One of the key things that people quickly realized after last week's revelation about the NSA putting backdoors
into encryption, was that this was exactly
what the federal government had tried to do with the Clipper Chip back in the 90s, and after a public debate, it was rejected. The battle over the Clipper Chip was one of the key legal/tech battles of the 1990s.
And then the NSA went and did it anyway.
Jack Shafer, over at Reuters, points out that there's this pattern of the NSA not taking no for an answer
, discussing the attempts to stop PGP and also the infamous Total Information Awareness program:
Zimmerman and his allies eventually won the PGP showdown, as did privacy advocates in the mid-1990s, defeating the government’s proposal for the “Clipper chip,” which would allow easy surveillance of telephone and computer systems, and again after 9/11, when Congress cut funding for the Defense Department office in charge of the Total Information Awareness (TIA) program, a massive surveillance database containing oceans of vital information about everybody in the United States.
But the journalistic record proves we can’t trust government’s white flag of surrender. In the case of TIA, the government abandoned the program’s name but preserved the operation, as Shane Harris and others reported seven years ago, giving it new code names and concealing it in places like the NSA. The documents Snowden stole from the NSA show the government capturing and analyzing much of what TIA sought in the first place.
Basically, this suggests that even if the NSA is told to stop doing the various things it's doing, it's only a matter of time until they do them anyway. One response to this -- which many are taking seriously -- is to look into re-architecting the internet
to see what can be built, ground-up with security in mind, specifically making sure that the NSA can't weasel its way in.
But there's a separate issue as well. How do we stop basic government overreach after it's been made clear that they don't have a mandate to do what they're doing? Yes, government officials and NSA defenders like to pretend that they did have a mandate here, and will point to the FISA Court or other aspects to argue that it's perfectly fine -- but when they're explicitly doing exactly what they were denied a decade or more ago, those arguments ring hollow. But, if they're allowed to get away with it, without any response, then they'll never stop. No matter what they're told not to do, they'll just keep doing anyway, because what's the worst that happens? People complain about it?
So it seems that there needs to be a very different system in place -- on that involves real oversight, not the pathetic joke that is the Intelligence Committees of both houses of Congress and the FISA Court. And, frankly, it should be over a new organization. It seems clear at this point that you can't reform the NSA. It's rotten to its core. Yes, signals intelligence and other intelligence activities can be important and necessary, but it really seems like we need to breakup the NSA, and restructure the whole thing such that it can be built in a manner where there's actual oversight, rather than having it do whatever it wants and pretending everything is fine any time anyone accuses them of anything.