Bulk collection prepared for another public smack in the face last Thursday as William Binney gave evidence to the joint committee on the Draft Investigatory Powers Bill. Binney, a whistle-blower and former technical director of the NSA, declared that not only was bulk collection an infringement of privacy, but was not an effective way of combatting crime or terrorism.
The much maligned bill would legitimise, among other things, the bulk collection of communications that GCHQ already carries out on a daily basis. It was at this point that Binney took square aim. The former whistle-blower told the joint parliamentary committee: “The end result is so much bulk data that analysts can't figure out what they have.”
Aside from the privacy concerns Binney told the committee that he felt that analysts couldn't actually process the data that would be collected on a daily basis: “It takes data to figure things out but you have to be selective in it. The selected targeted way gives you a rich environment to figure out which attacks are going to happen. If you put all the bulk data in it, people can't see it. That's the problem they have today, that's the problem we've always had."
Pressing him on that point, Lord Strasburger, a Liberal Democrat Lord asked if there was a good operational case for bulk interception. Again, Binney replied: “My short answer is no, and the reason is again, in each of those cases you're capturing so much data.”
If analysts, for example, use a word search to find intercepted communications relevant to a terrorism or paedophilia cases, “you get so many matches, its like getting a Google return.” The difference would be, while you might get several million hits for one particular Google return, there would be several million new hits for a search on a database full of regularly updated communications. This means, said Binney, that, “those analysts can't get through it. That means they fail to see the threats. The end result is dysfunctionality of the analyst”. Which in turn means a failure to analyse data properly, a failure to stop any attacks and ultimately, a failure to save lives.
Often, the folly of bulk collection is only realised after that fact. French security services are only now starting to find people, said Binney, because they'd dumped bulk collection and started using targeted collection, which Binney defined as, “using the ability to look into the data which we currently have. Then giving it sets of targets to look at and defining zones of suspicion around it that will manage all that data input so that now you get that smart rich environment for analysts to look at.”
Peter Foster, the Bishop of Chester asked Binney why exactly he thought the UK and GCHQ had taken such a similar approach to the NSA. Binney placed the blame squarely on the contractors who built Prism, the NSA's bulk collection programme: “There was an awful lot of money behind the scenes which contractors wanted to feed on. So they were lobbying for this approach because it cost so much more money.” Binney called the relationship between the NSA and their contractors 'incestuous' with former NSA employees constantly moving through a revolving door which keeps the governments' and contractors' interests aligned. He went so far as to accuse these two bodies of, “trading the security of the people of the United States and of the free world for money.”
Implicit in that is also the fact that bulk collection simply costs more than targeted collection for, at least in Binney's view, poorer results.
Binney worked at the NSA for more than 30 years, working primarily as a cryptanalyst and eventually ascending to the position of technical director at the agency. Binney turned whistle-blower over the War on Terror surveillance programmes carried out under the Bush/Cheney administration which he described as, "better than anything that the KGB, the Stasi, or the Gestapo and SS ever had".