You have to admit, the United States National Security Agency (NSA) has had a really hard time lately. Edward Snowden’s revelations of the heretofore top secret PRISM program keep on coming. Not only is the NSA spying on everyone outside the country, they’re spying on Americans as well. They’ve been undermining the cryptography industry to place back doors in our security technology. Who knows what we’ll find out they’ve been up to next?
Such tawdry revelations of the inner workings of perhaps the most secretive of government agencies suggests the NSA is populated with nefarious spooks, hiding behind trench coats and dark glasses as they surreptitiously poke away at their keyboards in the dark. However, nothing could be further from the truth.
In reality, the intelligence analysts at the NSA are techies much like techies in any other organization—except for the addition of rigorous controls and processes that would put your average architecture review board meeting to shame. First, these analysts must pass the appropriate security clearance checks, which at the top secret level are extensive, onerous, and at times very personal. Then, once they begin work, they only have access to the systems and data that are specific to their assigned task at hand—the “need to know” partitioning principle behind any secret government effort. Finally, there are extensive checks and controls, so if a mischievous analyst got it into his or her head to, say, listen into a spouse’s phone conversation or poke around in some movie star’s email account, they would be caught, punished, and fired.
These analysts are dedicated professionals working under stringent conditions necessary to do their jobs. Yes, there is always the chance of an insider attack – the one bad apple like Edward Snowden who violates his oath for his own purposes. But for every Snowden, there are thousands of professionals who are simply doing their jobs as best they can.
Sympathizing with NSA employees, however, doesn’t mean we have to excuse the NSA’s actions. And if someone at the NSA was actually breaking the law, then we would all be justified to expect that the malefactor would be caught and appropriate justice would be meted out. But in the case of the PRISM scandal, instances of true law breaking are few and far between – if it turns out that any laws were being violated at all.
Our real concern with the NSA, therefore, is primarily focused on the laws that drive as well as constrain the NSA’s activities. After all, you can’t blame someone for doing their job and following the law. So who should we blame if we don’t like what the NSA has been up to?