Last week an NSA spokesperson spoke to the Long Now. It was something of a friendly introduction to the NSA's culture of concern, but ultimately unsatisfying. When you come to your bosses, you generally offer a token of goodwill, NSA hasn't thrown us any bones. And so they will recieve rocks in return, but some measure of polite patience as well. The following is the list of questions provided by the audience:
But before I list them I'd like to put a question of cost-benefit analysis to everything. After all, the NSA's budget isn't and shouldn't be unlimited. So we really can't know if they are doing their job efficiently if some analysis of this sort isn't performed. Ultimately they want to reduce terror, and they might be effective if the intelligence they produce reduces the cost of war - after all, if you know exactly where and when the bad guy is, it takes less ammo to take off his head.
Most obviously the cost of domestic surveillance is the one I am concerned with and we would like to weigh that against the cost of domestic terror. So why not create a domestic terror insurance policy? If each American citizen were to pay $10 into a national terror insurance fund and every person who is killed by an actual act of domestic terror were compensated $5 million, then we could have a parallel strategy. After all, America can be very good with money and this is something we all could understand. What we don't understand is how much money the NSA spends on what and how many lives they have or have not saved. Insurance is transparent, the NSA is not. Let's try this alternate route.
Note that the implications of this alternate route on domestic terror puts the NSA against a very concrete standard - one that doesn't exist now except in the minds of the convinced insiders...
---
I have a general (unfocused) question about transparency – which
hasn’t been mentioned thus far. What is the NSA’s rationale around
hiding its activities from the American people? What can you tell us
about the issue of transparency going forward?
What are the key questions NSA is discussing following the Snowden
releases? And what is the NSA doing to address these issues?
Germany is very, very upset. What could we have done, and what should
we do in the future, to fulfill our many responsibilities while also
respecting our most valuable international relationships?
How can we work toward a new social contract when the intelligence
agency directors repeatedly lie to the Congress and to the public?
Is it true you can still find one-star generals playing Magic the
Gathering in the NSA canteen during lunch hour?
The failures of 9-11 were not technical failures, but failures of
individuals and organizations to work together toward a common goal.
What concrete steps can you describe in the intelligence community
that have been taken to remedy this?
What is the NSA doing to make the scope of its data collection efforts
as transparent as possible, while still achieving its goals w.r.t.
national security?
Is it an acceptable outcome that NSA fails at securing us in the
service of privacy considerations?
If the Snowden incident hadn’t happened, would the NSA have hired the
civil liberties expert? What structural changes will make this role
actually effective?
Has the real tension been between the NSA needing to protect its own
systems while ensuring that everybody else’s are vulnerable? Is this
inevitable?
Do you believe the mission of the NSA can be accomplished without
building a record of all worldwide communications and activities?
Why?
Is the NSA embedding backdoor or surveillance capability in any
commercial integrated circuits?
If you want to address the damage to public trust, and improve the
social contract, why not applaud the work Edward Snowden has done to
demonstrate how your agency has gone astray?
Do you consider the NSA’s role in weakening the RSA random number
generator to be a violation of the NSA’s existing social contract?
How do you think about its exploitability by criminal elements?
What do you tell American corporate tech leaders who are concerned
about lowered trust and security of their services and products? Lack
of trust based on national security letters, for example, or
weaknesses introduced into RSA crypto by the NSA?
What is the best mechanism for an intelligence agency to prevent
themselves from using “national security secrecy” to cover up an
embarrassment? Is there something better than whistleblowers?
Secure information and privacy need to be balanced – please give an
example of when you feel the NSA worked at its best in this balancing
act. Please be specific :-)
How much is your presentation a reflection of NSA or your personal views?
Should the NSA play a role in devising the new rules for cyberwar?
(Since the old rules for war don’t work in the digital universe.) How
do we citizens participate?
Do you personally feel that the leaks of the last year have revealed
serious overreach by your agency? Or, do you feel as though the NSA
has simply been unfairly painted and that the leaks have been
damaging?
Privacy is, logically, implied (4th, and 5th and 10th Amendments).
Should it be an explicit right? If so, how should it be architected?
Amnesty for Snowden?
When Russia invaded Ukraine, it seemed to take us by surprise. Have
Snowden’s revelations damaged our ability to anticipate sudden moves
by rivals and adversaries?
How can the NSA build an effective social contract when it destroys
evidence in an active case and when its decisions are made in a secret
court without public scrutiny?
How can the public make informed decisions if NSA keeps secret what it
is doing from its public rulers viz the abuses exposed by Snowden?
Can you give an example of a credible “cyber threat” thwarted by the NSA?
Why did NSA dissolve its Chief Scientist Office? So too FBI. This
Office funded the disk drive and speech recognition.
How do you reconcile your stated goal of improving the security of
private sector products with NSA’s documented practice of
intentionally weakening encryption standards and adding backdoors to
exported network devices that facilitate billions of dollars of
e-commerce?
How does surveillance directed towards the United States’s closest
allies help deter terrorist threats, and how does the damage of our
relationship with Germany and other allies offset the benefits of
conducting such surveillance?
I am an American, legally, politically, culturally, economically. I
was born in Pakistan and am a young male. My demographics are the
prime target of the NSA. I have no recourse if the NSA sees that I
have visited the “wrong” links. I am afraid that the NSA deems me a
suspect. Your response?
Balancing the needs of ‘security, society and business’ leaves most of
us with 1 vote in 3. Given the shared interest in big data by
security agencies and business, how do the rest of us keep from
getting outvoted 2-to-1 every time?
Your fears seem to be based on a highly competitive scarcity-based
economy. What is your role in a post-scarcity society?
In what ways do public, crowdsourced prediction markets help to
resolve the tension between public trust and the need for
sophisticated intel?
