On Government Surveillance of Cellular Communications

By Matt Wicker

Introduction

In some contexts, to keep something secret is to protect or to guard it. Other contexts give secrecy a menacing undertone consisting of lies, denial, and deceit.. Secrecy has become something that often takes on the latter connotation. Terrorist and organized crime groups use the anonymity provided by modern communication technologies to plot attacks against the public. That is not to say that secrecy is inherently bad. Some secrets are necessary for the everyday functionality of society. This duality is what makes secrecy difficult to address through legislation. Just last month, on the 1st of December 2016, the FBI was granted “unprecedented authority to hack into Americans’ personal phones, computers and other devices.” The new abilities of the FBI are a result of the growing opinion that given the threats of terrorism and organized crime, the United States should require providers of communications devices to ensure that the government has (duly regulated) access to any data held on or passing through those devices

I am not convinced that this is a productive line of thinking. While something must be done about the criminal activities, massive surveillance initiatives seem to be a flawed approach. Through the following examination of the risks associated with sweeping surveillance programs in conjunction with the effects of similar legislation and modern technologies, we will better understand why a massive data collection is not an optimal solution.

In order to observe the true ramifications of legislation with respect to terrorism and organized crime we must examine the groups of people it would affect and their likely responses to such a piece of legislation. When considering the case of terrorists and organized crime, it is practical to break the population into two segments: those who are involved in such heinous acts and those who are not.

Innocent People

It is often said that those who are not involved in acts of terrorism or organized crime have “nothing to hide” and therefore nothing to fear. This is plainly untrue. We all have our secrets. It is because of secrecy that our world functions. In business and politics, secrets are a tool that is used to help move along trade agreements. Secrecy allows us, as members of society, to safe guard our opinions or even parts of ourselves. For example, I may very much dislike my boss for personal reasons, and I may express this sentiment to my spouse; however, the fact that my boss is not privy to this secret keeps me from potentially getting fired. Those in the LGBT community might feel uncomfortable revealing their sexuality to strangers, and most would feel uncomfortable revealing the details of their medical history. So to say that the average person has nothing to hide, is inaccurate.  Rather, I think it is more accurate to state that innocent people have nothing malicious to hide.

I think it will prove effective to again group these innocent people into categories based on their potential responses [1] to sweeping surveillance legislation. We will consider the responses of nonchalance and opposition. Those who take an attitude of nonchalance may say that though their secrets are no business of the government’s, the legislation is not likely to affect how they act on a daily basis, for there would certainly be no government intervention in behalf of their non-malicious actions. On the other hand, many may say that the government has no right to learn their secrets as they are their secrets and therefore their property. Both those in opposition and those who take a stance of nonchalance share a common sentiment: the government is wasting their time and resources investigating them, as they have no plots or secrets that would be considered terroristic or criminal.

Despite their common sentiment, the belief that these innocent people would have nothing to fear is historically untrue. Brandon Mayfield is a perfect example of how things can go wrong and how the system does affect people who are innocent. On the fourth of March 2004, there were bombings in Madrid. The FBI pinned Brandon Mayfield as a suspect. Claiming they had a partial fingerprint match, the FBI entered Mayfield’s home without a warrant and made copies of documents and his hard drives, placed him under electronic surveillance, and took DNA samples. Later, he was arrested and detained. Following this accusation, the Spanish could perfectly match the fingerprints to an Algerian man. Mayfield had been wrongly accused of being a terrorist. Though the FBI apologized, the trauma that Mayfield experienced certainly shows that innocent people can and have been impacted by government surveillance. [2] It has been noted that “even the Spanish found [the fingerprint] dubious.” [3] Of course with all of the critical work the FBI does to protect national security there will be instances where things go wrong, and there is a margin of error that is acceptable if it means greater national security, but it seems safe to say that enacting a dramatic increase in government surveillance capabilities would lead to a higher rate of error and no guarantee of increased national security.

Presently, many Americans are less than concerned with government surveillance. A study done by the Pew Research Institute found that 46 percent of Americans “describe themselves as ‘not very concerned’ or ‘not at all concerned’ when asked about surveillance.” On the other hand, 52 percent of Americans consider themselves “very concerned” or “somewhat concerned.” This statistic accurately represents the two camps that I have described, the nonchalant and the opposed. In both cases, we can assume that the government would be wasting their time surveying innocent people and in fact, might have a direct, negative impact on their lives. We can then say that the action of government surveillance would only be warranted in the case that it provided results: the capture of terrorists and criminals.

Terrorists and Criminals

Of course, the failings of similar programs and the fact that a majority of discoveries would be inane personal secrets does not mean that the program is without good intention. After all, we would be attempting to stop very dangerous criminals. This idea brings us to the other side of the populace, the criminals themselves. These are the people who use the power of secrecy to mask their bad intentions.  It is easy to get innocent secrecy confused with deceit since all deception involves some form of secrecy [4]. As we are considering terrorists and criminals we have assumed the groups’ malicious intentions. So, we are faced with the challenge of what to do with their life-threating secrets. The proposition offers a proactive government response.

