An NSA tool called DNI Presenter, used to read the content of stored emails, also enables an analyst using XKeyscore to read the content of Facebook chats or private messages. An analyst can monitor such Facebook chats by entering the Facebook user name and a date range into a simple search screen. Analysts can search for internet browsing activities using a wide range of information, including search terms entered by the user or the websites viewed….The XKeyscore program also allows an analyst to learn the IP addresses of every person who visits any website the analyst specifies.

    But does this include U.S. persons, or only foreign nationals? This is where things get a little murky:

    Under US law, the NSA is required to obtain an individualized Fisa warrant only if the target of their surveillance is a ‘US person’, though no such warrant is required for intercepting the communications of Americans with foreign targets. But XKeyscore provides the technological capability, if not the legal authority, to target even US persons for extensive electronic surveillance without a warrant provided that some identifying information, such as their email or IP address, is known to the analyst.

    ….The NSA documents assert that by 2008, 300 terrorists had been captured using intelligence from XKeyscore.

    ….While the Fisa Amendments Act of 2008 requires an individualized warrant for the targeting of US persons, NSA analysts are permitted to intercept the communications of such individuals without a warrant if they are in contact with one of the NSA’s foreign targets….An example is provided by one XKeyscore document showing an NSA target in Tehran communicating with people in Frankfurt, Amsterdam and New York.

    Greenwald suggests that this validates Snowden’s statement in an earlier interview that “I, sitting at my desk, certainly had the authorities to wiretap anyone, from you, or your accountant, to a federal judge, to even the President if I had a personal email.” But that’s not clear at all. X-KEYSCORE appears to be a database search tool, not a real-time surveillance tool, nor does it appear to give anyone “authority” to wiretap a U.S. citizen. Rather, it provides access to tremendous volumes of foreign communications, which can then be searched by NSA analysts.

    As Greenwald points out, there are known “compliance problems” with NSA’s surveillance programs, since communications by U.S. persons end up in this database if the other end of the conversation is overseas—and these communications can therefore end up on an analyst’s desktop. The NSA’s minimization procedures are supposed to prevent such “inadvertent” targeting of U.S. persons, but as Greenwald reported earlier, there are plenty of exceptions to this rule.

    Anyway, this is my best guess about what this all means. But I might have missed something. Read the entire story for more.

  • It’s Not What You Know, It’s Who You Know. Seriously.


    You know the old saying, “It’s not what you know, it’s who you know”? Well, Kelly Shue of the University of Chicago has found an intriguing way to test this. At Harvard Business School, students are randomly assigned to sections, where they presumably build strong friendships. (Stronger than the average friendship from just being at Harvard, anyway.) So what effect does this have on success later in life?

    I test whether executive and firm outcomes are more similar among section peers than among class peers. I find evidence of significant peer effects in firm investment, leverage, interest coverage, and firm size, with the strongest effects in executive compensation and acquisition activity. Section peers are 10% more similar than class peers in terms of compensation and acquisitions.

    In other words, if you get randomly assigned to a section with successful peers, you’re more likely to go along for the ride. I don’t have access to the article itself, and there are several possible explanations for this effect, but the most likely one is that friends help friends, and it’s nice to have friends who are successful. I hope there’s some followup research along these lines. It has some pretty obvious implications for diversity in schools, neighborhoods, and workplaces.

  • The Peculiar Anti-PC Case for Larry Summers as Fed Chairman


    Who do you support to replace Ben Bernanke as chairman of the Fed? Janet Yellen or Larry Summers? Ezra Klein reports today that Yellen supporters are blanketing the airwaves with endorsements, but Summers supporters are oddly reticent to speak publicly. Nonetheless, he figures it’s worthwhile to pass along the (anonymous) pro-Summers case that’s making the rounds of the White House.

