For centuries, people around the world, especially Americans, have worried about governments overstepping their rights and into the privacy of ordinary citizens. Authorities have taken advantage of improvements in technology by using every means possible to gather data on their people, from CCTV cameras to tracking internet behavior. The key moment in establishing the American surveillance state came shortly after the September 11th attacks. The American government passed a set of laws that made it much easier for them to watch their own citizenry, but, in the years following the act’s passing, no one knew just what this entailed.
It was under those hazy circumstances that an employee of a massive American telecoms company discovered something strange. He noticed the NSA poking around his office and found a secretive door to a room that none of his coworkers knew anything about. The man claimed that this showed that his company was feeding info to the American government, but few people took him seriously. Years later, though, it became clear that his claims were not as crazy as they may have seemed. With Edward Snowden’s help, the world discovered just how in-depth American surveillance had become. Let’s explore.
In 2003, a mustachioed, middle-aged technician named Mark Klein was working in the San Francisco office of American telecoms giant AT&T. One day, as Klein was going about his work, a stern-looking man in a black business suit showed up, asking to see Klein’s boss and identifying himself as an employee of the American National Security Agency (NSA). Klein found his boss and thought nothing of it, surely some sort of regulatory check.
But then, days later, while working on the building’s sixth floor, Klein noticed something strange— a door marked 641a, without a handle. After asking around a bit, he realized that nobody he worked with seemed to have any idea of what went on inside. Based purely on his intuition, Klein made the connection and investigated.
He observed the fiber optic cables running out of the room and traced them to a splitter— a small, glass box wherein a cable’s data can be copied and ran to two different destinations. Upon further inspection, Klein discovered that the line running into the splitter carried the entire company’s internet backbone traffic. In other words, the data of every single AT&T internet user was being copied and stored for the NSA’s convenience.
Klein sat on the information for several years, afraid of the consequences of such a drastic revelation. In 2005, though, after seeing an article in the New York Times about government data collection, he came forward. With the help of a digital civil-liberties non-profit called the Electronic Frontier Foundation, Klein sued the US government, claiming that they were illegally obtaining data on the entire US population. After years in the court system, Klein’s case was dismissed, with the defendants arguing that the case could reveal “state secrets” vital to America’s national security. The judge said there was no basis for the lawsuit because Klein had never seen inside the room.
Almost two decades later, we now have a better idea of what that room may look like. The seven by 15-meter room contained a Narus STA 6400, a machine capable of monitoring over 622 Megabits per second, though modern upgrades put that number closer to 10 billion bits per second. This information came out years after Klein’s initial discovery. However, to truly understand how and why the NSA could spy on American citizens via some of the world’s biggest companies, we have to go back a few years to 2001.
Weeks after the terrorist attacks of September 11th, Congress passed the “Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act” — commonly known as the PATRIOT Act. The bill took a whole host of steps to prevent another similar tragedy from ever happening. Some of these were reasonable— it created a fund to help victims of attacks, established new crimes to charge terrorists with, and allowed the government to seize funds from organizations financing terrorism. But, today, it’s known mostly as the bill that allowed the government to collect unlimited data on its people.
The main piece of legislation to do this was Section 215 of the bill, which gave the government authority to request records from businesses regarding individuals who may have ties to terrorism. For example, tracking purchases made by threatening individuals so that the NSA could know if a suspect was buying materials used for making bombs. However, instead of applying this somewhat narrow interpretation of the law, the NSA did the exact opposite. In their dragnet operation at AT&T, the NSA used Section 215 as legal cover for collecting info on the entire country. But it didn’t stop there. Given that telecoms infrastructure connects globally, the NSA gained the ability to do the same thing with almost any other country in the world. It collected reams of data not just on its own citizens but also on those in the rest of the world, especially China, Egypt, Jordan, Saudi Arabia, and Germany.
Another section gave the NSA authority to wiretap any electronic device, be it a cell phone, landline, laptop, or anything else. The only requirement for either of these forms of surveillance was approval from the famously permissive Foreign Intelligence Surveillance Court. However, the court didn’t approve every case— they sometimes refused to grant warrants when the NSA was going after law-abiding private citizens. Even when that happened, though, the NSA had another controversial trick up their sleeve called the National Security Letter.
The NSL allowed the government to request communications records from all sorts of tech companies without a warrant or approval from the Surveillance Court. It also placed immense pressure to comply— people who received the letter were threatened with legal action if they disclosed the letter’s contents to anyone, even company lawyers in some cases. Around 2013, companies like Google began to push back on these requests, but not every company was keen to do so.
Most expert observers believe that AT&T probably never received this sort of letter in the first place. More likely, they opened their doors to the NSA willingly. Telecoms has long been an odd industry in the United States. For years, the government allowed AT&T to operate as a regulated monopoly. This situation has changed in recent years, but the government has scratched the backs of just about every high-level executive in the industry. These companies understand that the government’s lax attitude could change at a moment’s notice if they somehow ended up on their bad side. Sure, the NSA isn’t in charge of regulating telecoms, but the companies understand that pushing back on consumer privacy could lead to antitrust suits or other costly legislation.
