Information, please

A man who made his living keeping the truth secret was lying to his own boss. Edward Snowden, a Booz Allen Hamilton employee on contract in Hawaii for the U.S. National Security Agency, told his government supervisor he needed “a couple of weeks” off work to treat his epilepsy.

In fact, Snowden, 30, was preparing to board a flight to Hong Kong, where he planned to launch one of the biggest intelligence community leaks in U.S. history. Walking away from a six-figure career as a computer technician with security clearance, he told his girlfriend he would be gone for a few weeks, without elaborating, and caught his plane.

In Hong Kong, Snowden shut himself up in an expensive hotel for three weeks, ordering meals to his room and rarely venturing outdoors. The career spy worried about being spied upon: He lined pillows against the door and spread a red hood over his head and laptop whenever he typed passwords—precautions against eavesdroppers and hidden cameras.

Over his internet connection, he began leaking classified documents to reporters at The Washington Post and The Guardian. The files—a secret court order, a PowerPoint presentation—were like bombshells. They gave undeniable proof of massive, systematic surveillance programs the U.S. government has used for years to collect trillions of pieces of information, secretly but apparently legally.

In one of the programs, code-named MAINWAY, the National Security Agency (NSA) collects phone call records of tens of millions of Americans, dragnet style. In another, named PRISM, it collects emails and internet activity records of foreign suspects, sometimes sweeping in Americans’ data as part of the investigations.

Privacy advocates had warned of the likelihood of broad government surveillance before, but the Snowden leaks brought the secretive programs into an unprecedented light. Snowden, who claimed he couldn’t “in good conscience allow the U.S. government to destroy privacy, internet freedom, and basic liberties for people around the world,” got what he wanted: a public debate on surveillance and privacy in post-9/11 America.

Depending on where individual Americans land in that debate, they’ve tended to portray Snowden as either a hero or a traitor. Strikingly, criticism of surveillance programs—or defense of them—has cut across party lines, and the leaks are giving privacy advocates across the political spectrum opportunity to press for reforms.

Illustrating the party divisions, two of the most vocal critics of the secret surveillance programs, Democratic senators Mark Udall of Colorado and Ron Wyden of Oregon, found their viewpoint backed by some Republicans, like Sen. Rand Paul of Kentucky and Rep. Tim Huelskamp of Kansas. Huelskamp called the indiscriminate collection of American phone data an infringement on “fundamental constitutional rights.”

Most lawmakers, however, including the chairs of the House and Senate intelligence committees—a Republican and a Democrat—appeared to be banding together to defend the programs as legal and necessary terror-fighting tools. House Speaker John Boehner, R-Ohio, called Snowden a “traitor,” and Senate Minority Leader Mitch McConnell, R-Ky., said he should be “prosecuted to the fullest extent of the law” for tipping off the nation’s enemies by revealing classified information.

Three former NSA employees thought otherwise. Thomas Drake, William Binney, and J. Kirk Wiebe, onetime whistle-blowers who first protested overreaching of government surveillance more than a decade ago, said they felt Snowden was justified in leaking information in the public interest. Snowden in late June was hiding in Russia, awaiting his fate and the outcome of a U.S. investigation.

Some of the political synergy sparked by the surveillance programs has been unintentional: Because of the leaks, two very different watchdog organizations have filed lawsuits against the U.S. government. One is the conservative Freedom Watch, whose founder was once labeled a “one-man tea party.” The other is the American Civil Liberties Union, a civil rights organization with a solid reputation for trying to remove faith (Christian faith in particular) from the public square.

This time, though, the ACLU is concerned about genuine privacy rights—its own. The ACLU is a customer of Verizon Business Network Services, the company targeted in a secret court order Snowden made public. In the April 25 order, the government demanded call “metadata” for all the phone company’s customers, including the time and duration of each call, and the numbers of both parties (but not actual conversations).

Verizon was just one of many phone companies secretly ordered to turn over phone call metadata to the MAINWAY system at the NSA. Since 2006 the government has been logging tens of millions of U.S. citizen’s phone calls in order to search for suspicious patterns. Metadata, including recently dialed numbers, would allow an analyst to spot a call to Afghanistan—or theoretically, to a political organization or a love interest. (Officials insist the database is only used to ferret out terrorist connections.)

“The practice is akin to snatching every American’s address book—with annotations detailing whom we spoke to, when we talked, for how long, and from where,” said the ACLU in its lawsuit. “It gives the government a comprehensive record of our associations and public movements, revealing a wealth of detail about our familial, political, professional, religious, and intimate associations.”

Larry Klayman, the founder and general counsel of Freedom Watch (and founder of Judicial Watch, another watchdog group), agrees with the ACLU’s privacy concerns. Surveillance is something “every American should be concerned with, left, right, or center,” he said. “It’s really the Washington establishment against the people.”

Klayman has filed two class-action lawsuits on behalf of himself and others potentially affected by the surveillance programs. One of the suits deals with the MAINWAY phone records program, and the second deals with the PRISM international email and internet data program.

