Barton Gellman’s Dark Mirror: Edward Snowden and the American Surveillance State raises important questions about American society and politics. It deals with power over personal information and its implications for control, secrecy, individual rights, and politics on a global scale.
The author starts with Edward Snowden and his revelations of the existence of a global surveillance leviathan, feeding off the main arteries of global communications networks. Gellman was one of three journalists who first received the secret National Security Agency files from Snowden and wrote a series of articles about them for the Washington Post, for which he was awarded the Pulitzer Prize. He describes his encounters with Snowden, the information he provided, and his efforts to verify the files and expand on them.
Dark Mirror expands into a search for a deeper understanding of the surveillance state through the author’s interviews with top Bush and Obama Administration intelligence officials, participation in industry conferences, and research. This is parallel with Gellman’s effort to keep his contacts secret to avoid legal jeopardy, connected with his cooperation with Snowden and publicizing classified information.
The picture that emerges from this book will be unfamiliar to most Americans. Surveillance was pervasive until the Church Committee reforms led to the Foreign Intelligence Surveillance Act of 1978, which restricted spying on U.S. citizens and residents, requiring individual warrants. Outside of the United States, President Reagan’s Executive Order 12333 created a legal framework for foreign surveillance.
Golden Age of Surveillance
The aftermath of September 11, 2001, ushered in a golden age of surveillance. Essentially all restrictions were lifted. President George W. Bush ordered the NSA to disregard the statutory warrant requirement and set up a special unit through Vice President Dick Cheney’s office, which oversaw a mass-surveillance program global in scope. It could legally obtain all account information from Google, Facebook, Yahoo, Microsoft, AOL, Skype, YouTube, Apple, Paltalk, phone companies, and other partners—so-called metadata. It consisted of a listing of calls and emails, their destination, time, and duration.
NSA analysts not only could review account information but also dial in and record live audio, video, chat and file transfer and instantly read keystrokes. The justification was the search for unknown terrorists, as it turned out that much of the world’s communications flow through the United States as the cheapest route and that foreigners often used U.S. email accounts.
Another major program established after 9/11 was the location database for virtually all cellphone users in the world. It tracks and stores the location of every device that places mobile telephone calls, logging each phone’s whereabouts over time. The database, Gellman reports, gathered nearly 5 billion records a day pertaining to the movements of millions of individuals. Intelligence agencies could also buy location data information for cellphones commercially.
The U.S. government also began the bulk collection of electronic address books, which permits contact tracing among large numbers of individuals. The alleged purpose was to find unknown associates of known intelligence targets, especially terrorists.
The global scope of the mass-surveillance program was made possible by the intelligence cooperation between the United States and the “Five Eyes” partners: Great Britain, Canada, Australia, and New Zealand.
Domestic Surveillance
Fourth Amendment protections, suspended after 9/11, were permanently modified through the FISA Amendments Act of 2008 and 2012, which defined the legal authority to wiretap at home. Previously, the government could not search an individual account without a warrant from the Foreign Intelligence Surveillance Court. Each warrant required probable cause to believe that a specific account belonged to an agent of a foreign power. The FISA court performed an individual review before granting warrants.
After 2008, the court would authorize surveillance of an unlimited number of accounts with a single order. This order is defined through rules chosen to define individual accounts to be monitored. Once a year, in a classified session, the Foreign Intelligence Surveillance Court reviews the procedure for target selection and for masking the names of Americans who turned up in the search.
Neither the courts nor Congress know who the targets are, just rules governing selection. This constituted a major shift of legal boundaries, though both the Bush and Obama Administrations presented these amendments as modest legal adjustments, with constitutional protections and judicial review intact.
Intelligence users were forbidden to spy deliberately on U.S. persons, defined as citizens or residents of the United States. Their targets had to qualify as foreign but not in any precise or strict way. The boundaries are fuzzy.
If U.S. persons turned out “incidentally” on foreign circuits, the NSA was obliged to “minimize” their names and “mask” them but not delete them, in case of intelligence dissemination. Minimization is a set of procedures after collection of American communication—rules that restrict access to them and deny government officials permission to misuse data in particular ways. After five years, information is erased but there are several exceptions, such as if there was evidence of a crime or information was believed to hold secret messages that could be solved in the future.
