Editorial by GenTac - A General Tactical Advisory for Business and Ventures

Editorial Release

E-Surveillance - A Dangerous Delusion

In the long-lasting wake of the September 11 tragedy, as governments worldwide relentlessly intensify the surveillance of electronic communications and dragnet the flow of personal e-mail, freedom-minded citizens both in and out of political power must voice louder the question: Who is watching us and to what end?

It is a sad reality that terrorist planners capable of executing large-scale attacks are deluded, fanatical and murderous, but we can't bank on them being also stupid. Their future online correspondence will no doubt omit those keywords likely to trigger an apparatus like the FBI’s Carnivore e-mail snooper (since renamed as the less aggressive, "DCS1000"). The content of terrorist communications will likely seem benign – needless of encryption. The probable scenario will be such that tactical codes may, for instance, be passed back-and-forth as discussions on the mechanical merits of the latest model Mercedes coupe.

In a worrisome contrast, an unsuspecting university student plying the Web while researching the roots of Islamic radicalism, or a foreign-born resident including the word ‘chemical’ in a benign e-mail to a colleague back home, may instantly become the target of covert government monitoring.

While the long-term e-mail accounts and ongoing communications of law-abiding citizens are tracked and retained, it can be assumed that the “evil doers” will prove at least as crafty as the average spammer. Plotters of high crimes will expend two minutes to establish an anonymous free account with Hotmail, Yahoo, or one of countless other smaller providers. Then, after the coded message is sent from the public library, the corner internet café, or the local Kinko’s, like a spammer they will abandon that e-mail box and be gone.

This anonymity and ease with which a Web-based e-mail account is created and discarded is perhaps the deepest pothole awaiting those hard-driving government data miners. It would seem that our Homeland e-spies and those cyber troopers of other nations expect criminal targets to somewhat cooperate – perhaps diligently maintain a snoop-friendly AOL account. But a furtive terrorist is not likely to establish a cell phone or ISP account and offer up a credit card – especially a suspect credit card – then include other required corresponding, traceable information. Why bother?

While terrorists and other criminals abandon no-cost and anonymous e-mail identities with each message sent, or use calling cards to place international coded calls via pay phones, or place strategically-worded ads online and in printed periodicals, or simply send a letter to a temporary postal box established under an alias, ostensibly democratic governments are implementing draconian and enormously expensive tax-paid systems to monitor the private communications of their law-abiding citizens. A few examples follow.

Pursuant a plan drawn up by Europol, the police and intelligence arm of the European Union, the European parliament recently passed the so called “Data Protection Directive.” This measure requires that ISP’s and telecom firms within the EU retain not only their customers e-mail message headers, but also their Web surfing habits, chat logs, pager records, newsgroup activity and all personal info associated with the user’s account; including user names and passwords.
In accordance with a new surveillance law now effect in Switzerland, a record of every e-mail transmitted in and out of that country will be logged and stored for at least six months.
In the UK, the “Regulation of Investigatory Powers Act” allows government security agencies to access electronic communications which ISP’s and telecoms are required by law to intercept and store; including e-mail messages, Web surfing tracks and fax transmissions.
The Spanish Senate intends to force ISP’s to maintain a record of their customers' Internet activity for a year and, upon demand, make that information available to law enforcement agencies.
In New Zealand the Government introduced “Supplementary Order Paper 85,” thus allowing the interception of electronic communications by police, the Security Intelligence Service and the Government Communications Security Bureau.
In early 2002, U.S. Attorney General John Ashcroft directed the FBI to expand "data mining" and Web browsing surveillance. Authorization for this covert scrutiny of personal communications and habits can be secured without the subject being suspected of criminal activity. (When questioned by some privacy-minded members of Congress about such freewheeling domestic spying, Ashcroft replied that criticism of the Justice Department action would "only aid terrorists.")
As previously mentioned, in an apparent effort to lower the profile of its Carnivore e-mail monitoring program, the FBI renamed the surveillance system “DCS1000,” and it continues to collect messages sent by and to U.S. citizens who may not even be the subject of an FBI probe.
The FBI's mostly secret Magic Lantern spyware will (or already has) come online. A newer component of Carnivore, this remote apparatus will monitor not only communications, but also the actual keystrokes of individuals who may, or may not, be under legitimate investigation.

And perhaps most ominous of all, the Defense Advanced Research Projects Agency (DARPA), was (or is still) developing what was disturbingly titled as “Total Information Awareness” (open DARPA PDF TIA file in new window). Due to negative publicity and bipartisan congressional complaints, the TIA program was since renamed as the more post-9-11 politically-advantageous brand, "Terrorism Information Awareness" (Due to congressional scrutiny, DARPA URL's and the program itself as previously configured may no longer be active by the time you read this). See DARPA material. See update on disclosed program status, and other replacement and now in effect IT surveillance measures.

Conceived by the federally-indicted Regan-era (Iran-Contra) spookmaster, Dr. (Admiral) John Poindexter -- since resigned after it became known that he established a speculative futures market based on predicting the next terrorist hit on a US city -- TIA project directives are (or were) described as the "total reinvention of technologies for storing and accessing information... data that will need to be stored and accessed will be unprecedented, measured in petabytes."

In DARPA’s own brand of Orwellian techno-speak: "Technically, the TIA program is focusing on the development of: 1) architectures for a large-scale counter-terrorism database, for system elements associated with database population, and for integrating algorithms and mixed-initiative analytical tools; 2) novel methods for populating the database from existing sources, create innovative new sources, and invent new algorithms for mining, combining, and refining information for subsequent inclusion into the database; and, 3) revolutionary new models, algorithms, methods, tools, and techniques for analyzing and correlating information in the database to derive actionable intelligence.”

Boiling this paragraph down to plain English, one could assume that TIA (or what DARPA may refer to the now likely covert program after this writing) is to be a blanket data collection tool designed to track every individual who communicates electronically.

The problem with such a super surveillance apparatus is that while likely accomplishing little in the fight against international terrorism, put at risk will be the rights, freedoms and economic well being of those citizens ostensibly being protected.

We live in an age in which 30-year FBI veterans sell out their country and an A-Z lineup of hackers readily target top secret government databases. Whether an individual accessing a system like TIA is a government employee out to quash dissent or sell secrets, or a hacker targeting a bank account, you can be sure that the system and its data will eventually be misused.

This is the era of information, when references to “1984” have become cliché. But in the case of TIA, the comparison is more relevant than ever. Peaceable, tax-paying citizens deserve to be left alone, not scrutinized and potentially compromised by their own government.

Those governments now expending untold sums of their citizens’ tax dollars in creating Orwellian systems of surveillance should perhaps instead rely on more proven tools of target-specific intelligence: human intelligence, human operatives and human expertise.

Like Pearl Harbor 60 years before, the U.S. had the information that would likely have prevented September 11. The tragedy resulted from a massive failure of bureaucracies; not from a lack of electronic surveillance. Carnivore, Magic Lantern or even TIA would have made little difference. Within cumbersome and wasteful agencies officials failed to communicate and failed to act on the data already on their desks.

Now, the same officials that ignored obvious signals, the same officials that ignored the warnings of their own agents, the same officials that curtailed effective human intelligence operations; these are the same officials that want to read your e-mail.