The Snowden brouhaha about the National Security Agency’s (NSA) PRISM project brought me back to 1991, when faxes, because they could not be directly understood by humans, were the primary mode of communication for enemies of the state. My company, Nestor, was responding to an NSA proposal that involved intercepting and sniffing out the content of faxes using recognition technology.

Our software analyzed legions of intercepted fax images daily and converted them into computer-usable data, which were mined for suspicious content. Developers were unconcerned about preserving the privacy of subjects because they assumed the NSA knew how to choose targets that only involved bad guys—and besides, the eavesdroppers were machines, not people.

In October 1997, the Federal Bureau of Investigation (FBI) launched Operation Carnivore, using software that could read all emails created daily. They claimed that although Carnivore, unlike commercial "sniffers" and other network diagnostic tools used by Internet service providers (ISP) every day, gave the FBI a unique ability to discern communications eligible for lawful interception from those which were not. In 2005, however, after a judicial challenge by the Electronic Frontier Foundation, Carnivore was replaced by NarusInsight, a program developed by Boeing-owned Narus, Inc. Former Deputy NSA Director, William Crowell, sits on the Narus board.

According to Wikipedia, NarusInsight is the industry's only network traffic intelligence system that supports real-time precision targeting, capturing and reconstruction of webmail traffic. However, since most webmail traffic can be HTTPS encrypted, the content of messages can only be monitored with the consent of ISPs.

Later, Nestor developed a neural network program that could monitor and data mine millions of credit card transactions daily to accurately detect fraud from identity theft. The analysis was conducted anonymously, by machine, so no one’s privacy was invaded, and anyway, consumers welcomed the results. Similar neural network-driven, intelligent character recognition (ICR) technology is currently used to scan and route the US Mail.

Consider that the NSA has access to the content and metadata of these databases: 
  • All web-based data and transactions; 
  • All credit-card transactions, including gun purchases; 
  • All mail and packages sent and received by the US Postal Service and commercial carriers; 
  • GPS and cellphone location data; 
  • All military satellite images; 
  • All footage from video surveillance cameras in police vehicles, at bank ATMs, stoplights, elevators, stores and other public places; 
  • Medical and patient data (including gunshot wounds) available from ICR-based processing of HCFA, OASIS and other medical and dental forms;
  • License and registration data from DMVs; 
  • Financial data from FINRA and other bank transactions, including IRS data; 
  • “Black-box” data from modern automobiles; 
  • Liquor, cigarette and medicinal marijuana sales; 
  • Check-in and check-out data from libraries, video stores and DVD vending machines; 
  • Legal data from court filings, registry of deeds, etc.; 
  • And numerous other sources of surveillance and security devices—public, private and hidden.
Bear in mind that to accurately train neural networks, terabytes of data sets, comprising millions of data points derived from computer analyses of real content, must be collected and recorded. Potentially, this could translate into an equal volume of warrantless searches of all of the above sources. You may be able to prevent police from warrantlessly searching your cellphone by password-protecting it, but that password won’t help you one iota when the phone company and the NSA gang up to raid your phone data in cyberspace.

Despite all the talk about the Foreign Intelligence Surveillance Act and other legal safeguards, do we really believe that the NSA, given its mission to safeguard America and armed with unlimited access to virtually any database it wants and God-knows-what-else, can rein itself in and accept congressional limitations that originate from public discourse? A secret agency instinctively reacts to legal limits not by obeying them but by getting more and more secretive about its transgressions.

Asking or requiring an intelligence agency to stop an established data mining practice is like asking a flea-ridden dog to stop scratching where it itches the most. The animal may never get rid of the fleas, but it will never stop scratching, either. Likewise, passing a law against fleas cannot help. So, what of privacy? “You already have zero privacy,” said Scott McNealy, CEO of Sun Microsystems, in 1999. “Get over it!”