The Panopticon Economy: NSA San Antonio Data Mining Facility 2008:
Surrounded by barbwire fencing, the anonymous yet massive building on West
Military Drive near San Antonio’s Loop 410 freeway looms mysteriously
with no identifying signs of any kind. Surveillance is tight, with security
cameras surrounding the under-construction building. Readers are advised
not to take any photos unless you care to be detained for at least a 45-minute
interrogation by the National Security Agency, as this reporter was.
There’s a strangely blurry line during such an interrogation. After
viewing the five photos I’d taken of the NSA’s new Texas Cryptology
Center, the NSA officer asked if I would delete them. When I asked if he
was ordering me to do so, he said no; he was asking as a personal favor.
I declined and was eventually released.
America’s top spy agency has taken over the former Sony microchip plant
and is transforming it into a new data-mining headquarters — oddly
positioned directly across the street from a 24-hour Walmart — where
billions of electronic communications will be sifted in the agency’s
mission to identify terrorist threats.
“No longer able to store all the intercepted phone calls and e-mail
in its secret city, the agency has now built a new data warehouse in San
Antonio, Texas,” writes author James Bamford in the Shadow Factory,
his third book about the NSA. “Costing, with renovations, upwards of
$130 million, the 470,000-square-foot facility will be almost the size of
the Alamodome. Considering how much data can now be squeezed onto a small
flash drive, the new NSA building may eventually be able to hold all the
information in the world.”
Bamford’s book focuses on the NSA’s transformation since 9/11,
with the impetus for the new facility being a direct ramification of those
attacks. At the time, the NSA had only about 7 percent of its facilities
outside the Washington D.C./Baltimore area. But the realization that additional
attacks could virtually wipe out the agency catalyzed a regional expansion.
[See “Secret Agency Man,” November 5, 2008.]
The new facility is a potential boon to the local economy since it’s
reportedly going to employ around 1,500 people, but questions remain about
whether there will be adequate oversight to prevent civil-rights violations
like Uncle Sam’s recent notorious warrantless wiretapping program. The
NSA would suggest the facility’s ability to sort through surveillance
data is one of America’s top defenses against terrorist threats, but
the NSA’s presence comes with concerns that abuse of its secretive power
could see the agency become akin to the “Thought Police” of 1984,
George Orwell’s classic novel depicting the nightmare of a total
surveillance society — and all for nothing. Even as the facility is
completed, a new government-backed report has concluded that data surveillance
is an ineffective method for identifying potential terrorists or preventing
So just what will be going on inside the NSA’s new San Antonio facility?
Bamford describes former NSA Director Mike Hayden’s goals for the
data-mining center as knowing “exactly what Americans were doing day
by day, hour by hour, and second by second. He wanted to know where they
shopped, what they bought, what movies they saw, what books they read, the
toll booths they went through, the plane tickets they purchased, the hotels
they stayed in… In other words, Total Information Awareness, the same
Orwellian concept that John Poindexter had tried to develop while working
for the Pentagon’s [Defense Advanced Research Projects Agency].”
Bamford writes about how NSA and Microsoft had both been eyeing San Antonio
for years because it has the cheapest electricity in Texas, and the state
has its own power grid, making it less vulnerable to power outages on the
national grid. He notes that it seemed the NSA wanted assurance Microsoft
would be here, too, before making a final commitment, due to the advantages
of “having their miners virtually next door to the mother lode of data
centers.” The new NSA facility is just a few miles from Microsoft’s
data center of the same size. Bamford says that under current law, NSA could
gain access to Microsoft’s stored data without even a warrant, but merely
a fiber-optic cable.
“What the Microsoft people will have will be just storage of a lot of
the email that is being sent. They keep this email — I don’t know
why — and there should be some legislation saying how long it should
be kept,” said Bamford in a phone interview last week. “The post
office doesn’t keep copies of our letters when we mail letters; why
should the telecom companies or the internet providers keep copies of our
email? It doesn’t make sense to me. But there’s no legislation.
So they need a place to store it, and that’s where they’re storing
all this stuff.” (Microsoft did not return a call for comment before
press deadline.) ...
NSA’s new facility also gives the agency easy access to UTSA’s
Institute for Cyber Security and the school’s Center for Infrastructure
Assurance and Security. The ICS was founded in 2007 with a $3.5-million grant
from the Texas Emerging Technology Fund to continue efforts to protect American
communities against cyber-attacks, with the CIAS — a think tank launched
in 2001 — being rolled into the ICS. All of this led U.S. Representative
Ciro Rodriguez (D-San Antonio) to declare San Antonio “the center of
cybersecurity, in the country and the world.”
ICS Founding Executive Director Ravi Sandhu acknowledges some synergy between
the NSA presence in San Antonio and UTSA’s cybersecurity work.
“Cybersecurity in the public domain has largely been about defense,
but there’s certainly an attack component to it. To some degree, the
U.S. Department of Defense and intelligence agencies are now starting to
talk about the attack component in the public domain,” says Sandhu.
Sandhu says UTSA’s cybersecurity students are recruited by many of San
Antonio’s local employers and doesn’t doubt that NSA is one of
them. “Recruiting is one end … but it’s an attractive thing
for NSA employees [too]. They can further their education — they can
do degrees part-time, they can do advanced degrees … so there are advantages
beyond direct recruitment of NSA students.”
Does automated data mining even work?
While the opening of the NSA’s massive new data center heightens existing
civil-rights concerns, a new report from the National Research Council questions
whether such data-mining is even effective. Sponsored by the Department of
Homeland Security and the National Science Foundation and released in October
of this year, the report suggests that pattern-based data-mining is not even
a viable way to identify terrorists.
The 352-page study —“Protecting Individual Privacy in the Struggle
Against Terrorists” — concludes that identification of terrorists
through automated data-mining “is neither feasible as an objective nor
desirable as a goal of technology development efforts.” It also says
inevitable false positives will result in “ordinary, law-abiding citizens
and businesses” being erroneously flagged as suspects.
“Actions such as arrest, search, or denial of rights should never be
taken solely on the basis of an automated data-mining result,” says
the report. The question, then, is how rigorously will human analysts vet
such information before alleged leads are pursued, and who has oversight
of the process?
“Part of the problem is … jurisdiction over national-security issues
is very divided in Congress. You have the Homeland Security committee, the
Justice committee, but, of course, you also have some basic issues —
government oversight, appropriations,” says Professor Fred Cate, the
NRC committee member who wrote most of the report and who serves as director
of Indiana University’s Center for Applied Cybersecurity Research. “So
I think in some ways one of the issues is the need for a more streamlined
oversight system so that somebody takes responsibility for it.”