Law enforcement vs Police State
In the past, the FBI attempted to modernize their investigatory tools with Carnivore computer software to monitor emails, which is analogous to wiretapping. And it has been charged that the US Army's Able Danger data mining efforts before 9/11 could have prevented that horror, as well as the attack on the USS Cole, had there not been as much a privacy stigma on using such potentially powerful technologies.
The federal government's response to 9/11 has led it to more aggressive investigatory practices. There was LibraryGate, AT&TGate and now SWIFTGate, where the Treasury Department and the CIA have been examining international bank transactions that traverse the SWIFT network, which is the world's largest financial communication network run by a consortium of international financial institutions.
The news stories (notably here and here) about the government getting access to these international bank transactions does not trouble me. Not only do I not believe in the inevitability of slippery slopes, but the fact that major news agencies are once again braying like donkeys and circling like vultures at this latest "violation" of privacy rights has got my ire.
According to the New York Times,
The program, however, is a significant departure from typical practice in how the government acquires Americans' financial records. Treasury officials did not seek individual court-approved warrants or subpoenas to examine specific transactions, instead relying on broad administrative subpoenas for millions of records from the cooperative, known as Swift.
Being a bank employee of many years who is required to regularly review my obligations under the Bank Secrecy Act of 1970 and the US PATRIOT Act of 2001, I take exception to this misrepresentation of facts.
The collection and reporting of data on large cash deposits, withdrawals and wire transfers (in excess of $10,000) is routine and mandatory among US banks (pdf files from the Office of the Comptroller of the Currency at the Treasury Department, here and here). The purpose of such reporting is to ferret out money laundering by organized crime. This is a legitimate law enforcement activity. So is catching terrorists and their financiers.
The $10,000 threshold is the only requirement necessary to trigger an investigation. In fact, banks and their employees are required to fill out Suspicious Activity Reports (SAR) for lesser amounts where there is reasonable suspicion that the transaction is not kosher. Even a bank employee living beyond ones' means qualifies as a red flag. And this data collection does not even require the ubiquitous "administrative subpoena" mentioned in both articles, nor is the bank or its employees permitted to reveal to the target of the SAR that a report is being made. That the government desires similar access to SWIFT international transactions does not surprise nor alarm me.
The real question is, when does law enforcement activities become precursors to a police state? In these recent invasion of privacy "scandals", it seems the defining issue is not the violation of privacy per se, but the potential invasive scope of these technologies. Wiretapping (a new technology for the 20th century law enforcement community) was inherently singular. Putting in one wiretap did not expose millions to surveillance. Data mining, email packet sniffing, etc opens the flood gates as the discrimination between discrete targets and mass collection blurs in cyber-virtuality. The digitization of telephony has opened similar barn doors in recent years. Even in this latest expose, SARs are likewise singular; one SAR manually filled out for one bank transaction.
That there is a potential danger to privacy, and that public policy needs to catch up with technology, I do not dispute. But in every outrage, there has been little, if any, actual abuse reported. We need a more rational and measured response.
Or so the Democrats keep saying.
I just don't get the knee-jerk, batten-down-the-hatches hysterical Luddite hype.