Just because something is legal doesn’t necessarily make it a good thing. So far, legality is the main rationale US officials have used to defend the government’s PRISM spying program. It’s all perfectly legal, approved by Congress and the courts. But a more potent argument might be to compare PRISM with the spying programs of other countries. Compared to the data-mining that goes on elsewhere, US intelligence agencies may be relatively constrained.
Start with Canada, which many consider to be a cuddlier, saner version of the US. The Globe and Mail reports today that the Canadian defense minister approved a plan similar to PRISM back in 2005, and renewed it in 2011. Run by the Communications Security Establishment Canada (CSEC), a signals intelligence agency similar to the US’s NSA or Britain’s Government Communication Headquarters (GCHQ), the program collects metadata from phone and internet communication.
Like PRISM, CSEC’s primary targets are said to be foreigners. But what makes the Canadian effort somewhat more sinister is that it was instituted through the executive branch of government without legislative approval. According to the Globe and Mail, “a regime of ministerial directives—decrees not scrutinized by Parliament—have authorized the broad surveillance programs.” At least PRISM won the approval of Congress, however clueless the legislature may be about the details.
Then there is Italy. According to Italian lawyer Fulvio Sazrana (link in Italian), a law passed earlier this year by the outgoing Mario Monti government also skipped over court orders and other legal approvals. Instead, Monti issued a directive laying down guidelines for the protection of cybernetics and national cyber security. In so many words, the directive gives government agencies what the French call “carte blanche” to raid private data banks in the name of “internet security.” There will be no Italian equivalent of Twitter, which does not participate in PRISM.
In India, internet service providers are “insisting upon Indian users’ privacy to be protected from any such misadventure of any intelligence departments.” Meanwhile, India’s government is setting up a vast surveillance system with the express purpose of spying on its citizens, something the NSA has been at pains to say it does not do. For instance, the government’s Central Monitoring System gives it access to all telecom traffic, including calls, text messages and mobile internet. According to the Hindu newspaper, another proposed “national cyber coordination cell” plans to:
Collect, integrate and scan [internet] traffic data from different gateway routers of major ISPs at a centralised location for analysis, international gateway traffic and domestic traffic will be aggregated separately … The NCCC will facilitate real-time assessment of cyber security threats in the country and generate actionable reports/alerts for proactive actions by the concerned agencies.
India’s external intelligence agency, the armed forces, and even the local defense research establishment, among others, will have access. It is debatable whether India, Canada or Italy’s data-acquisition and data-mining technology are as powerful as that of the NSA. But when they are, these countries will already have laws and systems in place to abuse them.
Many countries have surveillance systems. But the laws surrounding some of them make the US look like a bastion of freedom. That’s a depressing thought.