The NSA Can Do Its Job Without Hacking Every One Of Your Emails


The worry that the NSA is prying too deeply into the online lives of ordinary citizens is understandable. Unless you have a high degree of trust in your government, it is disconcerting that it is possible for a government employee with appropriate security clearances to read your email, view your browsing history and the metadata of your phone usage. 

The call to abolish massive surveillance is, for this reason, expected. But, however understandable this call is, it is not, in the end, sufficiently justified.

Whether we like it or not, institutions will have access to this sort of data, whether it is the NSA, foreign governments, or mere companies like Facebook and Google. Given the way the Internet works, privacy just isn’t possible. This is a fact that we’re better off accepting than resisting. The appropriate response to the NSA’s domestic spying program is not to artificially (and, I believe, futilely) limit the powers of government surveillance. It is to regulate them.

What’s more, given the technology available to us, it is possible to enact a regulation that allows the NSA to perform massive surveillance while also maintaining privacy. We can, in this case, have it both ways.

When the NSA receives data from Facebook, Verizon, or Google, for example, it is not as if NSA employees are listening through of all of your phone calls. As President Obama said, “No one is listening to your phone calls.” Rather, algorithms are used to sift through zettabytes of data to find suspicious patterns of activity and to identify suspicious persons.

A regulation that allows massive surveillance and that maintains privacy might look something like this:

Suppose that Congress passes a law that requires all of the data collected by the NSA to be encrypted, so that only certain algorithms could read it. Suppose also that the encryption is programed so that certain parts of the data could be unencrypted after a judge issues a warrant. Indeed, it could be legislated that judges are the ones with access to special software that generates decryption keys. This way, whenever the NSA’s algorithms produce a set of suspicious persons, an NSA member would have to go to a judge in order to get a warrant and decryption key, which would then allow the NSA employee to identify and look at substantive information about these persons.

The proposal I’ve just sketched out is extremely high-level and probably quite flawed. But given the technology that is available, there is no reason why a similar proposal that maintains both privacy and surveillance could not be developed and enacted.

If such a proposal is successful, and if most Americans can stomach the necessary complexity involved, then we might find the government’s interest in us more palatable.

In a speech last week, Obama said, “We have to strike the right balance between protecting our security and preserving our freedoms.” Although this and other remarks from his speech have received some criticism, they are not hot air, nor are they mindless. If the reasoning skills of our legislators come out of disuse, if only briefly, they may find that the available technology allows them to strike this balance.