Many people point out the simple fact that they have nothing to hide, so they don’t care if the government is spying on its people. Officials from the Obama administration claimed that the Patriot Act was instrumental in preventing terrorism since its creation. Surely, giving up a little privacy is a small price to pay if it means deterring terrorist activities, except, according to all of the legal documentation, it hasn’t done that.
The federal government established an oversight committee in 2014 to review the effects of the Patriot Act, and their findings showed that it wasn’t as useful as officials were putting on. Generally, it only produced potential evidence that the FBI was already aware of. It did have some value in establishing whether foreign terrorists had communications with American operators and whether terrorist organizations had cells on US soil. However, in their own words, the committee “has not identified a single instance involving a threat to the United States in which the…program made a concrete difference in the outcome of a counterterrorism investigation. Moreover, [they] are aware of no instance in which the program directly contributed to the discovery of a previously unknown terrorist plot or the disruption of a terrorist attack.”
This discovery came on the heels of one of the most significant controversies in American history when former NSA employee Edward Snowden revealed just how much spying the American government was doing. Snowden fled the United States in 2013 with buckets of data that corroborated Klein’s story. The US wasn’t just collecting data on the most threatening individuals. They were collecting it on everybody. However, despite Snowden’s leaks more than confirming the basis of Klein’s lawsuit, there have been virtually no legal consequences. Even though information proving the government’s immense data collection is now public record, officials claim an inability to speak about the issue due to something called the “state secrets privilege.”
The state secrets privilege was created in the 1950s following the Supreme Court case “United States vs. Reynolds.” This privilege allowed the government not to divulge legitimate information critical to the United States’ national security. However, in the years since, just like the Patriot Act, the legal interpretation has broadened to include just about whatever the government wants. Today, they argue that, even if the allegations of illegal activity are correct, the “states secrets” clause allows them to cover it up for national security reasons.
This legal cover is flimsy at best, and history shows that it is more often used to protect the government from lawsuits. The best example of this is the case that first led to the privilege. In the year 2000, when documents regarding “US vs. Reynolds” were declassified, they contained no secrets whatsoever. Instead, they mostly included information that would have proven the government’s guilt. In recent years, the states secrets privilege has become a legal weapon to protect against incrimination. In the case of Edward Snowden’s and Eric Klein’s revelations about the NSA, the only place that they can’t be discussed is in the courtroom.
Nowadays, the legal situation has changed, though, probably for the better. While the Patriot Act passed with flying colors in 2001, a handful of senators understood that the liberties granted to the government were extreme and only seemed reasonable in response to the massive scale of the 9/11 attacks. So, they added a five-year countdown clock, hoping to reevaluate the law when its time came in 2006. Of course, the bill was extended then, and again a few years later, until, in 2015, Congress finally allowed the most controversial aspects of the Patriot Act to expire.
Yet, just months after it expired, Congress passed the “Uniting and Strengthening America by Fulfilling Rights and Ensuring Effective Discipline Over Monitoring Act,” or the USA FREEDOM Act. The Freedom Act gives the government many of the same rights as Section 215 of the Patriot Act, though with some significant restrictions. It abolishes National Security Letters, the most controversial aspect of the first law, and forces the NSA to go through the Surveillance Court to obtain info from companies. The surveillance court is also required to publish information about its decision on which organizations must share data. Phone and internet companies are no longer forced to share the records on their users with the NSA, though they are still required to save it if the NSA legally requests it at some time. Given the cozy relationship between telecoms companies and the government, many observers doubt whether this barrier is effective. It seems that, in all likelihood, the surveillance has continued, perhaps with a more restrictive lens given the publics’ growing preference for privacy.
In the years since Snowden’s revelation, other tech companies, like Google, have pushed back on NSA requests for information. Following a handful of publicized privacy breaches, tech surveillance has become much more of a hot topic throughout the US and the world. Of course, that doesn’t mean it’s stopped. Companies gather more data on their users today than ever before. The only difference is that they aren’t feeding all of it straight to the NSA. If they are, we’ll probably never know, as the state secrets privilege has essentially given them immunity on all aspects of this topic, and, following Snowden’s revelations, Wikileaks type info-dumps have become few and far between at the NSA’s behest.
But what do you think? Is it okay for the government to watch its people in the name of safety and security? What if they aren’t looking at the data they have on most of their citizens? Are you comfortable with the government holding terabytes of information on your web and phone habits if no humans have read through them?
What does all of this say about how governments behave as technology gives them more power to spy on the world’s citizens? Will the situation ever get better? Or will it continue to deteriorate with every potential threat to national security?