I have a confession to make: I worked for the phone company.
No, not THAT phone company. And it wasn’t just one, but a few. For years before I hung up my CAT-5 cables for the pleasures of librarianship, I toiled away in the telecom canyons of downtown Los Angeles. I worked as a billing manager, which was a soul-destroying job, but paid my bills as I earned my library science degree.
I’m sure you’ll ask: “LL, what does a billing manager do?” Well, I’m sure glad you asked!
I worked with… METADATA! Swam in it, day in and day out, for 10 years. I became expert at SQL queries. Ask me to search a number and how many calls it made, and my query would have an answer in a few seconds.
Of course, what I couldn’t tell you is to whom that number belonged. I couldn’t tell if it belonged to Ethan Kowalski of Peoria, IL, or Yves Hubbert of the Troisieme Arrondissement. I could tell you there was a call placed from Peoria to Paris, and bill accordingly. But that was about it.
What is this phone metadata of which I speak? Again, glad you asked.
The typical call detail record, or CDR, had these pertinent bits of information:
* Account number, so we knew who to bill
* Leg 1, or originating number
* Leg 2, or destination number. Combining legs 1 and 2 gave us a per minute cost.
* Call duration. That let us combine legs 1 and 2 into a billable structure.
And that was it. The account number was just that, a number. Sure, we knew who it was, but only because we had a separate database with customer information. Someone seeing our CDRs without that knowledge wouldn’t know to whom the account belong.
Legs 1 and 2 were just phone numbers. No identifying features.
And, as I said, I worked for several companies in my telecom career. All had the same basic metadata structure.
So, yes, when I created a bill, I would know whom Ethan Kowalski of Peoria, IL called. But that’s because I had information in a database which was not included in the raw metadata. And as far as I’ve read, all that the NSA had was raw metadata.
The NSA doesn’t know who Ethan Kowalski of Peoria, IL, is from the collected metadata. That information isn’t included. However, it does have knowledge of numbers belonging to Taliban militants in the Swat Valley. And the only time Ethan Kowalski of Peoria, IL would come up on the NSA’s radar is if one of the numbers belonging to that militant in the Swat Valley was linked to his number. The only reason Yves Hubber of Paris, France would come up on the DGSE’s radar was if he made a similar call to the same militant. And for some reason, I don’t have much of a problem with that.
“Don’t tread on my metadata” is a nice slogan for people who have no idea what metadata is. The likes of Glenn Greenwald have made it sound like it’s the keys to the kingdom. It is, at most, an investigative tool, to discern patterns. Any deeper investigation would require—*gasp*—a warrant. (On top of the warrants issued to collect the raw metadata in the first place.) I know, Edward Snowden wants you to think that NSA operatives are running around running wiretaps willy nilly. But, again, none of the document dumps indicate that. One of the companies for which I worked was served with a warrant for CDRs pertaining to one of our clients, which we duly provided. You can say, “Well, that’s not how the NSA works.” To which I reply “Show me the proof; and, no, Snowden is not a reliable source.”
“You’re an Obot,” you’ll say. “You’re an apologist for the police state.” I’m an Obama supporter, so a qualified yes on the first, and no on the second. Because if you think this is a police state, you obviously have never been to one. Yes, any intelligence regime can be abused. But the possibility of abuse doesn’t automatically equate with actual abuse. If you go around thinking that the worst case scenarios are the only plausible ones, you may as well disconnect all your electronic devices.
I’ve described my knowledge of telecom metadata. I’ve actually worked with it. If you’re going to wave it around as a bloody shirt, you should at least know what you’re talking about.