Snowden’s hope, he continued, is that the disclosure will force five distinct civic bodies—the public, the technologist community, the U.S. courts, Congress and the Executive Branch—to reconsider the path ahead. “The President,” Snowden wrote, “could plausibly use the mandate of public knowledge to both reform these programs to reasonable standards and direct the NSA to focus its tremendous power toward developing new global technical standards that enforce robust end-to-end security, ensuring that not only are we not improperly surveilling individuals but that other governments aren’t either.”
As for the technologists like him, it is important that they know as well what is being done, so they can invent new ways to protect citizens. “There is a technical solution to every political problem,” Snowden argued. One of the NSA programs he revealed, called Bullrun, described a $250 million annual effort to engage with “the U.S. and foreign IT industries to covertly influence and/or overtly leverage their commercial products’ designs,” providing the spies a back door to encrypted communications. Though the law-enforcement purpose of such an effort is clear, as terrorists and foreign powers experiment with encryption, Snowden believes private citizens also have a right to create unbreakable encryption software. “In general, if you agree with the First Amendment principles, you agree with encryption. It’s just code,” he wrote in an e-mail to Time. “Arguing against encryption would be analogous to arguing against hidden meanings in paintings or poetry.”
America In the Dark
The NSA, for its part, has always prided itself on being different from the intelligence services of authoritarian regimes, and it has long collected far less information on Americans than it could. The programs Snowden revealed in U.S. surveillance agencies, at least since the 1970s, are subject to a strict, regularly audited system of checks and balances and a complex set of rules that restrict the circumstances under which the data gathered on Americans can be reviewed. As a general rule, a court order is still expected to review the content of American phone calls and e-mail messages. Unclassified talking points sent home with NSA employees for Thanksgiving put it this way: “The NSA performs its mission the right way—lawful, compliant and in a way that protects civil liberties and privacy.” Indeed, none of the Snowden disclosures published to date have revealed any ongoing programs that clearly violate current law, at least in a way that any court has so far identified. Parts of all three branches of government had been briefed and had given their approval.
But the court rulings and briefing books that undergird the surveillance programs have long been so highly classified and technically complex that they remained opaque to the public. Snowden believed that the standard for review needed to be different, with transparent public debate and open court proceedings. In the tradition of other national-security whistle-blowers, who have played a role in the messy American system of checks and balances by leaking the Pentagon Papers and the details of President George W. Bush’s warrantless wiretapping program, Snowden decided he had an individual obligation to defy his government and his own contractual obligations. “What we recoil most strongly against is not that such surveillance can theoretically occur,” he wrote to Time, “but that it was done without a majority of society even being aware it was possible.”
At the time Snowden went public, the American people had not just been kept in the dark; they had actively been misled about the actions of their government. The provision of the 2001 Patriot Act that allowed for the collection of American phone records, for instance, was publicly described as analogous to a grand jury subpoena by the Department of Justice, suggesting individual secret warrants. But secret interpretations told a different story. “Tell me if you’ve ever seen a grand jury subpoena that allowed the government on an ongoing basis to collect the records of millions of ordinary Americans,” said Oregon Senator Ron Wyden, a longtime critic of the programs, in a recent speech.
In a 2012 speech, NSA director Alexander said, “We don’t hold data on U.S. citizens,” a statement he apparently justified with an unusual definition of the word hold. Months later, National Intelligence Director James Clapper told Congress in an open session that the NSA did not “collect” any type of data on millions of Americans. After the Snowden documents were leaked, Clapper apologized for his “clearly erroneous” answer, saying he was only giving the “least untruthful” response possible in an unclassified setting. “When someone says ‘collection’ to me, that has a specific meaning, which may have a different meaning to him,” Clapper said.
Intelligence officials have now been forced to join the public debate, and Obama has authorized the declassification of thousands of pages of documents. Nonetheless, current and former government officials say the way Snowden went about leaking his documents and the documents he selected will cause clear harm to his country’s legitimate interests. “We have seen, in response to the Snowden leaks, al-Qaeda and affiliated groups seeking to change their tactics,” warned Matthew Olson, director of the National Counterterrorism Center, in July. Snowden has maintained that he did not download information that would put other intelligence officials in danger or give up sources and specific methods to foreign rivals of the U.S. But his disclosures were also not limited to revealing the mass surveillance of otherwise innocent civilian populations.
While in Hong Kong, Snowden gave an interview and documents to the South China Morning Post describing NSA spying on Chinese universities, a disclosure that frustrated American attempts to embarrass China into reducing its industrial-espionage efforts against U.S. firms. A story that showed up in Der Spiegel, using Snowden documents, showed how British spies working with the U.S. used fake LinkedIn accounts to install malware on the computers of foreign telecom providers. Other stories have given details on NSA spying operations on traditional surveillance targets like diplomatic delegations at international summits. And many of the most controversial disclosures in the Snowden documents concern not mass surveillance but the targeting of foreign leaders. “They’re being put out in a way that does the maximum damage to NSA and our nation,” says Alexander. “And it’s hurting our industry.”
American technology and telecommunications companies, some of which have long histories of cooperating with the NSA, have also suffered as a result, and they are scrambling to increase encryption of their systems and assure foreign customers of their commitment to privacy. A December paper by eight U.S. technology giants, including Apple, Facebook and Google, called on the U.S. government to end to “bulk data collection of Internet communications” and “limit surveillance to specific, known users for lawful purposes.” In India, government officials may soon be barred from using e-mail with servers located in the U.S., and recent estimates say the risk to American firms in the emerging marketplace for cloud computing could reach $180 billion. In a recent earnings call, Robert Lloyd—president of development for Cisco Systems, a provider of Internet hardware—said the revelations were already affecting overseas sales. “It’s certainly causing people to stop and then rethink decisions, and that is, I think, reflected in our results,” he said.