Reason Magazine

The Pinpoint Search

How super-accurate surveillance technology threatens our privacy

Julian Sanchez from the January 2007 issue

(Page 2 of 4)

In its most intrusive form, an MMW scanner can reveal a rough nude image of its subjects. The models being deployed for most security purposes get around that problem by projecting any objects the scanner detects on a generic virtual mannequin.

Less intrusive is the BIS-WDS Prime, a security camera created by the Florida-based firm Brijot Imaging Systems. Unveiled last spring, the camera pinpoints weapons and suspicious objects at a range of up to 45 feet by comparing hidden objects picked up by its millimeter wave sensor to a database of weapon shapes. The detection process, Brijot claims, takes less than half a second, and the higher-end models will display up to 20 threats simultaneously. (The camera was field tested this summer at New York’s Port Authority Bus Terminal and at New Jersey PATH train stations.)

If a search technology based on shape matching still seems a bit low-tech, consider Pulsed Fast Neutron Analysis, which can reveal the molecular composition of a load of cargo without opening its vehicle. In the summer of 2004, U.S. Customs and Border Protection began testing a $10 million, car wash­–sized prototype facility at the Ysleta border crossing near El Paso, Texas. It bombards vehicles with high-energy neutrons, which excite the nuclei of atoms, causing the contents to emit gamma rays. Since different elements emit gamma rays at different energy levels, the scanner can infer the chemical structure of the cargo’s contents, distinguishing plastic explosives from Play-Doh and table sugar from Colombian White.

Googling for Contraband

In 1996 Michael Adler offered a hypothetical question in The Yale Law Journal. Adler imagined a computer worm or virus that could quickly and unobtrusively scan thousands of computer hard drives simultaneously, looking for evidence of illicit files—classified documents, say, or pirated software or child pornography. Would this count as a “search” for Fourth Amendment purposes?

This remained a hypothetical question until 2001, when someone released that worm. Called Noped, the crude Visual Basic Script program would infect PCs by way of an email attachment and (after mailing itself out to everyone in the infected user’s address book) scan for images with file names that its author considered suggestive of kiddie porn. If it found a match, it would email law enforcement a list of its findings.

A file name match is too thin a reed on which to hang an investigation, but better technologies can pinpoint specific files on a hard drive. By running a large file through a cryptographic algorithm, it’s possible to generate a much shorter unique string of letters and numbers (or close enough to unique for any practical purpose) called a hash value, which can quickly determine whether two files are identical. The National Drug Intelligence Center’s Hashkeeper database already contains the hash values of both common commercial software programs and known images of illicit child pornography, making it easy for a trained technician to discern whether a hard drive contains a copy of a particular file.

Orin Kerr, a law professor at George Washington University, literally wrote the book on government searches of computer data: the 2001 Justice Department manual Searching and Seizing Computers and Obtaining Electronic Evidence in Criminal Investigations. Kerr says sweeping viral searches would run afoul of existing wiretap laws, which raise more stringent barriers to “unauthorized access” than is imposed by the current judicial interpretation of the Fourth Amendment. Yet he says it’s far less clear how the courts would treat digital searches that take place in the course of authorized searches for other material.

Imagine, for example, that a police technician has lawful physical access to a server containing thousands of users’ files. He’s supposed to be looking for evidence of tax fraud in a specific suspect’s documents. Even though the warrant specifies only that user, will it count as an additional “search” if the officer runs a search program on the entire server, designed to alert him only when it locates known child porn? If there’s “no reasonable expectation of privacy” when it comes to possessing narcotics, wouldn’t the same rule apply to child pornography?

Government investigators may have already caught up with the legal theorists’ hypotheticals—searching not for kiddie porn but for terrorist plots. Consider the controversial surveillance carried out by the hyper-clandestine National Security Agency (NSA) following the attacks of September 11, 2001. The first program to be revealed, in December 2005, involved conventional wiretapping, but further leaks hinted that far more sweeping surveillance might be taking place. Voice and text recognition software might be sifting through millions of communications in search of target words or phrases that raised red flags for investigators.

The NSA fired Russell Tice, an intelligence analyst at the agency, in May 2005; he now says he wants to tell Congress about NSA surveillance programs he believes are illegal. While Tice won’t discuss specific programs, he notes that the technology exists to filter data and voice traffic on a mass scale, flagging communications where target words or phrases—jihad, say, or the names of known terrorists—are used. With the help of linguistic consultants, he says, intelligence agencies can even zero in on particular accents or speech patterns.

Privacy mavens have long whispered of a program called ECHELON, a massive signals intelligence network rumored to have been developed as a Cold War espionage tool. It supposedly used batteries of high-powered computers, called “dictionaries,” to scan voice and data communications for suspicious phrases. While the NSA has never confirmed that ECHELON is real, a 2001 report by the European Parliament concluded that “the existence of a global system for intercepting communications…is no longer in doubt.”

In a January 2006 speech at the National Press Club, in which he called ECHELON an “urban legend,” former NSA head and current CIA chief Gen. Michael V. Hayden asserted that the NSA’s warrantless wiretap program, exposed by The New York Times in late 2005, “is not a driftnet…grabbing conversations that we then sort out by these alleged keyword searches or data-mining tools or other devices.…This is targeted and focused.” But reports from insiders continue to hint at something far more expansive.

A February Washington Post piece described a tiered computer filtering system that initially swept up hundreds of thousands of communications, using increasingly intrusive techniques to winnow the pool down to a far smaller number subject to human examination. In April the Electronic Frontier Foundation disclosed that a former AT&T technician, Mark Klein, had come forward with tales of a “secret room” his erstwhile employer had built at the NSA’s behest, in which vast amounts of data were scrutinized by a “semantic traffic analyzer.”

And in May USA Today revealed that the NSA had created a database compiling information about the calling patterns of millions of Americans. If such analysis was really limited to information about the calls—who phoned whom, when, and for how long—current Supreme Court precedent would not classify the interception as a “search.” Less certain, however, is the status of intercepts using ECHELON-style “dictionaries” to probe the contents of some voice and data communications for target words or phrases. “If this approach was used, and hundreds of thousands if not millions of communications were processed in that manner,” says Tice, “the argument could be made, well, if a machine was doing the looking and the sucking in, it doesn’t matter because that’s not monitoring until a human looks at it.” Writing in The New Republic last February, Richard A. Posner, a judge on the U.S. Court of Appeals for the 7th Circuit, made exactly that argument, suggesting that automated searches do not violate the law “because a computer program is not a sentient being.”