PRISM was revealed in a set of classified PowerPoint slides that Snowden leaked to reporters. The slides boasted intelligence officials were able to retrieve data from nine internet companies: Facebook, Google, YouTube, Apple, Microsoft, Skype, AOL, Yahoo, and PalTalk. Under PRISM rules, officials may secretly demand international emails, chat messages, photos, videos, file downloads, and other recorded activity from the companies if relevant to investigating a foreign surveillance target.

Many people already freely reveal a trove of personal information on social media accounts. Privacy settings may block strangers, but won’t stop investigators: Facebook, for example, in June reported fulfilling between 9,000 and 10,000 user-data requests in the second half of 2012, involving 18,000 to 19,000 user accounts globally. The requests included both local police investigations and federal, foreign intelligence investigations involving PRISM. (Before June, the government had forbidden companies from acknowledging secret foreign surveillance requests.)

If an American’s data was incidentally swept up in the course of “foreign surveillance,” he or she would probably never realize it. Klayman’s legal complaint calls PRISM “illegal and unconstitutional,” and asks for the program to be stopped and government databases purged.

A humorous red-and-blue graphic floating around social media portrays President Barack Obama wearing headphones on a campaign-style poster, under the words, “Yes We Scan.” Yet, it was on George W. Bush’s watch, not Obama’s, that both surveillance programs began. (Klayman filed a lawsuit over the Bush surveillance program in 2006.)

The Electronic Frontier Foundation (EFF), a libertarian-leaning group, has been fighting in courts since 2006 for the government to forsake at least some of its eavesdropping ways. The organization launched a suit against the NSA in 2008 over its phone surveillance program. The case is now pending in the U.S. District Court in San Francisco, blocked by government attorneys.

“The government has been up until now asserting the state secrets privilege, saying they can’t even defend this lawsuit without compromising national security,” said Nate Cardozo, an EFF staff attorney. Essentially, the government argues litigation would force it to admit the existence of its surveillance programs. But thanks to the leaked Verizon court order, “That cat is out of the bag,” Cardozo said, which may allow the case to move forward.

By law, the government must get approval for surveillance requests from the Foreign Intelligence Surveillance Court (FISC). But almost all the court’s decisions are classified—including the legal interpretations of the laws the government uses to justify surveillance in the first place.

The court is meant to act as a judicial check to executive spying powers. Some critics fear it acts as a rubber stamp. In 33 years, the secret court has approved 33,900 government surveillance requests and rejected just 11.

EFF has filed a freedom of information lawsuit asking the government to declassify an important 2011 FISC ruling on the constitutionality of NSA surveillance. Currently, the Justice Department is blocking the request. Cardozo said his organization appears to be the first entity other than the government to successfully file a case in the surveillance court: “This is the first tiny crack of sunlight into what was before an entirely secret court.”

Several polls suggest a majority of Americans—up to 60 percent—disapprove of NSA phone record collecting. Are the fears over surveillance overblown?

Intelligence officials insist their surveillance activities are perfectly legal, authorized by the Patriot Act (renewed in 2011) and by the FISA Amendments Act, renewed last December for five years in a bipartisan vote (see "No need to know").

And although NSA officials collect broad telephone metadata, they destroy most records after five years, and only search the database when they have “a reasonable suspicion” their target is a person associated with a foreign terrorist organization. Intelligence officials said they had searched the phone records of less than 300 people last year.

They also say the surveillance system has allowed them to prevent terrorist attacks. In one 2009 case, officials discovered that al-Qaida operatives in Pakistan had been in contact with a Muslim extremist in Colorado, Najibullah Zazi, who was planning with fellow conspirators to bomb the New York City subway system using beauty-salon chemicals. Thanks to the secret surveillance systems, officials were able to arrest the would-be terrorists before the act. But now that the programs are publicly known, they may be less effective in catching such plotters.

In a congressional hearing on June 18, NSA chief Gen. Keith Alexander told the House Intelligence Committee the surveillance programs had allowed his agency to “connect the dots” necessary to disrupt over 50 terrorist plots. “I would much rather be here today debating this point,” he said, “than trying to explain how we failed to prevent another 9/11.”

Too much clearance?

The national intelligence community has exploded in growth since 9/11, and so have the number of workers allowed to view classified data—nearly 5 million last year.

The June leaks involving Edward Snowden, who enjoyed top-secret clearance, raised the question of whether too many people—including janitors and crate packers—have access to sensitive information that could endanger national security if revealed.

Snowden wasn’t a federal worker most recently but an employee of Booz Allen Hamilton, one of hundreds of private firms working for the U.S. intelligence community. About a quarter of Booz Allen’s nearly 25,000 employees have earned clearance to work on top-secret projects, and the company depends on them to land lucrative government contracts.

National Security Agency director Gen. Keith Alexander said his agency has roughly 1,000 systems administrators with jobs similar to Snowden’s. Most are contractors.