They have no idea what he took and how much, because their internal logging systems are non-existent (on purpose) - but you shouldn't worry about any NSA abuses or other loss of data, because they have "strict oversight".
Even though I am sympathetic to Showden for his disclosures of gov't surveillance of American citizens and others, the scope, complexity, and execution of operation leaves many questions unanswered.
National security officials (both Republicans and Dems) are quoted in the piece that they believe that Showden operation was an espionage heist.
From the article:
"On June 10, 2013, Sen. Dianne Feinstein (D., Calif.), the head of the Senate Intelligence Committee, described Mr. Snowden’s theft of documents as “an act of treason.” A former member of President Obama’s cabinet went even further, suggesting to me off the record in March this year that there are only three possible explanations for the Snowden heist: 1) It was a Russian espionage operation; 2) It was a Chinese espionage operation, or 3) It was a joint Sino-Russian operation."
So on one hand we have people like the head of the Senate Intelligence Committee and Obama officials who are neck deep in intelligence work, and on the other we have feel-gooders like BoingBoing, who really don't know what's going on, and who might never ever find out what really happened, because it could be classified for ages.
This doesn't pass the smell test. Feinstein has a bad track record on these kinds of issues. Her statements made about whistleblowers do not properly consider the good along with the bad; her NSA reform bill expanded spying powers.
If Snowden stole documents at the behest of either the Russians or Chinese, he was not the first to do so recently, nor will he be the last.
As I recall, Gen. Alexander or one of the top intel agency officials made a statement last year dismissing concern that Snowden might have leaked info to the Russians or Chinese, saying that he would expect those powers already had other moles.
Cui bono? Who benefits? We don't know what other documents Snowden might have taken, if he took any, that he didn't hand over to Greenwald and Poitras. From what's been published, however, it seems very unlikely that the Chinese or Russians have gained much from the information leaked. That said, it is possible that it was a very clever Russian, Chinese, or Russian-Chinese operation designed to egg the U.S. intelligence community and cast U.S. technological primacy under a cloud. The counterargument is that since all published information has been filtered by journalists who are not (presumably) Chinese or Russian agents, such a psychological or propaganda operation by the Russians or Chinese would have unpredictable and muted results.
What doesn't pass the smell test is how a single individual like Snowden was able to hack so many passwords, load so much stuff, contact Greenwald, transfer the stuff out, successfully evade and eventually escape.
To me it smells like a sophisticated op, organized by an intelligence agency.
It's been publicly stated that Snowden got fellow sysadmins to give him their passwords. Is your theory that they're all Chinese or Russian agents, too? Or that this is a face-saving false claim by the NSA?
He was in Hong Kong by the time the NSA knew something was wrong. There was no evasion necessary.
Contacting Greenwald would have ordinarily been detected? Wouldn't that imply that NSA contractors' personal communications are monitored? Source? It's not like he contacted journalists directly. He was using lavabit or something like it, so positively identifying a metadata link between Snowden and Greenwald would have required the NSA to hack or NSL whatever email service he was using. If there's automated metadata linkage from traffic analysis, they might have had a weak correlation between Snowden's web traffic to e.g. lavabit and an outgoing email from lavabit to Greenwald. I'm sure that's something the NSA will be looking at in the future, because it's right up their alley and something they probably could have done better.
You're presuming the NSA has far better internal computer security measures than anyone else does (insider espionage is a pervasive problem in every industry). I don't see any reason to think that it did. There's a trade-off: the better the security, the harder it is to get anything done and the higher that drives computer and network admin costs. Much of the security in classified operations is gained through issuing clearances and relying on social cohesion ("I'm cool; I've got a clearance and work for the NSA, and my friends are here; violating classification rules would get me kicked out.") and punishment ("Violating classification rules could mean prison."). Then there's physical security: keeping those without proper clearance away from data they are not allowed to access. The rest is fuzzy. A classified system/network has some monitoring and auditing, but it's not a magic bullet particularly against savvy sysadmins. Audit records are an information glut. You have to have some idea of you're looking for in order to find it.