Does the government have either a duty or a need to be open and honest
in its communication with the public?
How does the NSA approach biological data? Synthetic biology applications?
You never use the word law.
How many more leaks would it take to make your mission impossible?
Personally I look forward to this particular point in time.
Please share your thoughts on: Re: ‘talent leverage’ impact on world
stage. We are all one family on spaceship earth, and we have grave
system failures in the ship. If the U.S. gov’t can shift from empire
to universal economic empowerment, based on natural carrying capacity
of each ecosystem. Then, trust can be restored that this is not a
gov’t of and for the military-industrial complex, and the most
powerful corporations.
What are three basic reasons that make the NSA assume that it doesn’t
need to obey the law?
Surveillance and security are mutually contradictory goals. Shouldn’t
these functions of the NSA be split into different agencies?
Was Snowden a hero or a damaging rogue? Did he catalyze changes to
keep NSA from being the “KGB”?
Do we live in a democracy when there are no checks and balances in the
intelligence community? --> CIA/Senate, --> Snowden/NSA?
You described the importance of a social contract in determining the
appropriate balance between privacy and intelligence gathering. But
contracts require all parties to be well-informed and to trust each
other. How can the American public trust the intelligence community
when all of the reforms you mentioned only occurred because a
concerned patriot chose to blow the whistle (and now faces
prosecution)?
How are we to maintain the creative outliers and risk takers (things
that have been known to create growth and brilliance) if we are
keeping / tracking ‘norms’ as acceptable – or the things we accept. –
How will we know if we are wrong?
Can or does the NSA influence or seek to influence immigration policy
so that the US could retain foreign workers here on expiring H1Bs?
What does the NSA see as some of the greatest emerging technologies
(quantum decryption for example) that can create the future
“Intelligent America”?
What are the factors that determines whether the NSA ‘quietly assists’
improving a company’s product security, or it weakens or promotes
weaker crypto standards / algorithms / tech?
Please talk about the recent large scale hacking from Russia.
Why frame this as “how can laws keep up with technology” instead of
“how do we keep the NSA from exceeding the law?”
1) Was NSA interdiction of a sovereign leader’s aircraft a violation
of international law? 2) Does NSA believe they can mill and drill a
database to find potential terrorists?
The NSA paid a private security form, RSA, to introduce a weakness
into its security software. Spying is one matter. But making our
defenses weaker is another. How do you defend this?
What is your biggest fear about NSA overreaching in its power [?]
How many real, proven terrorist threats to the U.S. have been
uncovered by NSA surveillance of email / cell phone activity of
private citizens in the last few years (4-8)?
Your list of tensions omitted any mention of corporate or otherwise
economic fallout that may result or have resulted from the Snowden
revelations. What relief mechanism do you foresee maintaining
corporate trust in the American government?
You mentioned doing during slide 14 that the Director of the NSA is
declassifying more information to promote “tranparency”. Can you
please elaborate on how we might find these recently declassified
documents?
Long ago we created a “privilege” for priests, doctors and lawyers,
fearing we could not use them without it. Today, our computers know
us better than our priests, but they have no privilege and can betray
us to surveillance. How do we fix that?
What systems are in place to prevent further leaks?
1) Is it ok for a foreigh entity to collect and intercept President
Obama’s communications without our knowledge? 2) Do you think William
Binney and Thomas Drake are heroes?
How do we build a world of transparency, while also enabling security
for our broader society?
As we grow more connected, the sense of distance embodied in national
patriotism and the otherness of the world shrinks. How is a larger
NSA a reasonable response in terms of a social contract?
Describe the culture that says it’s ok to monitor and read US
citizens’ email (pre-revelation) [?]
How can the NSA enable more due process during the review of approvals
of modern “wire taps” (i.e. translating big data searches to
individuals)?
In the next 10 years there will be breakthroughs in math creating
radical changes in data mining. What are the social risks of that
being dominated by NGO’s vs. government?
Has the NSA performed criminally illegal wiretapping? If so, when
will those responsible be prosecuted?
Can you define what unlocking Big Data responsibly really means and
give examples? Can NSA regulate Facebook in terms of privacy and
ownership of users’ data?
How do other governments deal with similar problems?
What prevents NSA from trusting “Intelligent America” revealing that
linking information but not the content was broadly collected could
have been understood and well presented. Funded [?] “Intelligent
Ingestion of Information” ...[?] DARPA 1991-1995.
Please address the spying upon and the filing of criminal charges
against US Senators and their staff by the USA, particularly in the
case of Senator Diane Feinstein of California.
Does the NSA’s legitmacy depend more on the safety of citizens or
ensuring the continuity of the Constitutional system?
Can you shed any light on why Pres. Obama has indicted more
whistleblowers than all previous presidents combined?
When will Snowden be recognized as a hero? When will Clapper go to
jail for perjury? Actions speak louder than buzz words.
Does NSA make available the algorithms for natural language processing
used by the data analysis systems?
In the long term view, it would seem freedom is a higher priority
value than safety so why is safety the highest value here? Why isn’t
the USA working primariy to ensure our continued freedom?
How do you protect sources and methods while forging the new social contract?
How can any company trust cybercommand when the same chief runs NSA
where the focus is attack? How can we trust the Utah Data Center
after such blatant lies of “targeted surveillance?”
Now that the mass surveillance programs have to some extent been
revealed, can we see some verifiable examples of their worth? If not,
will NSA turn back towards strengthening security instead of
undermining it?
The terrorist attacks of 9/11 encouraged our govt. leaders to adopt
aggressive surveillance laws and regulations and demands from the
intelligence communities. How do we reverse these policies adopted
under duress?
Recent Comments