The 215

The NSA has been in the spotlight for a while. Most of us who had been blissfully ignorant, became aware of the surprising scale and scope of the NSA's data collection effort when The Guardian, courtesy of Edward Snowden, blew the whistle on a large domestic surveillance program.

There has been a great deal of confusion about what the programs actually did and why they might be if concern. It seems that one of the most controversial is that covered by Section 215 of the 2001 Patriot Act which allows for the bulk (and seemingly indiscriminate) collection of telephone meta-data. The administration maintained that 'no one was listening to your phone calls' which is true, but that rather misses the point. Social network analysis tools reveal a great deal from just this kind of connection data.

In addition to seeing if an individual has ties to a known terrorist, structural equivalence can likely help identify people in terrorist cells. What's more concerning though is the potential to use role equivalence to identify similar looking network structures; having a network that is structurally similar to a terrorist cell doesn't make it one. Data-mining this kind of information helps by adding richness to the analysis. While it is probably true that no singe act of terror has been thwarted as a direct result of the use of this data, it seems within the realms of possibility that the 215 program added something to the bigger picture.

So, the question should probably not be "do we discontinue the program?" but rather "how do we safeguard the information and the potential insights it generates from mis-use, either by government and politicians, or other parties (for example hackers, leakers, or even foreign governments)?"

One idea floated recently is that the data be kept by a private consortium of the telcos. This makes me more uncomfortable than having the government hold it. First, the private sector will be even less motivated than the government to invest adequately in safeguards to prevent misuse of the information. Indeed they may even be tempted to exploit it for commercial ends; after all, having not just their own telephone subscribers' data but the entire country's in a single database has enormous commercial potential.

My vote would be to create a special branch of the judiciary whose role would be the safeguarding and oversight of this data. Expanding the role of the judiciary has some appeal given widespread suspicion of the executive branch and the state of disarray in the legislative branch.