"Better safe than sorry" was one of J. Edgar Hoover's favorite justifications for his illegal actions. The only problem was that he applied it to personal and political enemies as eagerly as he did against the "enemies of the state".
I liken the development of these monitoring efforts to nuclear weapons. Once they have been created, you can't uncreate them. You can't put the genie back in the bottle. Somebody will end up using them, no matter how solid or flimsy their justification may be. And there is always the potential for misuse from within and without.
Anyway, it's not a tough question anymore, the damage is done. More and more federal agencies, state and even local government entities will start to use these tools for whatever purposes they desire. There is no public oversight or brake on the process. All of them have track records of breaking their own regulations on a continuing basis. And there are few citizen-run organizations like the EFF to counter the massive resources of our own bureaucracy. So we just better learn to live with it.
What do you have to hide?
Most of you know that I’m an ardent advocate for personal liberties and individual freedom. You also know that one of the hats I wear is as a cyberwarfare and counter-cyberterrorism advisor to law enforcement and government security officials.
These two aspects of my professional activities are not mutually exclusive.
There is a point at which civil liberties can come in conflict with the protection of the nation. It’s this nexus that essentially defines the American security challenge.
This is not new. In 1775, Ben Franklin famously said, “They who can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety.”
I love Ben (he’s a personal hero), but all is not quite as black-and-white as he made it out to be.
For example, let’s say you live in a country hit by devastating terrorist attacks and you’re about to run an event that’ll have nearly two million people crowding onto the Mall in Washington.
Now, let’s say you’re swearing in the first black President in a country that still has its share of racist wackos.
That Mall, with those millions of people, would be an ideal target of opportunity for either type of bad guy.
Let’s further postulate that you’re responsible for protecting not only the incoming President, not only the outgoing President, but all their families, all the dignitaries, and all those regular citizens who came for the occasion.
What do you do? What do you do?
What you do is everything you possibly can to protect your citizens, while not sacrificing their rights. You use the full extent of the law to put in whatever safety precautions you possibly can.
You also try to head off threats ahead of time by doing good, solid, preventative intelligence work.
Social Network Monitoring Center
This bring us to the Department of Homeland Security’s Social Network Monitoring Center (SNMC), the subject of a recent Freedom of Information Act (FOIA) request by the Electronic Frontier Foundation.
Now, as most you know, I’m usually the first to cheer for the work of the EFF, but this time I disagree (partially) with their outrage.
As a result of a recent FOIA request, the EFF learned that DHS had set up the SNMC to monitor social networks like Twitter, Facebook, Flickr, and MySpace prior to the inauguration. The purpose of this monitoring and aggregation effort was to find, essentially, indicators that baaaaaad things were going to happen.
Although SNMC had explicitly instructions to not gather personally identifying information, EFF believes that some of the information (like user names) could lead to a connection to individuals.
Here, I agree with the EFF. My Twitter user name is DavidGewirtz. It’s not hard to figure out that the user of that account is David Gewirtz. But I chose my user name specifically because I’m broadcasting on Twitter and I want people to know who I am.
The other thing is that publishing on Twitter and Facebook, and all those public-facing social networks is just that: publishing. If you post on Twitter for the world to see, the world might just see it. It’s not appropriate to get all up in arms that the government might be cataloging your interests in certain things when you share those interests with everyone.
Seriously, I do not want to know that your briefs are too tight or that you ate Cherios for the third day in a row. But if you post something that says you hate someone in power or want someone dead or otherwise say bad things, it’s good that our government is watching.
Unfortunately, the EFF FOIA disclosure isn’t as black-and-white as you might think, because SNMC didn’t just gather social network information prior to what could be a high-risk scenario.
Unfortunately, the SNMC seems to have a second, perhaps darker, purpose.
The SNMC is also, apparently, gathering information to feed to the Immigration and Naturalization Service and the IRS, to help hunt down tax cheats and “observe the daily life of beneficiaries and petitioners who are suspected of fraudulent activities” when applying for U.S. citizenship.
The EFF is concerned about the implications of these data collection practices and, at least on one level, I can’t argue about that concern. But on another level, I disagree with their premise and applaud the added security.
Let’s break these two issues apart.
First, we have a scanning process that’s looking for indicators of highly destructive activity. In a nation of freedoms, and a nation with 300 million self-directed individuals, it’s a really big challenge keeping everyone safe.
If the DHS has a tool that helps them predict (not Minority Report predict, but at least keep an eye out) potential trouble spots, I think that can be a valuable tool for security.
Some time ago, I wrote a piece for Counterterrorism Magazine advising security professionals to do just this: use social networks as a way to track and identify dangerous individuals. After all, if they’re posting it publicly, maybe their lack of propriety might help Homeland Security professionals save lives.
Since 9/11 there have been many incidents that you haven’t read about because our nation’s security professionals were able to prevent them. So, using this tool to provide such added security is good. There are a lot of freaky people out there and we need to do all we can to keep the nation safe.
But here’s where the SNMC become problematic. When it’s also used to monitor citizens for other possible infractions, it begins to smack of Big Brother. It no longer seems like the long arm of the law wrapping itself around us in a protective hug, but more like something intrusive and potentially threatening.
This is the fine line security professionals and our policy makers have to walk. On one hand, we have a taxpayer-funded tool that can be used to keep us safe. On the other hand, since we have a tool, and it’s already been paid for, why not use it for other enforcement efforts?
It’s a tough question. Sometimes, I wish ol’ Ben was in Washington now.
Homeland Security spies on your social network activity, but is that entirely bad? What do you have to hide? TalkBack below.
