Former NSA man pulls no punches on rights of governments

Stewart Baker is forthright and aggressive in his defence of data-gathering

Stewart Baker is a cheerfully unapologetic apologist for the US's National Security Agency (NSA). It makes sense that he would be, as he was general counsel for the NSA 20 years ago.

Baker was also the first assistant secretary for policy – with an incredibly broad brief – in the newly constituted Department of Homeland Security when it was set up by the then US president George W Bush in 2005.

For anyone who sees themselves as a privacy advocate, who admires whistleblower Edward Snowden or who thinks the NSA shouldn't really be snooping around in quite as much communications data as it currently does – if you believe the documents released by Snowden, Baker has a few issues with those – then talking to Baker might seem anathema.

However he's an engaging and articulate advocate for a point of view that isn't exactly popular at the moment, especially in Europe and perhaps least of all in the middle of the gigantic technology scrum of the Dublin Web Summit. Many of the companies forced to hand over data through programmes like Prism have booths or feature on the speaker list.


Baker himself was on a centre stage panel last Tuesday in a debate on whether privacy was a right. Speaking in an interview the day before, he says he thinks not.

“Privacy is infinitely malleable,” he says, and asking such a question “would provide the wrong answer. [The answer] would have to be contextual, especially when you elevate [privacy] to the level of a human right.”

Which he clearly does not. It was US justice Louis Brandeis who first argued for the concept of a right to privacy in the 1890s, he says, and what Brandeis was worked up about was the intrusive nature of a newfangled technology called the Kodak camera.

“What has happened is we’ve all moved on,” he says. If the concept of a right to privacy had been frozen in the 1890s opinion, we would never have progressed into the technology-filled, social-media obsessed, internet-connected world we live in now.

To put it another way, we’d have “a world where everyone is a potential lawbreaker, which sounds like a very French world, to me”.

In his Homeland Security role, Baker – who has gone back, as he has regularly through his career, to his role as partner in the Washington office of law firm Steptoe & Johnson – regularly argued with European officials about security issues and does not exactly hold many of them or their governments in high esteem.

“We can’t undo the technology, he says. “We want the technology.” Most of us are happy to share lots of information using it. Criminals and terrorists use it too so he says we should obviously give surveillance and law enforcement agencies access to whatever data they feel they need.

No place to hide

Privacy laws, rather than protecting against the risk of government abuse, actually enable it, because privacy laws end up protecting the powerful, such as oppressive governments, according to Baker.

The focus should not be on blocking access to information but “preventing abuse. The irony to my mind is that the NSA was pioneering new ways of protecting privacy, and those ways are now caricatured as fig leaves.”

The same technologies used to gather data can also be used “to ensure that those who gather it have no place to hide”. Every access or attempt at access can be recorded, giving greater protection against surreptitious moves, he says.

He’s been outspoken in decrying the document releases by Snowden and the journalists who worked with him, but would he at least credit Snowden with having opened up a public debate that needed to happen?

Baker is having none of it. “He didn’t want to start a debate. He wanted to win a debate,” he says. He is also deeply annoyed because he says documents were released in a misleading way to obscure the wider context of NSA surveillance.

For example, he says that information about the NSA gathering huge amounts communications data from some telecommunications companies was released, creating an uproar. Only later was a document released that showed that the NSA had to go through established legal channels to actually access it.

“Lots of data is gathered, but very little is searched,” he says.

European position

Arguments that greater transparency is needed for surveillance programmes are ridiculous, he says, because then they become ineffective; they need to be secret. And there’s plenty of oversight built into the existing system.

He also says Americans simply do not care whether US security agencies were spying on European or other leaders. “There’s almost no one in the US who thinks there’s a scandal about spying on heads of state,” he says.

One annoying irony for Baker is how increasingly little Europeans spend on contributing to national or international security, leaving the US to carry the can whenever global problems arise.

The US, in such cases, “may be difficult to love, but it’s useful to have them around”.

He also dismisses “convenient” European beliefs about the US having weaker privacy protections compared to the EU.

That mostly relates to private sector use of personal data, he says. European law is far less protective of personal privacy when it comes to what their own governments can access, because there are few data protections built into EU national law.

"Germany will just give it to [security agencies]," he says, adding that citizens in Italy or the Netherlands are 150 times more likely to be wiretapped than Americans.

As for data retention – the gathering of citizens’ communications data which has been done for years under the EU’s data retention directive but which was recently overturned on human rights and privacy grounds by the European Court of Justice – he has a single, short and sharp observation.

“We don’t have a debate around data retention [in the US] because we couldn’t pass a data retention law.”

That is probably true. But perhaps what remains unsaid is the fact that US communications companies gather such data themselves and retain it for many years – well beyond the EU limit of two years – forming a useful pool to which law enforcement and surveillance agencies have been able to go with warrants.

That’s really just a minor aside in Baker’s championing of the bigger security picture, which he strongly feels overrides other concerns.

But doesn’t asking technology companies to provide secret access “backdoors” in their technologies – which Baker successfully argued for when in Homeland Security – and to leave exploitable weaknesses in the internet’s overall structure actually increase the risk of cybercrime and cyberterrorism?

“It seems [to me] that capturing some of the most loathsome criminals and denying them a safe haven is a payoff for the very modest additional risk that comes with that access.”

Aggressive approach

Nor is the US government interested in serving as a source of information for industrial espionage, as is sometimes suspected.

The idea is ridiculous, he says, arguing that companies would have to create whole costly divisions to do this effectively and then somehow manage to keep it secret as well.

Baker says he has been willing to jump in and out of his main job at Steptoe & Johnson over the years because of a commitment to public service. Why does he think he keeps getting asked back to do such jobs?

“I tend to be pretty aggressive about trying to accomplish things in government,” he says.

Baker is equally aggressive in his viewpoints and in his defence of them.

And even if you do not agree with almost any of them, it is surprisingly refreshing to hear that perspective from someone ready to speak to such convictions.