    The argument comes in five parts, and for what it’s worth, I consider #1 ridiculous, #2 doubtful, and #3 and #4 perfectly reasonable. You can read them and decide for yourself. But I was pretty taken aback by #5:

    Backlash to the gender issue. This isn’t part of the case for Summers, exactly, but it’s part of the psychology of his supporters right now. People involved in the White House’s Fed search really, really don’t like the implication that they’re sexists. They see the allegation that gender is playing a role here as absurd and offensive and an effort to back them into making a choice based on political correctness rather than the merits. It’s a bit hard to gauge this, but my sense is the intense anger over the allegations is hardening people’s positions, as they don’t want to submit to a pressure campaign they consider deeply unfair.

    I don’t get this. What I’ve seen are lots of gender-coded complaints coming from conservatives about how Yellen would be little more than a PC diversity choice. This is ridiculous and has gotten lots of pushback. I’ve also seen lots of liberals saying that it would be great to break one of the last glass ceilings in Washington and have a woman in the top spot at the Fed.

    But what I haven’t seen are arguments that Team Obama would be outing themselves as sexists if they chose Summers. Have I just missed them? Maybe. But if Ezra is right about this, it sure seems as if the Obama folks are being a little hypersensitive.

  • GDP Grew at Anemic 1.7% Rate Last Quarter. Thanks, Sequester!


    The economy sputtered along in the second quarter, growing at an annual rate of 1.7 percent. Whether you consider this good news or bad probably depends on what you expected the impact of the sequester and the fiscal cliff to be. If you figured that $2 trillion in extra austerity measures would tank the economy completely, then a gain of 1.7 percent looks pretty good. If you figured it would have a modest effect, then 1.7 percent is probably about what you expected.

    As I recall, CBO estimated that the sequester alone would cut about 0.8 percent from GDP growth. The fiscal cliff deal might have cut another 0.4 percent or so. If they were right, it means that 2.9 percent growth has been pared back to 1.7 percent. My rough eyeballing of the figures suggests to me that this was probably an overestimate, but probably only by a bit. I’ll bet that without the latest round of austerity, growth would have been in the range of 2.5 percent.

    So we’re recovering slowly and austerity is hurting. Beyond that, there aren’t a lot of fascinating nuggets to be gleaned from this quarter’s report. However, this is the first quarter that BEA has produced its long-awaited new measurement of private investment in intellectual property products, and there are some interesting tidbits there. For more on this, see Dylan Matthews’ writeup over at Wonkblog. 

  • Congress Knew All About the NSA’s Phone Record Program Back in 2009


    The Obama administration has now released the documents that it said it would regarding the NSA’s phone record collection program. You can read them here. For the most part, they don’t tell us anything we didn’t already know, but a DOJ letter in 2009 does shed some light on how much Congress knew about this program. A relevant excerpt is below. This letter was made available to all members of Congress (under the usual strict secrecy rules), and it makes clear that (a) NSA collects “substantially all” of the domestic phone records of U.S. phone companies, (b) ditto for emails, and (c) they use these records to perform contact chaining.

    Whatever else you think about these programs, these letters suggest to me that members of Congress knew all of the basics of what NSA was doing. Complaints that they were kept in the dark, or that the programs were more extensive than they were led to believe, don’t have much to support them.

  • Government Set to Release Verizon Phone Records Order


    One of the documents released by Edward Snowden back in June was a court order requiring Verizon to turn over phone records of all its domestic calls. On Wednesday, the government will release a bit more:

    The Obama administration has declassified a secret order directing Verizon Communications to turn over a vast number of Americans’ phone records, and it plans to disclose the document Wednesday morning in time for a Senate hearing, according to senior U.S. officials.

    ….The officials, speaking on the condition of anonymity because they were not authorized to speak publicly, said the court order released by Snowden was a “secondary” order. They expressed hope that the document being released Wednesday will shed light on how the U.S. government obtains communications records under the Foreign Intelligence Surveillance Act and the restrictions placed on surveillance programs.

    The document we’ll see on Wednesday is the “primary” order underlying the order that Snowden leaked. I’m not sure what that means, or why it would shed any more light on what’s going on, but I guess we’ll find out soon.

