Friday, June 21, 2013

Should We Rely On Incompetence to Safeguard Our Civil Liberties? Or: How to Build a Better Call Trap

Robert Mueller's testimony today on the NSA phone monitoring (F.B.I. Director Warns Against Dismantling Surveillance Program) had some fascinating tidbits.  First, there's this (emphasis mine):

Testifying before the Senate Judiciary Committee, Mr. Mueller addressed a proposal to require telephone companies to retain calling logs for five years — the period the N.S.A. is keeping them — for investigators to consult, rather than allowing the government to collect and store them all. He cautioned that it would take time to subpoena the companies for numbers of interest and get the answers back.

“The point being that it will take an awful long time,” Mr. Mueller said.

“In this particular area, where you’re trying to prevent terrorist attacks, what you want is that information as to whether or not that number in Yemen is in contact with somebody in the United States almost instantaneously so you can prevent that attack,” he said. “You cannot wait three months, six months, a year to get that information, be able to collate it and put it together. Those are the concerns I have about an alternative way of handling this.”

Mr. Mueller did not explain why it would take so long for telephone companies to respond to a subpoena for calling data linked to a particular number, especially in a national security investigation.

I can tell you why it would take so long in one word: incentives.  The NSA and FBI are incentivized to build a system that actually works efficiently and effectively.  The phone companies, if faced with regulatory requirements to retain records, and incentivized to do it cheaply.  Let's do some back of the envelope math here:
- The average person probably makes 5 - 10 phone calls/text messages a day on their mobile device.
- Wikipedia tells us that there are about 300,000,000 mobile phones in the US.
- That comes out to about 3 trillion phone calls in 5 years.  Let's say a single carrier handles maybe 1/5 of that traffic, or 600 billion calls they have to retain.
- Assuming metadata on a single call (from, to, duration, date, time, and maybe IMEI) takes up 1 kilobyte of data.
- Then the carrier is required to keep a rolling log of about 500 terabytes of call data

As bad as this sounds, it's not actually that big a deal.  Facebook handles about this much data each day.  And using horizontally scalable key-value stores, like Cassandra or MongoDB, you can easily store the data and return the results in near real time, as long as you're willing to throw enough commodity hardware at it.  But that's the real issue: the willingness.  Verizon, AT&T, these guys don't really want to be in the business of storing call log data and providing it to the government.  It doesn't make them any money.  So they would simply throw it onto a disk, making it unsearchable, and tell the government, "Sorry, your request will return in 3 - 6 weeks."  You could in theory legislate that they return the results faster, but you can't actually legislate that people build competent technology infrastructure.  Failure is a more likely scenario than compliance.

With all that said, though, the fundamental question in my mind is this: What is the real difference between the NSA storing the data and the phone carriers storing it and producing it on request?  I think this is an interesting philosophical question, and as a civil libertarian, not one I take lightly.  The process is essentially the same:

Case 1: The FBI asks Verizon for calls relating to X, and they get an answer back.
Case 2: The FBI asks the NSA for calls relating to X, and they get an answer back.

Going through Verizon for the request may make it take longer, and that may be a good thing, if you're worried about abuse of the data.  But, should we really be relying on incompetence as a safeguard against abuse?  Frankly, incompetence is often the only thing that stands between us and abuse by corporations and the government.  People who ascribe all things to vast complex conspiracies fail to appreciate the true depths of human fallibility and incompetence, in most cases.  But, if the question is one of principle (legal, moral, or otherwise), it's worth asking ourselves if we'd be comfortable with Case 1, why are we fundamentally less comfortable with Case 2?

1 comment:

  1. Good points. In theory, you have more redress with a private company, since you have the power to terminate the contract and switch to another company (wait! there all in it together!) You can't quite terminate your citizenship as easily (unless your name is Edward Snowden). Yes, we trust private companies to stand in the way of the government.

    There is a precedence in libels cases-- where a plaintiff claims the need to discover a poster's identity, and the ISP can appeal the warrant based on CDA 230 immunity (I'm using a big legal words I haven't used in a while, so pardon me if this doesn't hold up in court.)

    Somewhat related, my sense is that people's default approach is: "I will give you my data, you will give me free stuff, and I will figure out later whether you are taking advantage of me, and then register my anger then..."

    People sign on to a new social media service because it's very useful, and then they ignore the data-mining capabilities until it becomes large enough, or is otherwise acquired by Facebook / Google / Yahoo, and all of a sudden they get spooked the service was intending to datamine them all along.