American Spies: how we got to age of mass surveillance without even trying
Review: law prof explains how the road to bad law is paved with good intentions.
By Cyrus Farivar
Feb 12 2017
While American Spies was written prior to Donald Trump winning the 2016 presidential election, it has become vital and relevant under the new Republican administration.
Jennifer Stisa Granick is one of the premiere legal minds currently trying to grok the intersection between surveillance, privacy, and public policy. She serves as the Director of Civil Liberties at the Stanford Center for Internet and Society. Before that, she worked at the Electronic Frontier Foundation.
In her book, Granick presents an expansive overview of the national-security legal landscape. However, despite being geared largely toward attorneys and academics, American Spies can be easily understood by anyone with even a passing familiarity with touchstone concepts that have graced the pages of Ars Technica in recent years, including Edward Snowden, Section 702, and Executive Order 12333.
The fiery counsel wastes no time in laying out her argument:
Modern surveillance is regulated by a confusing patchwork of laws that nevertheless fails to provide meaningful limits on government power, and which therefore invites abuse. After September 11th, laws that should have protected people’s privacy and stopped surveillance abuses were weakened via the USA PATRIOT Act. When technology and economics gave spies vastly more power, rather than have law step up to the challenge of constraining that power, Congress and the courts did nothing, or the laws were softened even further. American spies have flooded into the power vacuum left by powerful technology and weak legal protections.
In short, American law as it stands is largely insufficient to deal with the crushing weight and power of American spies.
Jeu de mots
While Chapter 1 is largely a summary of Snowden-era programs and revelations, Chapter 2 is the part of Granick’s book that made me sit up and take notice.
She argues that a huge gulf separates how words are used by the intelligence community and the general public. For example: “surveillance.” Granick uses it in the way that Ars (and probably most people) use it: “Surveillance means government collection of private and personal information: address books, buddy lists, photos, phone numbers, web history, geolocation data, and more.”
But within government circles, surveillance means something very specific: it’s shorthand for “electronic surveillance” (ELSUR) as governed by the Foreign Intelligence Surveillance Act (FISA).
By using “surveillance” to mean only ELSUR governed by FISA, officials can say that they do not conduct “surveillance” even when they are collecting personal data like phone numbers, Internet transactional records, face prints, or geolocation data. The intelligence community might call its acquisition of this kind of information “collection,” which sounds milder than “surveillance”… The word “bulk” is another opportunity for mischief. People use the word “bulk” as a synonym for massive, vast, or large-scale collection. But the intelligence agencies have a special definition of the word “bulk.” They only use “bulk” to mean acquisition that takes place without using a selection term or “discriminator.”
In other words, grabbing everything is bulk. But if the government uses search terms, keywords, or selection terms, it’s not bulk. So, if, when wiretapping a particular fiber optic cable, the NSA selects or “tasks” all communications with the word “Syria” or “China” in them, the NSA lawyers might not call that “bulk,” even though hundreds of millions of innocent people’s irrelevant messages are going to be collected and analyzed. Similarly, the government won’t say that its collection is indiscriminate if it uses any kind of selection term.