We modeled the Cybersecurity Canon after the Baseball or Rock & Roll Hall-of-Fame, except for cybersecurity books. We have more than 25 books on the initial candidate list, but we are soliciting help from the cybersecurity community to increase the number to be much more than that. Please write a review and nominate your favorite.
The Cybersecurity Canon is a real thing for our community. We have designed it so that you can directly participate in the process. Please do so! (Note: The views expressed herein by members of the Cybersecurity Canon committee do not represent the views of Palo Alto Networks.)
Book Review by Canon Committee Member, Ben Rothke: American Spies: Modern Surveillance, Why You Should Care, and What to Do About It, (Cambridge University Press, ISBN 1107103231, 2017 by Jennifer Stisa Granick.
Executive Summary
This important book is an indictment of the U.S intelligence agencies (the author terms American Spies) which, she positions, have used overly aggressive and often unconstitutional surveillance methods. The book’s central opinion is that post-9/11, government surveillance has gone through the roof, while the rights of innocent private citizens have not been fully considered. Whether you agree or disagree with that statement, or fall somewhere in between, Granick’s discussion will prompt some deep thinking.
Review
In American Spies: Modern Surveillance, Why You Should Care, and What to Do About It author Jennifer Stisa Granick has written a well-researched expose of perceived privacy abuses by U.S intelligence agencies. Her conclusion is that the massive surveillance by U.S. intelligence agencies ultimately have had little to no effect in preventing terrorist activity.
Two years before 9/11, a documented al Qaeda terrorist named Ahmed Ressam was arrested by US customs agent Diana Dean as Ressam was acting hinky when trying to enter from Canada. What Dean achieved with that single arrest didn’t cost hundreds of billions of dollars or violate the Constitution, Granick argues. And it’s that story that encapsulates this book: good ol’ fashioned crime fighting finds the bad guys; not spending vast amounts of money on a problem that isn’t well defined.
Granick writes that privacy is the key to the exercise of individual freedoms, but that the U.S. government is running counter to that with a collect everything approach. By having all that information in government databases, far too much personal information is available to agencies, which can use it for inappropriate purposes, Granick suggests.
Whatever your politics, the book is a must read, especially for Granick’s dissection of the actions that led Edward Snowden to leak classified information. Granick suggests than rather talking about Snowden’s actions specifically, the discussion should be about what he helped reveal. It’s a controversial opinion in the political arena, for sure, but one Granick sees as essential to our industry’s ongoing debates over security and privacy.
The chapter on Word Games is particularly interesting. Granick describes how the intelligence agencies use a coded vocabulary that deflects any non-expert and sometimes experts as well, allegedly to obscure the truth about what the agencies are doing. In Granick’s telling, terms such as collect, in bulk, surveillance are used by agencies in the way that citizens and members of Congress likely won’t understand – and therefore won’t easily question.
Conclusion
This is an important book and one worthy of the Cybersecurity Canon. Granick lays out the case that personal privacy is far too important to a democratic society to let it slip away. She details abuses of power at the highest ranks, misuse of federal statues, disregard to the constitution and more. The American spies she writes about may mean well in the name of patriotism, but in her opinion, are completely out of control. This is her effort to reign them in. Regardless of your politics, it’s a thought-provoking read and very much of our time.