The entire basis of the "Snowden is a Russian spy" hypothesis hinges on "OMG, Snowden is in Russia right now" but ignores the fact that the entire reason Snowden is in Russia is entirely due to the actions of the US State department.
Snowden's original plan was to fly from Hong Kong to Cuba via Russia and then eventually seek asylum in a Latin American country. The US failed to pressure Hong Kong but successfully pressured Cuba which is why he got stuck in Russia. This is such an unlikely series of events that no sane person would use it as a basis for a plan.
On top of all the other absurdities of Epstein's piece, the biggest hole in the theory to me is that if Snowden was a spy for anybody, why would he have chosen to reveal his identity in Hong Kong? It makes no sense for any plausible goal he was trying to accomplish.
She is the head of the Senate Intelligence Committee.
This is no small matter. She was chosen there by her colleagues, other senators, and it is a very serious position. This is probably the most serious committee in all of Senate.
"I’m not as convinced as a lot of people are that man-made climate change is the threat they think it is. I think it is probably not as immediate as some people do. [...] What is the real threat? What are the economic impacts of those threats? And what are the economic impacts of those remedies? Some of the remedies are more expensive to our economy than the threat may turn out to be." -Rep. Chris Stewart (R-UT), climate science denier
I'm far more concerned by the/my impression that the public seems to have accepted total surveillance as "the new normal". It seems like Snowden's work has resulted in the vetting of mass surveillance.
I wonder whether this could be a manufactured opinion to an extent?
I mean, we now know that online forums are subverted and socially engineered to keep 'bad opinions' down.
Add to that the still persisting mass media with known effects - and I slowly start to think of the internet as being very much part of the 'mass media', too.
For example, I noticed a lot of articles in newspapers being written by journalists that have agendas that diverge completely from the opinions of the people commenting on an article. The next step, I'd guess, is to 'properly' police these comments....
Free-market-oriented economists since Milton Friedman have strongly criticized the efficiency of democracy. They base this on the argument that voters are irrational, among other things. Their criticism towards democracy is that voters are highly uninformed about many political issues, especially relating to economics, and have a strong bias about the few issues on which they are fairly knowledgeable.
No more is this point evidenced than on news forums regarding current events. There is every possibility that the journalists diverge from the masses because the masses are incorrect.
If I had a $ for every forum commenter that talked about the oil in Afghanistan I would be richer than Peter Thiel.
I'm far more concerned by the/my impression that the public seems to have accepted total surveillance as "the new normal".
A lot of this is also a political / legal question; has the public ever been deeply interested in privacy questions? My (naive?) guess is no, but the judicial branch has historically done an okay job of representing the public interest, and giant scandals (like Nixon) have moved legislators.
Pretty soon some part of the system is going to catch on that everyone else is as subtly creeped out by all this shit as they are, and the military industrial complex will have to surrender some of its tentacles.
Bear in mind that "the new normal" as a qualifier for the current state of affairs, at least in the US, goes back to Dick Cheney and 9/11. I don't know that Snowden changed that many minds, outside of this particular bubble. Mostly, people are more upset with the minor annoyances of the TSA that discovering the government can read their emails.
The two questions that must be asked about this are:
Are all documents created equal? Is one document a multi-page report containing detailed information, or is it a brief memorandum about something trivial? How much of these documents is boilerplate such as daily summaries that will repeat the same information as long as it's relevant? If I grab someone's mbox is that one document, or a collection of emails that each count as one document?
Of course none of that matters if there the number is entirely fictional. But there is still the second question, does it matter how many documents were leaked? Would your opinion of Snowden change if the number were different? If you defend him, is there an upper limit after which revealing the information is no longer justified? If you think he's a traitor, is there a small enough number that you would not object to?
I don't think it matters. The writers probably don't think so either and are thus using it not to add information to their articles but because sounds better. A person learning about this for the first time will see "1.7 million" and think either "Wow, that's a lot!" or "This reporter did a good job." A person writing "Snowden is reported to have stolen an unknown number of documents," will raise the question of who it is unknown to. The reader may think the reporter didn't do enough research. Or doubt the NSA's account of what happened. Adding an irrelevant statistic makes the article more believable. And the more specific the statistic the better. Would the effect be the same if it were "2 million", or the more cautious "over 1 million"?
