Skip to content

Bruce Schneier – It’s Time to Break Up the NSA


Broadly speaking, three types of NSA surveillance programs were exposed by the documents released by Edward Snowden. And while the media tends to lump them together, understanding their differences is critical to understanding how to divide up the NSA’s missions.

The first is targeted surveillance.

This is best illustrated by the work of the NSA’s Tailored Access Operations (TAO) group, including its catalog of hardware and software “implants” designed to be surreptitiously installed onto the enemy’s computers. This sort of thing represents the best of the NSA and is exactly what we want it to do. That the United States has these capabilities, as scary as they might be, is cause for gratification.

The second is bulk surveillance, the NSA’s collection of everything it can obtain on every communications channel to which it can get access. This includes things such as the NSA’s bulk collection of call records, location data, e-mail messages and text messages.

This is where the NSA overreaches: collecting data on innocent Americans either incidentally or deliberately, and data on foreign citizens indiscriminately. It doesn’t make us any safer, and it is liable to be abused. Even the director of national intelligence, James Clapper, acknowledged that the collection and storage of data was kept a secret for too long.

The third is the deliberate sabotaging of security. The primary example we have of this is the NSA’s BULLRUN program, which tries to “insert vulnerabilities into commercial encryption systems, IT systems, networks and endpoint communication devices.” This is the worst of the NSA’s excesses, because it destroys our trust in the Internet, weakens the security all of us rely on and makes us more vulnerable to attackers worldwide.

That’s the three: good, bad, very bad. Reorganizing the U.S. intelligence apparatus so it concentrates on our enemies requires breaking up the NSA along those functions.

First, TAO and its targeted surveillance mission should be moved under the control of U.S. Cyber Command, and Cyber Command should be completely separated from the NSA. Actively attacking enemy networks is an offensive military operation, and should be part of an offensive military unit.

Whatever rules of engagement Cyber Command operates under should apply equally to active operations such as sabotaging the Natanz nuclear enrichment facility in Iran and hacking a Belgian telephone company. If we’re going to attack the infrastructure of a foreign nation, let it be a clear military operation.

Second, all surveillance of Americans should be moved to the FBI.

The FBI is charged with counterterrorism in the United States, and it needs to play that role. Any operations focused against U.S. citizens need to be subject to U.S. law, and the FBI is the best place to apply that law. That the NSA can, in the view of many, do an end-run around congressional oversight, legal due process and domestic laws is an affront to our Constitution and a danger to our society. The NSA’s mission should be focused outside the United States—for real, not just for show.

And third, the remainder of the NSA needs to be rebalanced so COMSEC (communications security) has priority over SIGINT (signals intelligence). Instead of working to deliberately weaken security for everyone, the NSA should work to improve security for everyone.

  1. Unfortunately breaking up the NSA wouldn’t be a solution, as it’s not exactly a monolithic entity that Schneier and most the digital rights movement perceive it to be. Same applies with GCHQ and suchlike. Within those organisations there are numerous departments headed by people with different agendas, and poitical views differ vastly among personnel. Even some high up within the NSA have turned whistleblower against constitutional violations, Thomas Drake and William Binney being just two high-profile examples.

    Most the domestic spying (and malicious hacking) is instigated by the politicians and policy makers, not the NSA itself, and the reason is simple: Numerous other countries are engaging in electronic espionage, and the politicians want/need to demonstrate that same prowess. It’s immature dick waving on a global scale, basically.


    • The NSA under Alexander has a very East German mentality.

      He wiretapped Merkel, who grew up under the Stasi – hence I think we can label Alexander a nut job. Merkel is not a terrorist.

      So Schneier may have the right idea, it’s time to call for the break up of the NSA. They’re out of control, because of the Generals who lead them.


      • They dont spy on people because they think they are terrorists. It is mostly used for industrial/political reasons. Noone thinks merkel is a terrorist…


      • Hi changemyview,
        Merkel shouldn’t have been spied on at all, she’s an ally of both the UK and the US. The mentality of General Alexander is to dragnet all communication. This is “police state” mentality – from the Director who leads the NSA. Therefore the NSA has been corrupted by it’s leadership. Schneier makes a good point – break the NSA into smaller and less powerful units.
        I also agree with your point on industrial surveillance. The CIA laughed when they stole data from European defence companies… they called it “leveling the playing field”. In just one contract, the EU lost a six Billion dollar defence contract. It went to a US company after CIA intervention. So yes, most definitely the data is being stolen for industrial espionage – that works for US corporations and against Europe. Europe needs the jobs. We need the employment those contracts created. That’s another very valid reason to stop NSA surveillance…. in order to protect European jobs.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: