Before there was Edward Snowden, there was Bill Binney.
Bill Binney was a code breaker, who for almost four decades served the American government as an intelligence officer in both the US Army and the National Security Agency. During the Cold War, he pioneered the study of metadata to reveal Russia’s plans based on the types of messages being sent, not just the encrypted contents. In the '90s, he co-founded a section of the NSA dedicated to automating “signals intelligence” – that is to say, listening in on phone calls and other communications.
An expert mathematician, he used his skills to design and build a powerful wiretapping and analysis tool called ThinThread, which would monitor electronic communications, but would also protect the privacy of the millions of Americans and billions of people around the world who passed through its system. His system, he thought, would be able to detect terrorist attacks before they happen while also protecting civil liberties.
It was cancelled three weeks before 9/11.
It was shortly after this, and when the NSA adopted the more intrusive Trailblazer programme (which collects bulk data) that Binney decided to blow the whistle, and go from being someone deep on the inside of US intelligence gathering, to a vocal critic on the outside.
His story is told in a new documentary, A Good American, and we were lucky enough to get a chance to speak to him about the film and his views on some of the contemporary issues around surveillance.
ThinThread vs Trailblazer
Thanks to Edward Snowden’s revelations in 2013, the world now knows that the NSA’s objective is to hoover up as much of the world’s data as possible so that it can be analysed.
“You can see that they're doing quite well at that because they're building storage facilities now”, Bill points out. “There’s the one at Utah with a million square feet and that was finished in 2013, and now they're building, they started breaking ground for it last summer, a 2.5 million square foot facility in Ft Meade, which is 2-3 times the size of Utah.”
This is a very different approach to Bill’s ThinThread programme. But what exactly were the differences?
He described to me three logical approaches that ThinThread took to analysing data: Deductive, Inductive and Adductive.
“Deductive would be like you're in a social network in close proximity to known bad people. So you'd be looked at to see if you were a part of it or not, that's like a behavioural property”, he explains.
“The inductive approach was putting rules in place, like you are visiting sites advocating paedophilia or advocating violence against the west, jihad, things like that.”
The inductive approach was entirely software driven, with no humans viewing the bulk data – and it would also look for signs like the person is on a satellite phone in the mountains of Afghanistan, or is calling from the rain forests of Peru – which would be a red flag for terrorism or drugs, respectively.
“That doesn't [automatically] mean you fall into what I called the ‘zone of suspicion’, because of your behaviour. It's not just indiscriminate sucking up information of people, but people demonstrating a behaviour that means they need to be looked at to see if they're part of a criminal activity or terrorism or such.
“The adductive approach was more of an abstract approach that simply said if you have a social network [ie: a group of people] that distributes around the world in areas where terrorism a known activity [...] then you need to be looked at as a community totally independent of a deductive direct connection.”
“This has been the lie from the beginning, that you need to give up privacy for security.”
“Again it's a behavioural property of the data that you're sucking in. And looking at. Otherwise, you don't take any content in on anybody. So it simply gives privacy to everybody.”
The data that ThinThread uses is metadata, such as details on who is calling who, rather than the contents of the calls themselves. Bill says that under ThinThread, this would mean that NSA analysts would use the metadata to find “probable cause”, and from that point they can go through the legal process of obtaining a warrant to examine the data more closely. This differs from the current regime which collects data en masse, and doesn’t require a warrant to access all of that data.
“This has been the lie from the beginning, that you need to give up privacy for security, that's been a lie from the beginning”, Bill says.
The film explains how ThinThread was shut down by the US government, just before 9/11 not because of any evaluation of how effective it was, but because of the internal politics of the organisation. Trailblazer was being pitched by major companies – and adopting that solution could make more people happy, the thinking went. Bill then went independent, and tried to sell ThinThread to other government agencies as a private contractor, but was repeatedly shut down by the NSA. This is what finally encouraged him to blow the whistle.
Bill’s argument actually goes further than the fact that the current bulk surveillance regime is draconian; he actually thinks that it is less effective at stopping terrorists than ThinThread.
It’s an argument he advanced here in the UK when he gave evidence to the House of Lords when it was scrutinising the Investigatory Powers Bill – a law that will legitimate bulk surveillance here, and which is on the verge of passing into law.
“Basically the argument goes like they're already buried and the reason they can't stop attacks in advance is because they have too much data to go through, and that's why I said bulk data acquisition kills people.”
In Bill’s view, it appears that you can have too much of a good thing, as it makes it hard to separate the wood from the trees.