  • 20-Week Abortion Bans Are Mostly a Charade


    Most of you probably know this already, but it’s worth a reminder. All those red states that are passing anti-abortion laws usually emphasize the provision that bans abortions after 20 weeks. That tends to poll pretty well. But it’s mostly a charade:

    While all the attention is going to the 20-week bans, they’re not the point, not by a long shot….The 20-week bans are just the most high-profile component of larger pieces of legislation whose goal is to make it impossible for women to get abortions at all, no matter what the stage of their pregnancies. The bills are inevitably crafted with provisions that will shut down as many abortion clinics as possible. Abortion clinics often require doctors from out of state to travel to the clinic, because of the harassment, threats, and even assassinations that local doctors have been subject to? Then we’ll require that every doctor have admitting privileges at a hospital within a certain number of miles, which out-of-state doctors won’t have. And we’ll throw in some rules on how wide your hallways need to be (not kidding), meaning in order to stay open you’d have to do hundreds of thousands of dollars of remodeling. Failing that, we’ll make sure that women who need abortions will have to suffer as much inconvenience, expense, and humiliation as possible.

    It’s these provisions, much more than the 20-week bans, that will make the largest difference for women in these states. Depending on what state they’re in, they’ll have to travel far—in some cases hundreds of miles—pay for hotels because of waiting periods, get lectures from doctors required to lie to their patients about things like a fictional link between abortion and breast cancer, and submit to forced and medically unnecessary procedures. These kinds of provisions aren’t new, but this latest wave is occurring under the rubric of 20-week bans that are much more likely to be met with public approval, or at least the indifference most state legislation receives. Opponents of abortion rights are hoping they can get a case to the Supreme Court that will result in Roe v. Wade being overturned, but even if that doesn’t happen, they can still succeed in making abortion virtually illegal in states where they have control. And they’ve made lots of progress already.

    Like I said, you probably already knew this. But it can’t hurt to hear it again. More here.

  • What if Apple and Google Went to War?


    What would happen if Apple and Google went to war? Really went to war, that is? I think I resisted getting sucked into this, but it’s pretty amusing. Worth a read over lunchtime.

  • Bradley Manning Convicted, But Not of Aiding the Enemy or for Leaking Airstrike Video


    Bradley Manning’s verdict has been handed down:

    An Army judge on Tuesday acquitted Pfc. Bradley Manning of aiding the enemy by disclosing a trove of secret U.S. government documents, a striking rebuke to military prosecutors who argued that the largest leak in U.S. history had assisted al-Qaeda.

    The judge, Col. Denise Lind, found Manning guilty of most of the more than 20 crimes he was charged with. She also acquitted him of one count of the espionage act that stemmed from his leak of a video that depicted a fatal U.S. military airstrike in Farah, Afghanistan.

    This is a bit better than I had hoped for. I never thought that Manning had any chance of avoiding conviction on the basic charges related to publishing classified information. Nor did I think he deserved to. But Judge Lind acquitted him of the egregious charge of aiding the enemy, and then went a step further and also acquitted him of leaking material from an Army investigation into a 2009 airstrike in Afghanistan’s Farah province. That was a justified act of whistleblowing regardless of whether or not it came from Manning.

    CORRECTION: Sorry, I screwed up. I initially wrote that Manning was acquitted of leaking the “Collateral Murder” video. The Farah airstrike was in Afghanistan and was entirely different. I’ve corrected the text.

  • Unfortunately, the NSA Surveillance Program Probably Won’t Cause an Overseas Uprising


    James Fallows recommends a Guardian column from this weekend about the real effect of the Edward Snowden affair. John Naughton says it’s not about Snowden—and I agree. Rather, it’s about what we now know:

    Without him, we would not know how the National Security Agency (NSA) had been able to access the emails, Facebook accounts and videos of citizens across the world; or how it had secretly acquired the phone records of millions of Americans; or how, through a secret court, it has been able to bend nine US internet companies to its demands for access to their users’ data.

