Event Report: The NSA Surveillance Programs - Assessing the Damage to U.S. Commerce, Confidence & Credibility

WHAT: Panel Discussion: The NSA Surveillance Programs - Assessing the Damage to U.S. Commerce, Confidence & Credibility
WHERE: Capitol Hill
WHEN: July 18, 2014

This event, hosted by the Congressional Internet Caucus Advisory Committee, seemed to suggest a new, unbiased perspective on the Snowden leaks thus far. Whereas the normal Snowden-related polarized rhetoric focuses on the merits of surveillance, privacy, or government transparency, this panel discussion promised to take a more objective route: ceteris paribus, what is the damage that the NSA surveillance programs have cost the United States in terms of commerce, confidence, and credibility? Had I been consulted, I would suggest that the hosts substitute “damage” with “cost,” to sound more even-handed; one does not assess the damage to his or her wallet after a shopping trip to Safeway, but one does assess the damage to his or her bank account after their wallet has been robbed.

With the stakes so high in the surveillance-privacy debate, the discussion often veered from damages to ideology. In other words, the conversation would shift from the amount of damage as a result of NSA surveillance to whether the damage was worth the benefits of surveillance. While some studies have attempted to demonstrate the real costs of surveillance (Castro infers the costs of PRISM and Bankston and Soltani infer the costs of individual surveillance), this discussion was more about whether these costs (whatever they may be) are worth bearing by American businesses. I think this may be because it is easier to debate the merits of a controversial topic qualitatively rather than quantitatively, no less when high classifications, little data, and raw emotions are involved.

The panelists were Shane Tews (moderator, American Enterprise Institute), Stewart Baker (Steptoe and Johnson LLP, former general counsel at the NSA), Kevin Bankston (Open Technology Institute), and Chris Hopfensperger (BSA | The Software Alliance). Fairly quickly, the panelists staked out their positions, generally with Baker on one side and the rest on the other. Indeed, Baker has an unpopular position to defend, i.e. the surveillance state, but he relishes it, fights aggressively, and counters popular talking points with experience and nuance.

The most animated discussion of the panel was how surveillance can be regulated to mitigate the concerns of the panel’s overarching question (damage to US businesses). Bankston and Hopfesnperger proposed some ideas that involved regulatory frameworks. Baker, eliciting guffaws from the audience, suggested that regulating surveillance internationally is about as effective as regulating “extramarital sex.” Whereas Baker’s primary message was that regulation would be either non-enforceable or unheeded, his message was partially lost because the audience may have already associated surveillance with discovering extramarital affairs and other intimate personal details. In other words, his ill-advised analogy (better analogies would be regulating jay-walking, movie-downloading, or other oft-followed laws) simply stoked the need for more regulation of surveillance so that intimate personal details can be protected.

The second issue that was tackled is whether the FISA judicial process is strong enough to protect civil liberties of Americans and foreigners. Bankston et al. suggested that the NSA has too few checks in the United States and that foreign customers may be better suited in storing their data elsewhere. Baker, though, contended that judicial oversight abroad is either too lax or non-existent, and that American surveillance is the most regulated of all. Baker suggested that if data were shifted from the United States to Brazil, the local law enforcement authorities would have unrestricted access to the data, as not even a FISA court-like entity operates there. As the proverb states, better the devil you know than the devil you don’t know.

Another issue that was particularly enlightening were safe harbor provisions and the conflict of interest among businesses when deciding whether to operate within a particular nation. Baker highlighted Google’s hypocrisy when it decided to leave China so it would not have to comply with Chinese censorship but complied with European regulations in allowing entities their “right to be forgotten.” Baker also felt that European privacy regulations were disingenuous at best, such that they were motivated by achieving a competitive economic advantage over American businesses, not by concern for civil liberties and human rights. When confronted by other panelists that the same could be said by American regulations, Baker responded that US lawmakers are always kowtowing to European interests in keeping American trade restrictions at bay and not protesting unfair European regulations. Bankston retorted that Mark Zuckerberg of Facebook indicated that even preferential American laws on surveillance that protect American citizens hurt US companies by discouraging foreign customers from doing business with American businesses.

Last, one question from an audience-member who works at the US Department of State focused on the preference of contractors over civil servants in handling sensitive classified material. Baker artfully responded that the NSA’s strategy for maintaining loyalty in its ranks is to hire lifetime employees. However, lifetime employees may be slow to adapt to new technological advances. In these cases, the contractors fill in the gaps and play an important role in doing so. Another audience member asked about American pride when surveillance is so pervasive and creating abundant ill-will. Baker responded that American surveillance is more regulated than the surveillance of any other nation.

The panel discussion did not discuss the damage to US commerce as Castro’s article did, but rather, how to ameliorate a very awkward environment for American businesses when America’s surveillance agencies are discriminating against foreign nationals. On one side, the anti-surveillance panelists argued that international regulations need to be instituted to keep surveillance agencies at bay on an international level. On the other side, it was argued that regulation would be fruitless, hurt American business interests, and harm national security. Although it is unknown if any audience-members changed their minds about the NSA, a strong case can be made that their opinions are slightly more nuanced as a result of this discussion.

Jonathan Berliner is a research fellow at CSPRI. He has studied at Columbia University and The George Washington University’s Elliott School of International Affairs. He is interested in the policy and technical aspects of cryptography, cyber security, and surveillance.