Perhaps The NSA Should Figure Out How To Keep Its Own Stuff Secret Before Building A Giant Database

from the just-saying... dept

Apparently, the brilliant minds at the NSA are completely bewildered as to how Ed Snowden had access to everything he had access to. They don't think it's possible.

Among the questions is how a contract employee at a distant NSA satellite office was able to obtain a copy of an order from the Foreign Intelligence Surveillance Court, a highly classified document that would presumably be sealed from most employees and of little use to someone in his position.

A former senior NSA official said that the number of agency officials with access to such court orders is “maybe 30 or maybe 40. Not large numbers.”

And, according to other reports, Snowden delivered much, much more to reporters:

Mr. Snowden has now turned over archives of “thousands” of documents, according to Mr. Greenwald, and “dozens” are newsworthy.

In other words, more leaks are to come. But, considering that people are already scrambling to see how one pretty junior IT guy could have access to such things, it's making people wonder just how screwed up the NSA is if information could leak out this way -- and conversely, why should we trust them with our data?

Edward Snowden sounds like a thoughtful, patriotic young man, and I’m sure glad he blew the whistle on the NSA’s surveillance programs. But the more I learned about him this afternoon, the angrier I became. Wait, him? The NSA trusted its most sensitive documents to this guy? And now, after it has just proven itself so inept at handling its own information, the agency still wants us to believe that it can securely hold on to all of our data? Oy vey!

Or, as Farhad Manjoo notes later in that same article:

The scandal isn’t just that the government is spying on us. It’s also that it’s giving guys like Snowden keys to the spying program. It suggests the worst combination of overreach and amateurishness, of power leveraged by incompetence. The Keystone Cops are listening to us all.

And, on top of that, people are pointing out that if Snowden could walk out with that much supposedly secret information, you have to wonder who else has done so as well, perhaps with much more nefarious intent, such as selling the information to a foreign power or group. Conor Friedersdorf points out that having the NSA collect so much data makes it a key target for the Chinese:

Even assuming the U.S. government never abuses this data -- and there is no reason to assume that! -- why isn't the burgeoning trove more dangerous to keep than it is to foreswear? Can anyone persuasively argue that it's virtually impossible for a foreign power to ever gain access to it? Can anyone persuasively argue that if they did gain access to years of private phone records, email, private files, and other data on millions of Americans, it wouldn't be hugely damaging?

Think of all the things the ruling class never thought we'd find out about the War on Terrorism that we now know. Why isn't the creation of this data trove just the latest shortsighted action by national security officials who constantly overestimate how much of what they do can be kept secret? Suggested rule of thumb: Don't create a dataset of choice that you can't bear to have breached.

And, yet, that's exactly what we've done. If Snowden had access, then it seems only reasonable to assume that he wasn't the only one. Meaning that plenty of others also had access to the same information, and there's a decent chance that it's already leaked to others. The NSA is supposed to be the best of the best, but they don't even seem to know how to keep their secrets secret.