    Actually, this isn’t really true. We’ve known for years that federal agencies have been issuing NSLs and warrants to get data from Facebook and others. We’ve known for years that the NSA was collecting phone records.

    Which isn’t to say that Snowden’s disclosures haven’t mattered. They have. The public (and Congress) react far more strongly to documented details than they do to general knowledge that something is going on. Snowden’s revelations have plainly galvanized public opinion and spurred Congress into action. That’s a big deal. But it’s not because we really know all that much more than we did before. This is why I’m a little skeptical of the conclusion Naughton draws from this. I’m going to quote Fallows’ version of it since it’s a little clearer:

    In short: because of what the U.S. government assumed it could do with information it had the technological ability to intercept, American companies and American interests are sure to suffer in their efforts to shape and benefit from the Internet’s continued growth.

    • American companies, because no foreigners will believe these firms can guarantee security from U.S. government surveillance;
    • American interests, because the United States has gravely compromised its plausibility as world-wide administrator of the Internet’s standards and advocate for its open, above-politics goals.

    Why were U.S. authorities in a position to get at so much of the world’s digital data in the first place? Because so many of the world’s customers have trusted U.S.-based firms like Google, Yahoo, Apple, Amazon, Facebook, etc with their data; and because so many of the world’s nations have tolerated an info-infrastructure in which an outsized share of data flows at some point through U.S. systems. Those are the conditions of trust and toleration that likely will change.

    This is one of those arguments that I’d really like to believe. After all, it’s perfectly logical, and it helps make the case against a program that I don’t like. And yet, for several reasons, I just don’t think I buy it.

    First, I suspect that the vast, vast majority of overseas Facebook/Microsoft/etc. customers already assume that intelligence agencies can read their files if they want to, and they just don’t care. These users aren’t spies or terrorists, and rightly or wrongly, they believe that intelligence agencies aren’t interested in them and won’t find anything interesting even if they are.

    Second, would moving to a non-U.S. service protect you? Sure, if it’s one of those super-secure, highly-encrypted data vaults you read about once in a while. But that’s something very few people are interested in. They just want ordinary internet services: email, social networking, chat, etc. And if you’re a foreign national using a non-U.S. service, guess what? The NSA has no restrictions at all about spying on you. It’s true that they actually have to figure out how to get your data, since they can’t just demand it via warrant. But they can use any method they want to intercept or steal it. There are no rules when it comes to overseas data.

    Third, I assume that most foreign governments have police and intelligence agencies that work in much the same way as the FBI and the NSA. We don’t hear much about this since they operate on a far smaller scale, but if the French police want access to your email, they can get a warrant issued for it. Likewise, I suspect that French intelligence agencies have some of the same data mining capabilities as the NSA. It’s certainly nowhere near as broad, but I’ll bet it exists.

    Put all this together, and it’s really not clear to me that broad public reaction is going to be very strong. Will Danish users stop using Facebook until some Danish company creates an alternate social networking platform? Probably not. The fear of NSA spying is simply nowhere near as compelling as the huge inconvenience of everyone being on a different platform and being unable to chat and share pictures with their friends in other countries.

    As for businesses, they’re probably less interested in avoiding NSA spying than they are in staying ahead of hackers and concealing their more dubious dealings from ordinary law enforcement agencies. Using a non-U.S. platform won’t do them any good on either of these scores.

    We’ll see, of course. Maybe this is the beginning of a long decline in U.S. information services, as overseas users start to move to other platforms. It’s possible. Unfortunately, I sort of doubt it. At most, I suspect we’ll start to see a bit more nationalistic reliance on domestic network infrastructure, but that’s something that’s always been likely anyway. Beyond that, people will just keep on doing what they’ve been doing.

    UPDATE: For a contrary take, read Henry Farrell here. He believes that privacy authorities in Europe will drive major changes in surveillance law, which is a fairly widespread view. I suspect that things will turn out differently than Henry does, but it’s worth reading his argument.