Thus, these limits on surveillance for U.S. persons are rather uncertain and contingent, can be easily overruled, and, as policy, are subject to change by politicians. In addition, there are broad swaths of surveillance in practice that judicial and legislative oversight does not even try to reach.
Artificial Distinctions
While discussing post-2008 intelligence surveillance policy, Gellman raises another key issue: division of intelligence operations between foreign and domestic is very fluid and basically unenforceable because of the global nature of information collection and technology involved. Intelligence agencies collect data in bulk from cloud services, based on foreign soil, which effectively erases the difference between domestic and foreign targets. This is because just as foreign data passes through communications networks on U.S. soil, so the U.S. data often passes through servers that are on foreign soil.
This has important legal implications. Surveillance operations that would be illegal from facilities in the United States are legal when conducted from abroad. They also avoid FISA restrictions, such as which selection criteria are used to analyze intelligence.
Despite this overlap between domestic and foreign intelligence targets, which makes a distinction between them substantially irrelevant, there seems to be no permission to discuss this issue publicly. The only subject of legitimate discussion is on the domestic front. There is no legitimacy in discussing limits on foreign intelligence collection where a lack of boundaries is a given. In practice, however, this also affects U.S. residents directly who are deprived of even weak protections that they are legally entitled to.
Pattern Mapping and Contact Chaining
Intelligence agencies do much more than gather global data on almost all who use electronic devices. They constantly collect it, store it, analyze it, and update it. They use artificial intelligence to find patterns to build up profiles on everyone in their database. They could conduct contact chaining to draw a map of social networks for all their contacts, an analysis of links among friends, friends of friends, acquaintances, and so on. They could track individuals in fine detail by extracting a timeline from the index of individual calls. This info is enriched by metadata and content drawn from other NSA repositories like intercepted emails. Patterns gleaned from call records would identify targets in email and location databases.
Rules for mathematical analysis of data sets were supposed to be the same as for surveillance: U.S. records were supposed to be kept segregated with special permission required for access. This restriction all but disappeared in November 2010 when Attorney General Michael Mukasey approved new and more permissive rules, which allowed NSA staff to calculate social graphs from and through any selector, irrespective of nationality or location.
Thus, U.S. data is not only collected but also analyzed mathematically in the same way all data is. The software builds a profile on everybody in the database.
The difference between foreign and domestic is that analysts do not access U.S. information unless there is a need for it. The author says: “Our dossiers floated formlessly in a classified cloud, precomputed and untouched until someone asked for them.” If a U.S. citizen or resident is arrested or under suspicion, his complete information is instantly available and can be summoned on demand. If analysts want to look at it, they can track individuals in fine detail.
Gellman’s Findings
Gellman ponders whether such an all-encompassing and constant surveillance system is inherently abusive. He quotes Snowden’s point of view: “NSA’s surveillance apparatus could be turned against anyone. There were ‘limited protections’ against abuse, but ‘I tell you from experience that these protections can be stripped away in an instant.’…”
He offers five conclusions:
- The global surveillance state is about global control and the technology that makes it possible but actually it is not effective in finding unknown terrorists, which is its primary purpose. It concentrates on ordinary people.
- Protections of U.S. residents’ rights under the Fourth Amendment are very weak and subject to numerous conditions. It is a question of policy that can be changed at any time. Often rules are bypassed or rewritten with or without notice.
- Considering the current state of technology, a lot of intelligence collection is conducted from abroad and is aimed at global hubs, thus effectively erasing a difference between U.S. residents and foreigners. In practice, American constitutional rights are not respected.
- Gellman points out that national security officials often made misleading statements on these subjects in public and deliberately concealed information from courts and Congress.
- In view of these findings, he concludes the global surveillance state is inherently abusive. Further, any discussion of this issue seems forbidden. Only discussion of domestic surveillance is deemed legitimate but its global reach seems to be beyond questioning, even though Gellman shows this distinction hardly exists.
Political Targeting
In his discussions with Gellman, Snowden is very concerned that the NSA surveillance apparatus could be misused for political ends. A leaker could expose private communications in a devastating electoral attack—an “October surprise.”
