Getting Beyond the Benedict Arnold of the Cyber Age: Crafting Post-Snowden American Policy and Law

This past week brought more discomfort in the United States produced by Edward Snowden’s disclosures about NSA surveillance activities:

  • The House of Representatives narrowly defeated a proposal to restrict NSA authority to collect telephone metadata in the United States, a vote that caused intra-party clashes within both the Democratic and Republican parties;
  • Legislators in Congress grilled NSA officials on the NSA’s collection of telephone metadata within the US, producing testimony that only heightened congressional concerns about the executive branch’s metadata surveillance activities and their legal justification;
  • The NSA released previously classified documents related to the now infamous Verizon Order leaked by Snowden, an effort at transparency that, apparently, did not make anything more transparent;
  • Courtesy of Snowden, The Guardian revealed another NSA program, called XKeyscore, which caused another round of national and international controversy about US surveillance policies and practices; and
  • The Russian government granted Snowden asylum for one year, allowing him to leave his limbo-laden life at the Moscow airport, a development that perhaps guarantees Snowden’s place in history (and not Bradley Manning) as the Benedict Arnold of the cyber age and made already fraying US-Russian relations worse.

To have Congress close to over-turning a key law passed after 9/11, to deepen tensions between the legislative and executive branches, to provoke the masters of secrecy to try to be more transparent, to wrong-foot the NSA again with a new disclosure, to cause rifts within both major US political parties, and to exacerbate problems between great powers is, ladies and gentlemen, one hell of a week, in more ways than one.

Each development of this past week deserves its own scrutiny, but my objective here is to try to assess what the sum of these episodes means for the US. The initial disclosures from Snowden brought forth calls for a “national conversation” about the implications of the revelations of NSA surveillance activities and the policy and legal justifications for them. This conversation has been extremely awkward because a proudly open and free society found itself debating critical issues kept secret by its government and only revealed by a law-breaker who sought succor in the sovereignty of anti-American governments. To quote one of history’s great admirers of the US, not our finest hour.

But, this past week should signal that the “national conversation” requires decisions needed to shape post-Snowden American policy and law on issues ranging from the privacy of American citizens dependent on digital communications technologies to the impact of cyber espionage on the power and reputation of the US in geopolitics. No one should underestimate the gravity of these decisions because the questions to be answered go deep into what America means at home and abroad. In its main leader of its August 3rd issue, The Economist–hardly an American nemesis–embeds the Snowden affair along with other post-9/11 policies in what it calls “liberty’s lost decade.”

Provocative, to be sure, but The Economist is trying to piece together what it all means for the US, from Mohamed Atta to Edward Snowden, and is encouraging Americans to re-evaluate where their government has been–from detention cells in Guantanamo Bay to “collecting it all” in cyberspace–and whether and how they want the future to be different. We might not like the headlines, the harsh questions, and the flippant or cynical condemnations of American behavior as hysterical hypocrisy. But, when someone like Edward Snowden can affect this country’s domestic politics and foreign affairs as wrenchingly as he repeatedly has (see, this past week), we have serious work to do in crafting policies and laws less dependent on the fear secrecy breeds and more confident in the resilience openness brings when betrayal from within and enmity from without test our interests and values.

Advertisements

Me Thinks They Doth Protest Too Much: Espionage in the Cyber Age

This past weekend brought more Snowden flakes about NSA spying. However, this time the alleged espionage targeted not American citizens, “foreign nationals reasonably believed to located outside the US,” or China but American allies–European Union (EU) officials, diplomatic facilities, and computer networks. If true (as seems likely from US government responses–see below), these leaks combine with the previous disclosures about NSA surveillance to inform people of the scale, capabilities, and audacity of US intelligence gathering activities.

European leaders expressed shock and took much umbrage, with some dredging up the dark spying days of the Cold War and others issuing threats of adverse consequences for upcoming US-EU negotiations on a transatlantic trade agreement. Responses from President Obama, the Director of National Intelligence, and Secretary of State made the same point–the US engages in espionage as all nations do in order to protect foreign policy and national security interests.

This response was simultaneously true and disingenuous. All countries spy in some form or another, and, European public displays of anger aside, the spying includes keeping an eye on allies. And that includes the intelligence agencies of European countries whose leaders were shocked–so shocked!–at the US gathering intelligence on their possible future actions. The response was disingenuous because the US has an intelligence capability that is unrivaled in the world and the political and economic power to pursue espionage without fear of serious consequences. See, for example, the US-EU transatlantic trade talks will start as scheduled despite lots of frothing Euro mouths.

However, not too long ago, it was American officials and politicians who were frothing about Chinese cyber spying against the US government and US-based companies. Snowden’s apparent disclosure of large-scale US cyber espionage against Chinese government, business, and academic targets and, now, allegations about US spying on European governments, makes the past few months of portraying Chinese cyber espionage as beyond the pale look, well, less impressive. Even the US attempt to distinguish economic espionage against companies from classical state-on-state spying gets lost in the growing perception–now directly re-enforced by the US government–that all countries engage in espionage against allies and rivals whenever and however they see fit. In this light, earnestly repeated assertions by China that it does not engage in cyber espionage against the US and other countries and that it is the innocent victim of American spying appear, strangely, rather unseemly for a rising world power.

Should the protagonists in these events stop whining about espionage and just get on with it? Or, do these revelations suggest that the Internet has turned “everybody does it” espionage into an out-of-control phenomenon that damages individual privacy, alliances, and great power politics and requires some re-thinking? Existing international law is permissive of spying, and the few international legal rules that contain limits do not constrain the practice in any effective way. As already indicated, Snowden’s leaks have derailed the US effort to portray Chinese cyber espionage as outside “norms of responsible behavior in cyberspace,” and the coordinated chorus from top US government officials to the latest leak that “all nations do it” might well have ended the willingness of other countries to consider American ideas about re-thinking international norms about espionage in light of the global importance of the Internet.