The recently revealed mass collection of phone records and other communications by the U.S. National Security Agency may not be effective in preventing terrorism, according to some critics.
The data collection programs, as revealed by former NSA contractor Edward Snowden, is giving government agencies information overload, critics said during the Computers, Freedom and Privacy Conference in Washington, D.C.
"In knowing a lot about a lot of different people [the data collection] is great for that," said Mike German, a former U.S. Federal Bureau of Investigation special agent whose policy counsel for national security at the American Civil Liberties Union. "In actually finding the very few bad actors that are out there, not so good."
The mass collection of data from innocent people "won't tell you how guilty people act," German added. The problem with catching terrorism suspects has never been the inability to collect information, but to analyze the "oceans" of information collected, he said.
Mass data collection is "like trying to look for needles by building bigger haystacks," added Wendy Grossman, a freelance technology writer who helped organize the conference.
But Timothy Edgar, a former civil liberties watchdog in the Obama White House and at the Office of Director of National Intelligence, partly defended the NSA collection programs, noting that U.S. intelligence officials attribute the surveillance programs with preventing more than 50 terrorist actions. Some critics have disputed those assertions.
Edgar criticized President Barack Obama's administration for keeping the NSA programs secret. He also said it was "ridiculous" for Obama to suggest that U.S. residents shouldn't be concerned about privacy because the NSA is collecting phone metadata and not the content of phone calls. Information about who people call and when they call is sensitive, he said.
But Edgar, now a visiting fellow at the Watson Institute for International Studies at Brown University, also said that Congress, the Foreign Intelligence Surveillance Court and internal auditors provide some oversight of the data collection programs, with more checks on data collection in place in the U.S. than in many other countries. Analysts can query the phone records database only if they see a connection to terrorism, he said.
The U.S. has some safeguards that are "meaningful and substantive, although I'm sure many in this room ... and maybe even me, if I think about it long enough, might think they're not good enough," Edgar said.
While German noted that the NSA has reported multiple instances of unauthorized access by employees to the antiterrorism databases, Edgar defended the self-reporting. "It's an indication of a compliance system that's actually meaningful and working," he said. "If you had a compliance system that said there was no violation, there were never any mistakes, there was never any improper targeting that took place ... that would an indication of a compliance regime that was completely meaningless."
Sign up for Computerworld eNewsletters.