Snowden claims that he easily broke into the accounts of top leaders in Congress as well as justices of the Supreme Court, and could leak their emails if he wanted to. Snowden is concerned that emails could be leaked to gain a political advantage. This would have profound implications for U.S. elections and a system of governance.
Gellman’s various interlocutors—then-Director of National Intelligence James Clapper, then-CIA Director John Brennan, and then-FBI Director James Comey, as well as other senior intelligence officials—said they were not concerned about abuse of the system under their leadership.
Their attitude changed with the prospect of the election of Donald Trump as president. Both the author, Gellman, and these intelligence leaders agreed that Trump must not control the national security system and speculated whether he could become a tyrant. Some of the officials signed “NeverTrump” letters, declaring him unfit to be president on the grounds of “reckless attitude toward power” and “flagrant indifference to legal niceties and governing norms.”
But why did they take this attitude towards him? Because Trump in 2016 challenged the permanent bureaucracy and national security Washington establishment, by calling them the deep state? Or because the Obama Administration unleashed the surveillance state against Trump’s campaign and was doing everything possible to cover its tracks and prevent its efforts from becoming public? Gellman puts Trump in the category of abusers of the surveillance system by constantly bringing up charges, such as Trump’s “criminal investigations of his critics at the Justice Department.”
None of them own up to the fact that Trump and his campaign were actually spied upon by the NSA and the FBI. Gellman is the only one who mentions that Trump had accused the deep state of spying on him but concludes that he was just projecting his own intent. They also do not consider Hillary Clinton’s email scandal even though she illegally evaded government-mandated surveillance of the State Department with her own private computer server.
Gellman wrote the book in 2019 and Penguin published it in 2020, so it was already known that the FBI misrepresented its own spying on Trump’s 2016 campaign. The Steele dossier, which was supposed to prove Trump’s collusion with Russia, has also been discredited as disinformation. The investigations that proved that Trump was the victim of the surveillance state are not mentioned in the book.
Instead, Gellman and Obama and Bush intelligence chiefs and their deputies speculate about whether Trump could become a dictator by seizing the reins of the surveillance state and using it against his enemies. Some of them believed that the rules would hold, while others were uncertain what the Trump Administration would do.
NSA general counsel Raj De, who used to work at the Obama White House, trusted norms and institutions and believed that shackling the NSA to prevent abuse made no sense. He said that there is no categorical ability to prevent tyranny.
John Brennan, Obama’s director of central intelligence, was vehemently opposed to Trump and believed the worst of him, attacking him publicly despite his colleagues’ disapproval. James Clapper, Obama’s director of national intelligence, believed that Trump was intent on attacking his opponents.
Troubling Implications
Gellman displays a hard-earned knowledge of the global surveillance state. He raises important and timely issues about its implications for an ostensibly democratic society: whether such a system is inherently abusive. It relentlessly collects personal information on ordinary citizens of virtually all countries, including the United States, but it is not effective against unknown terrorists against whom it was originally intended. Gellman does not consider it, but the surveillance state is also not terribly effective in defending U.S. government systems against Russian and Chinese hackers who have penetrated numerous government databases. There is also always a possibility that the vast NSA databases on most electronic users in the world could be compromised by hackers.
Is it possible that the NSA is concentrating on collecting information on ordinary citizens because they are the low hanging fruit and are easy to spy on, while the real enemies of the United States are much harder to protect against and to catch?
The second key issue, political targeting, is only hinted at by invoking misleading, standard liberal accusations against President Trump, especially now that we know Trump was the political target of the surveillance state. Whether it was spying on his political campaign, unfounded claims of Russian collusion, or leaking the Russian intelligence-derived Steele dossier, the surveillance state tried to destroy the duly elected president of the United States. Therefore, there is a threat in the future of such actions against other political candidates.
Most disturbing are recent accusations of “insurrection,” which are designed to legitimize the use of this vast surveillance system against domestic dissidents. In view of U.S. national security strategy, which emphasizes U.S. geopolitical competition with Russia and China, should not the vast U.S. surveillance apparatus concentrate on this most important struggle, especially now that it seems that cyberwarfare is the main area where this competition is being played out?