Civil Liberties Main Topic Privacy

The NSA’s Co-Traveler Program: Guilt by Proximity

During the last five months, we’ve learned about a lot of previously-undisclosed NSA surveillance programs. To be perfectly honest, there have been so many that I have a hard time remembering them all. There’s been PRISM, X-Keyscore, and Boundless Informant. Stellar wind, Tempora, and BULLRUN . And earlier ones, like BLARNEY, Ragtime, and Pinwhale. A few days ago, the Washington Post added another program to this list: Co-Traveler.

In June, we learned that the NSA was vacuuming up massive amounts of phone records from major telecommunications providers. Now, we know that the NSA is vacuuming up massive amounts of cell phone location data as well. How does this work? In order to route calls to your phone, your cellular provider needs to know what tower your phone is closest to. In other words, you cellular provider needs to know something about your current location. Your cell phone assists in this process by “pinging” nearby cell towers every few minutes. The ping itself is fairly harmless — something akin to “hello, I’m here”. But over time, these pings create a map of where you were, when you were there, and who you were with. The more cell towers there are, the more accurately “pings” depict your location.

Co-Traveler takes this one step further. Once you have everyone’s location history, you can start to do comparisons, and find groups of people that were frequently in the same place at the same time. These groups are the Co-travelers.

The Washington Post put together a nice illustration of the kinds of analysis that co-traveler does. Note who the Co-traveler is: someone who happens to be on the same bus as the “target”. Co-traveler goes well beyond guilt by association; it is a program based on guilt by proximity.

The NSA’s responses to this disclosure were somewhat predictable:

The NSA says its collection is lawful.

I hate to say this, but I’ve heard this response so many times that it’s starting to sound like Richard Nixon saying “I am not a crook”.

The NSA does not target Americans’ location data by design, but the agency acquires a substantial amount of information on the whereabouts of domestic cellphones “incidentally”.

In other words, the NSA doesn’t want to surveil us, but we just happened to be in the wrong place at the wrong time. After all, what’s a little collateral damage among friends? Unfortunately “the wrong place” has come to mean “anywhere on planet near a computer network” and “the wrong time” has come to mean “now, or in the foreseeable future”.

My favorite quote of the article was this:

Like encryption and anonymity tools online, which are used by dissidents, journalists and terrorists alike, security-minded behavior – using disposable cellphones and switching them on only long enough to make brief calls – marks a user for special scrutiny.

In other words, the NSA is going to give “preferential treatment” to anyone who doesn’t like what the NSA is doing, and is willing to change their behavior as a result.

I’ve read many of the leaked NSA documents, and I’ve noticed a trajectory to their programs.

  • The NSA’s domestic surveillance programs started shortly after the September 11th attack on the world trade center. Initially, they involved a small number of people, a few dozen servers, and a very narrow mission scope.
  • Over time, the programs have expanded significantly, both in size, and in scope; it’s been a case of mission creep on steriods. The NSA (repeatedly) claims that they are necessary to protect us from “terrorism”.
  • The expansion of government surveillance implies that we are all suspected terrorists, and quite frankly, deserve to be treated as such. Communities of color have put up with this kind of unfair targeting for decades, and it sucks. Now, the idea has gone completely mainstream, and it still sucks.

The NSA — this agency that claims to be protecting us from “terrorists” — has become huge, unmanageable, and until recently almost impenetrable. Any time that the NSA is faced with transparency, they immediately cry “Classified” and “National Security”. They are an agency determined to avoid public scrutiny at all costs, because they are terribly frightened by the prospect of scrutiny by the public.

If you enjoyed this post, please consider leaving a comment or subscribing to the RSS feed to have future articles delivered to your feed reader.