I bet media analysts have studied click rates and know just what kind of meaningless statistics can be added to an article to increase readership. This is what happens when success in journalism is measured by page views.
You can't infer anything about his motives from the number of files he took. It's just good sysadmin instinct to backup everything, encrypt it, and then sort it out later. Disk space is cheap and it's better to have too much than be missing something important.
It also often takes less effort to take more data simply because it requires no additional thinking or typing to exclude things.
I don't think this would have been nearly as much of an issue if the reporters had been up front about how much had been given to them. Pick a metric - documents/files/pages/slides/whatever, and stick to it. As it played out, it went from Snowden saying "I carefully evaluated every single document I disclosed" in his interview last June, to Greenwald saying the total count was 9-10k in July, then 15-20k in August, then the NY Times saying that the Guardian gave them 50k Snowden docs in September [1].
I'm curious why they won't give a definitive number - I'm assuming that they're trying to avoid accusations that he just scraped as much as he could and took it out of the country without properly evaluating the documents.
And also I'd be wary of setting MLK as a golden standard- I'd say his image is very whitewashed, and very much used in ways that he himself would have opposed (ie: all the kids who are obliquely taught that he "fixed" racism)
Ellsberg is far from a household name, particularly outside the USA. 'That guy who did the Pentagon Papers' carries no resonance at all, people don't even know what the Pentagon Papers were (outside the USA).
Most British whistleblowers wrong-footed themselves with 9/11 or decided they were Jesus, they didn't need the media to make fools of them. I don't think that what's his name again? will make this mistake. However, there is a 'now what?' aspect to the story, there is no uprising from the masses, marches on Washington or anything troubling for the authorities.
In some ways Snowden has helped formalise the spying arrangements, it is now just a fact of life like having CCTV everywhere. The social contract has just been clarified.
Also, Snowden did one act, albeit a lot of planning and hard work went into it. He is not recognised as a writer or a public speaker (yet). His babysitting arrangements mean he cannot flourish that way to easily.
At the very least, he's going to be at least as well regarded as some combination of Deep Throat and Daniel Ellsberg. He might actually end up as the Rachel Carson of the issue.
There's an outside chance he could be the John Brown.
There are a few axes of comparison: effectiveness of his action, and "goodness" of his motivation. They're not completely orthogonal, but if he turns out to have been an (unwitting?) SVR asset, or if a big terrorist incident happens which includes comsec/opsec derived from the Snowden leaks, he's probably doomed on both. But I don't think that's likely.
I think you forgot to include one axis that Snowden fails to compete with the Rev. Dr. MLK; length of sustained actions in the face of extreme risk to life and liberty. Rev. Dr. King's legacy is also buttressed by his writings in addition to his actions, Snowden has yet to pen something as eloquent as "Letter from a Birmingham Jail."[^1]
Addendum: I just saw the mention of John Brown. I tried to tip toe around the issue originally but with Brown's name being mentioned it is the elephant in the room. Hopefully Snowden will not join John Brown or Rev. Dr. King among the list of those that died in the service of social action.
[^1]: If he does pen something like Letter from a Birmingham jail I hope he leaves instructions with his lawyer/estate to not be fascists about enforcing copyright protections on the work.
Being non-anonymous is a point in favor of Snowden being remembered (DT did a lot more than Ellsberg but...), although being in limbo in Russia really isn't helping.
Another interesting question is timing. If Snowden had happened in December 2002 (so, no elections, and the programs well underway), he probably wouldn't have the level of support we have today. Before the Iraq War, there was certainly a lot more support of the GWoT among even "reasonable" people. I remember launching an anonymous remailer late on 9/11 or 9/12 and it really seemed like the end for people caring about privacy. If MLK had happened much earlier, it probably would have been a lot more difficult for him, too.
With Snowden, I think we're a bit late (in time for the elections of 2008 or 2012 would have been great; the financial collapse might have been a necessary precondition for distrust of institutions though) -- a decade more on the same trajectory would have been a lot worse, and IMO probably irreversible.
