The difference between electronic surveillance, spying

The press coverage of Edward Snowden, who leaked classified information about the National Security Agency’s surveillance system to identify and prevent terrorist activities in the United States, has included so many side issues that it is difficult to focus on the real risks and benefits of the program itself.

The first mistake is to believe everything that Snowden, the Booz Allen Hamilton employee who gave the classified information to the press, has claimed. Aside from being able to download classified documents about how parts of the system works – a clear criminal violation of the law and most likely a treasonable offense – his assertion that whenever he wanted he could listen or record any person’s private conversations has been dismissed as technically impossible by those who understand the system.

It has been several years since I retired from The Institute For Defense Analyses, which conducts research for the Defense Department and provides advanced mathematical support for the NSA. Electronic-surveillance technologies have advanced enormously since that time, so I know nothing specific about the classified methods used today. But from unclassified sources and some educated guesses, the overall purpose of the present NSA program can be determined, and it is that purpose that seems to be what most of the general public and the press are confused about.

One of the difficulties in explaining the program is that spying is involved but not in ways that will infringe on innocent people’s privacy. NSA surveillance is not, as it is often described in the media, monitoring communications indiscriminately within the U.S. to detect terrorist plots. Its purpose and primary focus is to detect communications between known or suspected terrorist groups or individuals outside the U.S. and unknown individuals or groups within the U.S. The identity and location of those terrorist groups outside the U.S. have been obtained through the espionage activity (spying) of intelligence organizations from many countries including our own.

Tracing known communication sources from overseas to unknown sources within the U.S. may sound simple, but it is extremely complex because the world’s communication systems are extremely complex. Fiber optics, packet switching, complicated message routing that are not limited to national boundaries prevent links being easily traced. Then add cellphone coverage from many providers with different capabilities and a variety of communication techniques available with the Internet, and the simple search for connections turns into a highly mathematical networking analysis.

Because the locations of possible U.S recipients of overseas terrorist contacts are unknown, a database of as many communication locations within the U.S. as possible is necessary if the search for linkages is to be statistically expeditious. These databases contain only phone numbers or Internet site identifications and time and length of contact. The identity of the users of the phones or other devices or the content of their conversations is not collected. All that the surveillance system is doing at this first step is detecting the probability of a communication link between known and unknown sources.

These databases are so large that only highly mathematical and (to keep the information from terrorists) highly classified algorisms can be used to search for probable connection patterns. Contrary to detractor’s objections, this type of surveillance protects privacy rather than threatens it, by substituting statistical probabilities of a connection in place of clues that would have to be obtained from wiretapping large numbers of actual conversations.

When a high probability of a connection is detected approval is obtained under the Foreign Intelligence Surveillance Act (FISA) to electronically parse conversations on the suspected link by another type of algorithm. These “natural language processing” programs detect words such as “bomb”, “highjack”, “jihad” or “al-Qaida”, and can even tell the difference between ambiguous words like “bomb,” meaning an explosive device, and “bomb” to describe a Broadway play.

After a high probability communication link has been further implicated because key words have been detected, NSA will notify the Federal Bureau of Investigation, which in turn will ask a FISA judge to authorize that agency to listen to people’s conversations on that specific communication link. The probability that a person who is talking to a known terrorist and using words like bomb is actually innocent and may be inappropriately spied upon is vanishingly small.

If I am close in my guesses about how the current surveillance program works, and if our national purpose is to find an effective balance between protection against terrorist attacks and guarding civil liberties, then the NSA surveillance system comes as close to achieving that purpose as one can practically expect. The demands of the American Civil Liberties Union, U.S. Sen. Mark Udall, D-Colo., and others who want to limit the number of U.S. communication sources included in the database available to NSA, makes no statistical or moral sense. Such limitations would immeasurably reduce the power of the algorithms to detect terrorist communication links without providing increased protection of innocent people’s civil liberties.

Garth Buchanan holds a doctorate in applied science and has 35 years of experience in operations research. Reach him at

Most Read in Opinion



Arts & Entertainmentarrow




Call Us

View full site

© The Durango Herald