View all Articles
Commentary By Heather Mac Donald

Information Please

Cities, Public Safety Policing, Crime Control

Only a paranoid solipsist could feel threatened by the calling analysis program.

Oh, sorry, it’s not 1942. It’s 2006, and these three phone giants are about to be excoriated for cooperating with the war on terror. Senate Judiciary Committee chairman Arlen Specter has demanded that ATT, Verizon, and BellSouth testify under oath about their assistance to the National Security Agency’s counterterrorism programs; 50 House Democrats are demanding a criminal investigation by special counsel.

Here we go again: another specious privacy scandal. The disclosure by USA Today that these three telecom companies have given the government access to trillions of anonymized domestic calling records has sent Bush administration critics, privacy advocates, and the press into an ecstatic frenzy of denunciation and fear-mongering. This newly energized coalition charges that the White House is trampling citizens’ constitutional rights and creating a surveillance state. And the Bush administration has only itself to blame.

Ever since allowing the Pentagon’s Total Information Awareness project to go down the tubes in 2003, the administration has failed to explain the potential of data mining, even as it secretly continues to use this vital technology. Thus, at every revelation of a government data mining program, privacy extremists enjoy unchallenged supremacy in characterizing the technology as a massive threat to life as we know it.

Only a paranoid solipsist could feel threatened by the recently revealed calling analysis program. Since late 2001, Verizon, BellSouth, and ATT have connected nearly two trillion calls, according to the Washington Post. The companies gave NSA the incoming and outgoing numbers of those calls, stripped of all identifying information such as name or address. No conversational content was included. The NSA then put its supercharged computers to work analyzing patterns among the four trillion numbers involved in the two trillion calls, to look for clusters that might suggest terrorist connections. Though the details are unknown, they might search for calls to known terrorists, or, more speculatively, try to elicit templates of terror calling behavior from the data.

As a practical matter, no one’s privacy is violated by such analysis. Memo to privacy nuts: The computer does not have a clue that you exist; it does not know what it is churning through; your phone number is meaningless to it. The press loves to stress the astounding volume of data that data mining can consume--the Washington Post’s lead on May 12 warned that the administration had been “secretly . . . assembling gargantuan databases.” But it is precisely the size of that data store that renders the image of individualized snooping so absurd.

True, the government can de-anonymize the data if connections to terror suspects emerge, and it is not known what threshold of proof the government uses to put a name to critical phone numbers. But until that point is reached, your privacy is at greater risk from the Goodyear blimp at a Stones concert than from the NSA’s supercomputers churning through trillions of zeros and ones representing disembodied phone numbers.

And even after that point is reached, the notion that 280 million Americans who have not been communicating with al Qaeda are at risk from this quadrillion-bit program is absurd. What exactly are the privacy advocates worried about? That an NSA agent will search the phone records of his ex-wife or of themselves? This quaint scenario completely misunderstands the scale of, and bureaucratic checks on, such data analysis programs.

As a constitutional matter, no one’s privacy is violated by such automated analysis of business records.

Senator Dianne Feinstein needs to brush up on her legal doctrine when she decries the program as a “major constitutional confrontation on Fourth Amendment guarantees of unreasonable search and seizure.” There is no Fourth Amendment protection for information that you have conveyed to a third party.

Your phone company at the very least--if not a score of marketers--knows your calling history; that history is no longer private, therefore, and the government can obtain your phone records without a judicial warrant. Congress has provided statutory protections for certain kinds of telecommunications information, but those statutes allow telephone companies to share their data with the government for emergencies. After 9/11, a phone executive who didn’t believe that the country was in danger of another catastrophic attack was seriously out of touch with reality. And the volume of data requested almost by definition protects the privacy of any individual customer.

The Washington Post calls this numbers analysis the “most extensive . . . domestic surveillance [program] yet known involving ordinary citizens and residents.” Bunk. The NSA’s data mining program is not surveillance; no one is being listened to or observed.

Data mining looks for mathematical patterns in computerized information; it is not a real-time spying operation. The government didn’t need to go to the Foreign Intelligence Surveillance Court for a wiretap or pen register order (which governs the collection of phone numbers in real time from a single phone) because it is not listening to or recording any individual’s calls. FISA is built around the notion of an individualized investigation of specific spies or terrorists; it is seriously outdated for the application of American computer know-how to ferret out terror plots before they happen and before the government has individual suspects in mind.

But it may be too late to convey these truths. The time to explain how data mining protects privacy while providing a crucial tool against unknown mass-murderers was while the Pentagon’s Total Information Awareness program was under attack. That program, which hoped to uncover patterns of terrorist activity in publicly available commercial data, was merely in its preliminary research stages, but the Senate killed it in a demagogic display of privacy hysteria.

Having lost that battle without fighting, the administration has gone silent on the value of data mining, presumably terrified of another privacy fiasco. After the revelation last December of another large-scale NSA program analyzing international calls to terror suspects, the administration denied that data mining was involved. It also implied that domestic phone traffic was off-limits. And now, President Bush defends this latest program in the most anodyne of terms, asserting baldly that the “privacy of ordinary Americans is fiercely protected in all our activities.” His credibility, after the previous denials of data mining and failure to clarify its character, is, to say the least, weak.

Cooperation between the private sector and intelligence agencies is crucial for uncovering terrorist plots. After 9/11, JetBlue Airways and Northwest Airlines offered privacy-protected passenger records to NASA and the Pentagon for research to see if data-mining could aid in identifying terrorist flight behavior. No passenger’s privacy was violated, yet these two companies now face hundreds of billions of dollars in privacy lawsuits. The class action bar is undoubtedly gearing up for a similar assault on ATT, Verizon, and BellSouth, an abuse of tort law that will further discourage patriotic corporate behavior.

The American public is adult enough, one hopes, to cope with the idea of a government computer analyzing commercial and communications data as a protection against terrorism. If only someone would trust them with the facts.

This piece originally appeared in The Weekly Standard

This piece originally appeared in The Weekly Standard