The word “metadata” has been permeating the airwaves, blogosphere and print media lately in light of recent revelations about the federal government’s monitoring of certain information related to communications by US citizens. Many observers, including Oregon Senator Wyden, strenuously object to certain US programs monitoring telecommunications by and between law-abiding US citizens. In defense of the monitoring program, the Obama administration has carefully explained that the information being collected and analyzed is merely “metadata” rather than the content of any particular communication. To know whether we should be reassured by this assurance, one needs to understand the concept of “metadata.”
By definition, “metadata” means “data about data.” By itself, the definition is not very illuminating. However, the concept is not too difficult when one is given some examples. In the case of the NSA’s “monitoring of phone calls,” the distinction would be this: the “data” of a phone call is the content of the call itself. That is, the content of an actual conversation. In contrast, “metadata” of a phone call would not include the content of an actual conversation, but rather would include information such as: (i) from where the call originated; (ii) to whom the call was placed; and (iii) the duration of the call. Hence, the Obama administration is assuring US citizens that the contents of their conversations are not being monitored, but rather metadata about those conversations are being collected and analyzed.
Do we feel better now? Well maybe. Usually intrusions upon our privacy, of any degree, need to be justified by some benefit. The benefit obtained by the NSA’s ability to collect and analyze mountains of metadata about US phone traffic is purportedly one of national security. Using sophisticated mathematical analyses, the NSA apparently is able to sift out from the roar of “normal” background telephonic communications certain “suspicious” communications, which gives it an opportunity to further investigate such communications, subject to due process of law, for terrorist activities.
Do we feel better now? Well maybe. The ability to analyze metadata may well provide national security interests with powerful terrorism-fighting tools. However, the fact that this activity has been conducted without the express knowledge and consent of the American public gives rise to a certain uneasiness. What is being analyzed? How is it being used? How have we benefited? The Obama administration has assured us that we have benefited by virtue of thwarted terrorist activities. And perhaps it reasonably could be surmised that the relative lack of terrorist activity on US soil arises from something other than our status as the most respected, trusted and beloved nation on the planet. Still, how would we know? In addition, it would take a relatively naive person (with a very short memory) not be understand that our government is capable of using personal data — metadata or otherwise — for political purposes.
Now that the metadata-cat is out of the bag, President Obama has welcomed a public debate on the issue of what data we are willing to have collected about us, and the benefits we expect in exchange for those incursions on our privacy. I am confident he is genuine about this call for discourse, but how can we have a meaningful discussion without all of the facts? And how can we be given all of the facts without undermining the efficacy of whatever intelligence strategies we deploy? I suspect this conundrum is what kept the NSA’s monitoring programs secret in the first place.
I suggest that the use of metadata analysis is right on target for balancing privacy interests against national security and law enforcement interests. Metadata analyses offer an opportunity to evaluate relevant information without necessarily breaching anonymity or privacy. What is “off target” is the lack of accountability that arises when a vast sea of personal information held by third parties can be queried without our knowledge and consent. As discussed in the opening blog in “The IDfra Concept” section of this blogsite, we do not need to accept this paradigm anymore given today’s technologies. Rather, we can creatively use the selective and voluntary disclosure of metadata for national security applications, law enforcement applications, and virtually any other governmental or business application requiring the disclosure of personal information. One can only hope that consideration of this “outside of the box” option is not lost in a sea of rhetoric about the need to balance privacy and national security interests.