Google is now the first of the major search engines and e-mail providers to make a firm statement on the issue of the National Security Agency's wholesale surveillance of Internet content.
Google has stated it didn't help the NSA search your e-mails. More specifically the company denies participating in the NSA's Terrorist Surveillance Program. But the company's carefully worded denial might not be enough to reassure savvy readers.
The Wall Street Journal recently revealed the true extent of the NSA's surveillance system:
"According to current and former intelligence officials, the spy agency now monitors huge volumes of records of domestic e-mails and Internet searches."
This builds on what we learned the previous week, when The Washington Post revealed that the primary motivation for the White House's wiretapping immunity demands is to protect those firms that assisted with illegal, mass-scale surveillance of e-mail traffic.
Google has now taken the interesting step to become the first major Internet company to deny helping the NSA. In an on-the-record e-mail with a company spokesperson on Friday, I was told that:
"Google was not part of the NSA's Terrorist Surveillance Program."
Is that enough to reassure you?
If Google was obligated to give up search/e-mail records, it is likely that this request would be made via a Patriot Act authorized National Security Letter. A recent Journalarticle confirmed as much, stating that the information gained from National Security letters ended up in the gigantic NSA databases. But recipients of those letters may not be allowed to tell anyone about it, and may in fact be forced to lie.
The owner of an ISP who received one of these secret orders explained the significant restrictions placed upon him in a letter to The Washington Post back in 2007.
Under the threat of criminal prosecution, I must hide all aspects of my involvement in the case--including the mere fact that I received an NSL--from my colleagues, my family and my friends. When I meet with my attorneys I cannot tell my girlfriend where I am going or where I have been. I hide any papers related to the case in a place where she will not look. When clients and friends ask me whether I am the one challenging the constitutionality of the NSL statute, I have no choice but to look them in the eye and lie.
If this poor gentleman had to lie to his girlfriend and family, it's possible that Google, if it did receive a FBI National Security Letter, might be placed in a similar position.
Careful wording
My original question to Google was, "Is Google sharing 'huge volumes' of
search records with the government?" I never asked about the NSA's
Terrorist Surveillance Program specifically.
As Salon's Glenn Greenwald has explained, the Bush administration has been very careful with its use of the term "Terrorist Surveillance Program." Many snooping activities, some of which were clearly illegal, do not come under this definition. Simply put, Google could have handed over a copy of every search request and every e-mail sent by a Gmail user to the U.S. government and it would still be able to quite correctly deny participating in the Terrorist Surveillance Program.
In any case, on January 17, 2007, Attorney General Alberto Gonzales announced that the Terrorist Surveillance Program would not be reauthorized by the president, but would be subjected to quasi-judicial oversight. So the Terrorist Surveillance Program, at least by that name, no longer exists, and Google could be actively handing over millions of e-mails, while the statement made by its PR people would be completely true.
Continued concernsWhat if Google's PR people are telling the truth? What if Google really didn't help the NSA, and that the spooks are collecting millions of search records via wiretaps placed on the Internet backbone?
It's worth pointing out that Google has stood up to the feds when they demanded search records a couple years back--but this was the DOJ, not the NSA.
The problem remains that Google is not doing a single thing to protect its customers from this kind of large-scale surveillance. While the company supports SSL-encrypted Webmail sessions, it does little to advertise it, and has taken no steps to turn it on by default.
However, the biggest problem is search. Google offers no way for its customers to search the Internet without an evil ISP (such as AT&T) from snooping in on the traffic. Google could very easily enable SSL search sessions, but has not taken any steps to do so.
When asked about the webmail security problem, and which steps customers should take to protect their search traffic from snooping Internet service providers, Google's spokesperson directed me to the company's much ridiculed YouTube Privacy channel.
I spent a few minutes browsing through the channel, but couldn't find any specific advice on protecting myself from illegal wiretaps and government surveillance. YouTube seems to be a great place to find videos of skateboarding dogs, but not such a great source of privacy tips.
For those of you who care more about your privacy than cute YouTube videos, I highly recommend the Tor anonymous web proxy, as well as the Customize Google Firefox browser extension.
Can members of Al Qaeda use voice over Internet technology (VoIP) to avoid wiretaps?
Recent comments by Michael McConnell, Director of National Intelligence, seem to suggest that terrorists could create significant roadblocks for the National Security Agency by simply routing their traffic through the U.S.
Mike McConnell: I'll have some of what he's smoking,
(Credit: Office of the Director of National Intelligence)The incongruously named Protect America Act of 2007 gutted the existing Foreign Intelligence Surveillance Act (FISA), and allowed the National Security Agency to significantly expand its surveillance powers. It's set to expire in February, and the Administration is looking for reasons to justify extending the law. With perfect timing, Michael McConnell, Director of National Intelligence, has come to the rescue.
An interview published in the upcoming edition of The New Yorker quotes him, stating that,
"McConnell said that federal judges had recently decided, in a series of secret rulings, that any telephone transmission or e-mail that incidentally flowed into U.S. computer systems was potentially subject to judicial oversight. According to McConnell, the capacity of the NSA to monitor foreign-based communications had consequently been reduced by 70 percent."
Conveniently enough, if Congress passes legislation to further gut FISA, the NSA will be able to resume its warrantless snooping on the terrorists, the troops will be safe, global warming will cease to be a problem, and no more puppies will have to die.
While the average privacy geek would consider an NSA wiretap of an undersea fiber-optic cable carrying millions of phone calls to be surveillance, it turns out that the law does not agree. As per the existing FISA rules, anything the NSA does outside of the U.S. does not count as electronic surveillance, and thus does not require a warrant. Thus, any wiretapping that happens in Iraq will never require approval of the FISA court, with or without any new legislation being passed.
(I'm not the only one to call bs on McConnell's claims. Wired's Ryan Singel is offering a $1,000 wager that "when and if those rulings are ever released, we'll see they say no such thing." Clearly, the pay over at Wired is far better than CNET. While I can't offer the same level of money as Ryan, if McConnell does turn out to be telling the truth, I'll promise to switch my telephone service to AT&T--thus sending a little bit of money to the NSA's best friend forever.)
However, for the purposes of this blog post, let's assume that McConnell is in fact telling the truth. Let's assume that a phone call between two members of Al Qaeda in the Middle East that happens to flow through a U.S.-based server automatically kicks in a requirement that the NSA get a FISA warrant before it can listen in--even if the tap is conducted in Iraq, or under the Atlantic Ocean.
It's not surprising that this would be alarming to the NSA. In a previous interview, McConnell claimed that each FISA warrant takes more than 200 man hours to process. Were every member of the Iraqi insurgency to route his communications via the U.S., the NSA would presumably become the largest law firm in the world.
Which brings me to the point of today's blog post. If McConnell is to be believed, Al Qaeda merely needs to switch to using U.S.-based voice over IP services, and it can immediately crush the NSA under a pile of FISA paperwork. No matter where the NSA actually tried to intercept the Internet-routed phone call, a FISA warrant would be required. For $24.99 a month per terrorist, Al Qaeda could launch a gigantic legal denial of service against the folks at Fort Meade. Furthermore, now that the iPhone has been hacked to support VoIP software, the VoIP-subscribing terrorists could communicate in style.
Of course, the problem with using most commercial VoIP solutions is that phone calls flow over the wire in the clear, making it trivially easy for our spooks to listen in once they've dealt with that pesky matter of the warrant. Thus, any smart terrorist worth his salt would most likely use encrypted VoIP software, such as the uber-fantastic Zfone project, which can be had for free.
- prev
- 1
- next