“You need to create a rich environment of data, this is the concept that we used for ThinThread back in the 1990s: you needed to have a rich environment of relevant data, that your analysts could look at and figure out threats, see threats coming, [and] be able to be productive in the areas of their interest and analysis. So if you threw a whole bunch of data on everybody else in the planet at them that would simply bury them and you would have the situation you have today. This is why I said in the UK [to the House of Lords] there that bulk data kills people, because what it means is they can't figure out the attack in advance because they've got too much data to sift through. They can't get to it, they can't see it and they attack happens and people die, that's the consequence of this.
“If you can't detect the threat coming, that means the threat is executed, people die, and then you look at the big data. Once you find out who did it, you've got mountains of data on them already, now you can go in and analyse it but it's too late, people are dead.”
9/11 was a case in point. The film points to the since revealed fact that the NSA held data on the hijackers prior to the attacks – but it appears that it was blinded by the sheer volume of all the data it held.
I asked Bill if he thought that new machine-learning techniques, like those we’re seeing in consumer devices and services, could conceivably be used to sift through the data. He reckons it isn’t quite so easy.
“It's OK to do things with individuals because they have a certain pattern”, he explains, “but you put them in a group [...] like a terrorist network... what are they planning on doing? What is the group doing? It's now a group issue, not an individual issue. You're not after what they're interested in what they're looking at on the web you're interested in what they're thinking and what they're planning in their heads – that's a different issue. No one is looking at that now. That's what we were trying to do back in the 1990s.”
His thinking appears to be that ThinThreads’s three-pronged reasoning approach to analysing data could be much more effective than any collecting and sifting through bulk data.
What’s so interesting about Bill is that he has spent most of his career in the intelligence services, so it isn’t as though he has arrived at his opinions from the outside, from considering the ethics of bulk data acquisition as a hypothetical question but as a very real question that he answered day after day. And this made me curious, especially in light of the forthcoming US election. Traditionally in US politics, the Republicans have been perceived as the draconian “national security” party and the Democrats as the hand-wringing alternative. But 2016 could be very different.
Hillary Clinton is well known for her hawkish views on foreign policy and counter-terrorism. In 2002 as Senator from New York, she backed the Iraq War, for instance. Her campaign meanwhile is essentially pitched around more-or-less continuing Obama’s policies. And as for Donald Trump… well, as with everything he’s wildly inconsistent. So given these unusual circumstances, will President Hillary Clinton or President Donald Trump be better for civil liberties?
“Hillary will never change it”, Bill says, referring to the current bulk surveillance regime. “She's in with them. I think she's a warmonger myself. She's the one who advocated the interference in Libya, in Syria she wanted to bomb them and all this other stuff in the Middle East - she was advocating for it. She voted for the Iraq war and all that. She voted for destabilising the area [...] and all its doing is creating perpetual wars, so I have no hope for her at all.
“Certainly the only [plausible civil libertarian candidate] would be Donald Trump, otherwise Bernie Sanders would have been a good choice. But you know the democratic party made sure he didn't make the nomination.”
So that's a vote for Trump then, I asked.
“Well I'm not going to vote for Hillary Clinton, that's for sure”, he laughed.
“I only have one choice really. And we're already trying to influence that, we know people who know him, we're trying to feed him with information to make sure he doesn't buy into all of this bamboozling gobbledygook that the intelligence community throws at a President when they first come in. You know they bamboozle them into thinking they really know something. They're really idiots, I know them all anyway. I know them personally - I know [Director of National Intelligence James] Clapper, I know [General Keith] Alexander, I know [Former NSA Director] Mike McConnell, I know all these people.”
So does Bill think that President Trump could make some big changes to the current surveillance regime?
“Well I think he's starting to say some things in that direction and I hope that that means we're starting to be able to influence what he's doing or thinking. I hope – we had no hope with Hillary, he's the only one we have hope with”, Bill told me.
To be honest, at this point in the interview I was a little taken aback. Speaking to him from London, where everyone is more or less universally terrified at the prospect of a Trump presidency it is hugely surprising to hear praise for Trump. Even if Trump is good on surveillance… how can he possibly weight this compared to all of the terrible things that will happen if Trump becomes President?
“The problem is people don't seem to realise that this particular issue underlies everything. I mean, this is fundamental to everything”, he says. He went on to relate the surveillance issue to the principles upon which America was founded.
“This affects everything, even though people don't realise that, or they don't think about it that way. It affects everything that everybody does”, he warns.
“So this is too fundamental. This is the number one issue for me.”
A Good American opens in the UK on September 23rd. Bill Binney will be appearing in person at both the London Premiere, at 6pm on 17th September at Picturehouse Central and at an additional London Screening at 2pm on 18th September at the Phoenix Cinema.