Saturday, June 15, 2013

Flaws in the PRISM

The PRISM project is flawed.  This short thought experiment will highlight the flaws.
Let's say that "your guy" wins the next election and becomes president.  Your guy is wise beyond his years, cares for the people, and has all of the right policies to really fix up this country.  In four years your guy will be up for re-election against some "bad guy" from the other side.  This bad guy is particularly loathsome because he is both corrupt to the core and an idiot who can't tie his own shoes. 
Your guy has an ace up his sleeve for the re-election race, and he needs to decide whether or not to play it.  He could order someone in the NSA to use PRISM to spy on the bad guy's campaign--listen to their phone calls, read their emails, and intercept their plans.  This would allow your guy to always be one step ahead of the bad guy in the campaign.  Your guy would be prepared for everything that the bad guy could throw at him.  And your guy could know which questions the bad guy isn't prepared for.  It might not be decisive, but it would be a tremendous advantage. 
Your guy might not play that ace, because he holds to a moral code.  But the bad guy doesn't hold to a moral code.  If the bad guy wins, then he will have no restraint because he is already corrupt and immoral--and he might not even be smart enough to understand the moral arguments against this abuse of power.  The bad guy will certainly use the power of PRISM to keep himself and his cronies in power indefinitely. 
Your guy knows that if the bad guy ever gets a hold of PRISM the country will be lost.  There will be an unending chain of bad guys winning all of the major elections.  The irrational and corrupt policies of those bad guys will destroy this country.  So perhaps your guy will play that ace in order to keep PRISM out of the hands of those bad guys.
It might not be this election or the next election, but eventually someone will succumb to this argument and play that card.  It might not be the president.  It might be a worker bee who finds some plausible pretext to focus PRISM on their political adversaries--allegations of illegal campaign funding on the other side, allegations of vote tampering on the other side, etc.

Your guy doesn't necessarily have to PRISM the opposing candidate directly.  He could PRISM the press, the pollsters, the think-tanks and party stooges, or even campaign contributors.  A few well-placed FBI investigations could freeze soft-money contributions into the PACs, and dramatically shift the balance of war chests in an election.

This is the very definition of the phrase "power corrupts".

The fundamental flaws with PRISM are
  • It gives the incumbent party too much power over the next election
  • It has no transparency, so we cannot ever find out about the abuses of power
Nuclear weapons don't have this problem, because the incumbent cannot use nuclear weapons against his political opponent.  Politicians have used the FBI and IRS to attack their political opponents, but those abuses come to light and get tried in the court of public opinion (at minimum.)  After the Snowden betrayal you had better believe that there will be no whistle-blowers coming out of PRISM telling us about the abuses of PRISM power.

PRISM is too large of a threat to the democratic process to be allowed to exist in its current form.  It must be scaled down.  There must be checks and balances installed.  There must be external oversight and delayed transparency.

For instance:
  • There must be a court order for each investigation
  • The court(s) issuing these orders must be as independent as possible from the administration
  • Each court order can be sealed for a period of time, but must be unsealed after a period of months
  • There must be a data destruction policy built into PRISM to enforce a statute of limitations
  • There must be a secure process for whistle-blowers inside of PRISM to expose abuses
  • There must be a public ongoing vetting process for PRISM workers to keep political stooges out of the system
Those are just initial ideas.  We need to stop assuming that we can trust the politicians to operate this tool.  We have to get involved.  We have to demand to see the data on the successes and abuses, in order to find out if PRISM really is stopping terrorist attacks or if it is just a giant defense contractor boondoggle.

I propose that we need to insist an independent citizens' board conduct a thorough investigation of PRISM and publish findings and recommendations.  This board should have 5-7 people:
  • Technology people who will understand what they are seeing
  • An even number of Democrats and Republicans, with the odd seat filled by an Independent
  • No one who has ever run for election, worked in a political campaign, or worked for an elected politician or political party