Former CIA director Michael Hayden admits that the rogue intelligence agency kills people based on metadata collected unconstitutionally by snooping on US citizens’ smartphones, smart TVs and other internet-enabled devices.
The comment by the former CIA and NSA director was made during a debate at Johns Hopkins University, after Georgetown University Law professor David Cole detailed the kind of information the government can obtain simply by collecting metadata (who you call, when you call them, how long the call lasts, and how often calls between the two parties are made.)
Although NSA apologists often claim such metadata collection is permissible considering the content of the call is not collected, Cole argued that is not the case, since the former general counsel of the NSA, Stewart Baker, has already stated metadata alone is more than enough to reveal vast amounts of an individual’s personal information – and former CIA director Michael Hayden says the agency kills people based off metadata alone.
Writing in the New York Review of Books, Cole elaborated (you can also watch his explanation around the 14 minute mark of the embedded video):
“Of course knowing the content of a call can be crucial to establishing a particular threat. But metadata alone can provide an extremely detailed picture of a person’s most intimate associations and interests, and it’s actually much easier as a technological matter to search huge amounts of metadata than to listen to millions of phone calls. As NSA General Counsel Stewart Baker has said, ‘metadata absolutely tells you everything about somebody’s life. If you have enough metadata, you don’t really need content.’
“When I quoted Baker at a recent debate at Johns Hopkins University, my opponent, General Michael Hayden, former director of the NSA and the CIA, called Baker’s comment ‘absolutely correct,’ and raised him one, asserting, ‘We kill people based on metadata.’”
The former CIA director’s comment is particularly terrifying in light of Vault 7 revelations made by WikiLeaks this week.
The WikiLeaks release of classified CIA documents showcases the tremendous amount of resources that the intelligence agency has put into ensuring that our popular devices, whether they be Android or Apple, have certain back-door vulnerabilities.
While most people have assumed that the government works with major tech companies to notify the company when a vulnerability has been found, this data dump by WikiLeaks implies that the CIA is not only not telling companies about vulnerabilities, but has also been actively pursuing to find and even purchase additional flaws.
“Governments should be safeguarding the digital privacy and security of their citizens, but these alleged actions by the CIA do just the opposite. Weaponising everyday products such as TVs and smartphones – and failing to disclose vulnerabilities to manufacturers – is dangerous and short-sighted.” said Craig Fagan, policy director for the World Wide Web Foundation, speaking to the BBC.
The problem, of course, is what happens when bad actors exploit vulnerability flaws? The initial release of Vault 7 (Year One) seems to represent a playbook of sorts. That playbook is now out of the proverbial locker room.
“Those vulnerabilities will be exploited not just by our security agencies, but by hackers and governments around the world. Patching security holes immediately, not stockpiling them, is the best way to make everyone’s digital life safer,” said Ben Wizner, director of the American Civil Liberties Union’s Speech, Privacy, and Technology Project, speaking to The New York Times.
While companies like Apple are already claiming that they have patched the CIA-created holes revealed by WikiLeaks, it is our faith that our tech products are secure that may be more difficult to fix, not to mention our trust that the CIA is protecting American citizens, and not working against their interests by creating the Big Brother totalitarian society eerily outlined in George Orwell’s 1984.