We know very well that any action—especially such a sweeping political action —does not come without an opposite reaction. Just as the government would be proactive in creating legislation to monitor criminal activity, so would the bad actors become proactive in response to such legislation. Because of its controversial nature, such a law would be the center of attention. In the past month, Great Britain passed the Investigatory Powers Bill, which “among other measures, require[s] websites to keep customers’ browsing history for up to a year.” In the United States, we have seen acts in the past, such as the Patriot Act, that were heavily scrutinized by the public. It is therefore safe to assume that legislation with greater magnitude than its predecessors would receive, at least, similar public attention.

The public concern and scrutiny of such legislation will have at least two significant ramifications. One, it will upset the general public who believes that they are having their property unduly searched, and two, alert those who would be affected by such legislation, terrorists and criminals, to the great extent to which the government would be able to search their cellular devices. In cases of carefully planned terror attacks, we have witnessed how knowledge of the system in place allows it to be circumvented. The attacks in Paris just last year include a tragic example of terrorists who are aware of the counter terrorism infrastructure in place. The Paris attackers used burner phones with prepaid minutes to contact one another, and then following their calls, they would discard the phones or even leave them behind. One terrorist involved in the Paris attacks, Bilal Hidafi, is seen on security camera footage talking on a phone prior to detonating his vest. The burner phone he had been using was activated only an hour prior to his detonation [5]. Burner phones, in some cases, are entirely untraceable and therefore, prove to be an easy way for terrorists to bypass institutional surveillance. In addition to using burner phones, terrorists now have another easy way around the potential legislation: encryption.

FBI director James Comey stated, “encryption threatens to lead us to a very dark place.” Law enforcement agents are very concerned about encryption, and for good reason. Today, encryption is so sophisticated that modern super computers—despite being given unlimited attempts—cannot crack it. This issue surfaced not too long ago in the case of Rizwan Farook who along with his wife, Tashfeen Malik, shot and killed 14 people in San Bernardino. The attacks ended in the death of both Farook and Malik, yet the case was only beginning. The Federal Bureau of Investigation seized Farook’s iPhone 5c, a phone on which all the data was encrypted. The FBI was unable to crack the encryption because of Apple’s security software. This sparked controversy over whether Apple should aid the FBI in cracking the phone’s encryption –which even they could not easily do [6]. Even if Apple were willing to break into the phone, this may not necessarily solve the FBI’s problem. Once the FBI gains access to the phone, there are a bevy of new issues that face them. Should the terrorists in this case, or in any other, be using an app such as Telegram, an end-to-end encryption messenger with over one hundred million users, then the FBI are effectively back at square one. The purpose of applications such as Telegram is to protect user messages from ever being read by any third party, including the company that created the application. This means that being able to access all the content on or passing through someone’s device is not actually a feasible goal, and it’s not just Telegram, more popular applications, like Whatsapp, have also begun to use end-to-end encryption [7].

In summary, the proactive initiative that would be taken by the government represents a noble attempt at providing safety for its citizens; however, we have seen legislation such as the Patriot Act in the past, and these proactive pieces of legislation, just prompted more proactive terrorists and criminals. If a criminal wanted to get around the monitoring capabilities of the government, all he or she would have to do is purchase a burner phone, or if they belong to a small, less organized syndicate, simply download an application that will protect their messages from such monitoring.

Conclusion

Passing legislation that requires cellular providers to give the government access to all the content on or passing through the device is not feasible, would not stop the problem, and would ultimately prove to be a waste of the government’s time and effort. With access to such a massive quantity of data, the government would have to dispatch significant manpower to accurately parse the information. If actions of the past are any indication, human error does exist in the ability to parse through data, and ultimately, those with nothing to hide may still have something to fear. Moreover, as technology advances we are seeing more and more ways to circumvent the monitoring mechanisms put into place by legislation. The use of burner phones and encrypted messengers would allow criminals and terrorists to easily dodge the surveillance of the government. Passing legislation that gives the government such access would make many people very uncomfortable. This would only be warranted if we could say with relative certainty that the legislation would be worth the sacrifices of public, and in this case, we cannot.

The issues created by encryption and burner phones are indeed troubling. We will need to continue addressing them with legislation, but the approach of simply collecting mass data from cellular communication devices seems misguided.  

--

[1] I use the word nonchalance in lieu of ‘supportive’ or ‘supporting’ because I believe that though some people may not be bothered by the new legislation, they may also not be totally in favor of it.

[2] Quinn, 2005, 317.

[3] Ibid, 318

[4] Bok, 1983, 7.

[5] Moody, 2016.

[6] The ramifications of actions by Apple in this case were the main point against cracking the encryption of the phone; however, this is not entirely relevant to the point.

[7] The government tried system wide reform in the 90’s with the “clipper chip” a piece of hardware that allowed law enforcement an entry point to the information on any computer, but this was quickly hacked by Matt Blaze. After that the project was abandoned.