Do you want a technocracy?

Open letter from security experts and technocrats to NSA Review Group

47 technocrats and security experts, along with the Electronic Frontier Foundation and the Center for Democracy & Technology, have published an open letter to the NSA Review Group. The ratio of the signatories is quite plausible: If the self-appointed goal of a 'review group' is to investigate to what extent the technical measures of the NSA protect civil rights, then at least one of the group should have the necessary technical expertise. This is unfortunately not the case. The NSA Review Group consists of the following people:

There is some criticism of the composition of this group of experts, which Barack Obama claims is "independent" and "external" (in relation to the intelligence services). The Director of National Intelligence, who founded the group at Obama's behest, defined the aim of the investigation as follows:

The Review Group will assess whether, in light of advancements in communications technologies, the United States employs its technical collection capabilities in a manner that optimally protects our national security and advances our foreign policy while appropriately accounting for other policy considerations, such as the risk of unauthorized disclosure and our need to maintain the public trust.

Regardless of the fact that the expert group is neither external nor independent, it is above all unable to assess the implemented measures from a technical perspective. However, this has been of enormous importance since it became known that the NSA is actively breaking and compromising encryption procedures and influencing the NIST standardization procedures. This group of experts cannot judge any of that. Not even remotely. Hence the open letter.

The Review Group must have deep, competent technical expertise. You must also have access to granular technical details to do this work and you must be able to properly situate the technical reality you find behind the veil of secrecy surrounding the surveillance programs. You must recognize that current NSA surveillance activities make everyone less secure and call into question the extent to which human rights translate into the online environment.

The letter ends with 6 questions that the NSA Review Group should ask the NSA.

  1. How exactly does the NSA get private SSL keys from X.509 certificates?
  2. How is the efficiency, accuracy, compliance, and utility of the programs reviewed?
  3. How is the collected data stored and who has access to this data and under what conditions?
  4. What are sample records that are being collected or compiled for each active NSA program?
  5. What exactly is recorded by upstream, based on which identifiers?
  6. How exactly is a distinction made between citizens and foreigners?

Would you like more critical reporting?

Our work at netzpolitik.org is financed almost exclusively by voluntary donations from our readers. With an editorial staff of currently 15 people, this enables us to journalistically work on many important topics and debates in a digital society. With your support, we can clarify even more, conduct investigative research much more often, provide more background information - and defend even more fundamental digital rights!

You too can support our work now with yours Donation.

About the author

jpkleinhans

Business IT specialist and sociologist. 2013 intern at netzpolitik.org. With the new responsibility foundation since 2014. Interested in a lot. Works primarily on intelligence control, protection of privacy, transparency, net neutrality and frequency policy. Tweets far too seldom. (@JPKleinhans)
Published 07/10/2013 at 5:07 pm