Monday, December 16, 2013

Judge: NSA phone program likely unconstitutional - Josh Gerstein -

Judge: NSA phone program likely unconstitutional - Josh Gerstein -

I know a lot of folks feel this is a good decision by the Judge.  But I do not think it made us any safer, and I am very sure that our privacy is not any better because of it.

There is a very good tool that NSA, and other Government Agencies have developed over the years.  It is based off of a very sophisticated link analysis model.  It in it's most basic form, it shows that a known bad guy has talked to someone else.  Which by itself in a lead for an investigation, but that is the basic mode.  Now the bad guy has talked to a person, that person with out anyone finding anything else about him, like name or anything else, now talks to others, none of which are bad guys, so the number pretty much fades into the blur.  But think if that number talks to another person that talks to another bad guy, now we may have something.  Still very basic, but meets the NSA 3 jump rule, which does allow for more investigation.  Or not.

Now take the same communications pattern, but we add a little sophistication to the analysis, that says, after the Pizza call, the number notifies someone with in less than 60 seconds, who then calls two others with in 60 seconds.  Now run that pattern against a known terrorist notification or drug distribution case.  It turns out that not many people that order Pizza start calling others quickly, after making the call.  But still it could be, so you just keep the template running, and find that this happens a lot from this Pizza store, and not other stores in the area.   Now we do nothing but report this to the FBI, or another agency, who gets the warrants to go deeper into this issue.  If that agency does not find anything, they report actually they bitch to the NSA that they just went on a wild goose chase.  NSA, files this and retweeks the analysis program.

Now do this with emails, or stock purchases, or a mixture of both, or all.  The computer algorithms get more and more sophisticated.  The track record of successes, or failures, keep refining the program.  Every time a new terrorist cell, or cyber identity theft ring, or malware distribution is discovered, the program is refined.  Now add an analyst to the mix, because people still are the best way to separate out a school phone tree about a school closure from a terrorist cell.

Now run this program against the millions of phone calls and emails out there, and you find that you discard over 90% of the information as not interesting to the intel field.  Of that 10% analysts get rid of another 90% of what is left, and then the agencies get rid of another 90% with the briefest of investigations.  Like looking up names and find it is a wedding part where a few of the folks have been involved in a criminal or suspect activity in the past, but this is just a wedding party communications link.

Now you are just down to very few people ever even being looked at because of the huge NSA data base.

Something I am willing to allow happen.

France is trying to collect all the same data, and I am telling you straight out, that they do not treat the data as private at all.  If they can help a french company find a way to get more of the wedding business, they will provide that data to french companies.  If many countries find out you are visiting  porn sites, or perhaps even a christian evangelical site, they will probably act on it in some way.

But Google, AOL, as well as many other private companies, are also doing similar data mining of all the data they collect.  Most of the time we have given them the right to violate our privacy, by checking a box on line, that we have never read.  I know I read more of these disclaimers than many, and I still give them permission just so I can get what I want from the web faster.

Bottom line NSA is not the problem,

No comments:

Post a Comment