Show sidebar

Mass Hacks of Private Email Aren’t Whistleblowing, They are at Odds With It

640px-exxon_valdez_oil_spill_13266806523

The Exxon Valdez after leaking more than 10 million gallons of oil into Alaska’s Prince William Sound in March, 1989. Image via NOAA/Wikimedia

The world of 2016 is one where leaking a lot is much easier than leaking a little. And the indiscriminate compromise of people’s selfies, ephemeral data, and personal correspondence — what we used to rightly think of as a simple and brutal invasion of privacy — has become the unremarkable chaff surrounding a few worthy instances of potentially genuine whistleblowing.  These now-routine Exxon Valdez spill-sized leaks, for which anyone can be a target, threaten us as individuals and as a citizenry.  They’re not at all like the Pentagon Papers or the revelations of Watergate, and they wrongly benefit from the general feeling that such leaks are a way to bring powerful parties to account.

In 1971, Daniel Ellsberg leaked the Pentagon Papers to a few U.S. senators. When it appeared to him that they weren’t going to further release them, he then leaked the papers to the New York Times. The leak made public the U.S. government’s confidential assessment of the ongoing Vietnam War, including its conclusion that it was unwinnable.

A year later, FBI associate director Mark Felt — a.k.a. Deep Throat — began his contact with Washington Post reporters Bob Woodward and Carl Bernstein, helping them break the story of the Nixon White House’s attempt to bug the DNC headquarters in the Watergate Hotel, and then to cover it up.

These whistleblowers are often celebrated as ethical people who sought to bring accountability for the government’s dissembling or secret wrongdoing.  Felt kept his identity secret for years, and the Ford Administration had little incentive to identify the Washington Post’s sources as the country sought to heal after Nixon’s resignation.  Ellsberg, on the other hand, never sought to remain anonymous for what he did. When he turned himself in for prosecution, he said:

“I felt that as an American citizen, as a responsible citizen, I could no longer cooperate in concealing this information from the American public. I did this clearly at my own jeopardy and I am prepared to answer to all the consequences of this decision.”

Ellsberg came forward about the Pentagon Papers before the Watergate scandal broke, and the Nixon Administration prosecuted him for having stolen and leaked the documents. But the case against Ellsberg did not begin in earnest until after Watergate, and it ended in a mistrial when it was revealed that members of the same White House burglary team that had tried to wiretap the DNC at the Watergate had also illegally broken into Ellsberg’s psychiatrist’s office, looking for dirt on Ellsberg in the files there. 

Forty years later we have experienced leaks by U.S. Army soldier Chelsea Manning to Wikileaks, and NSA contractor Edward Snowden to the Guardian and other papers, containing tranches of documents so large that neither Manning nor Snowden could be in a position to know exactly what information they were compromising as they did it. Both were promptly identified by the authorities. Manning became known because she had confided her actions to an online acquaintance who turned her in. Snowden was open about what he did after he had flown to Hong Kong, and then Moscow, to avoid arrest.

Fast forward to the fall of 2016. A site called DC Leaks published a cache of former Secretary of State Colin Powell’s email – apparently over two years of his Gmail account’s inbox and outbox up to this summer. Last week the U.S. government formally placed blame on the Russian government for these leaks and others like it, saying that Russia’s motive is to influence the outcome of the U.S. presidential election.

Interesting nuggets from Powell’s emails, primarily his disparagement of both Donald Trump and Hillary Clinton, made for a day’s headlines in major media around the world.  A lot of fluff surrounds those nuggets; an interactive online site by DC Leaks allows everyone in the world to browse Powell’s inbox archive as if it were their own, and it  includes such trivia as word that his assistant is heading home to get ready for book club.  Last week Hillary Clinton campaign chairman John Podesta’s Gmail account was compromised,  and Wikileaks has been posting thousands of his emails every few days in a searchable format.

As Steven Levy has observed, this sort of leak is a digital counterpart to what had been sought by the Watergate burglars by bugging the offices of the DNC — occasioned through hacking, rather than breaking and entering.  Watergate thus looms not only as an example of a cover-up that was revealed through whistleblowing — the covered-up burglary was itself a roundly-denounced, and criminal, attempt to procure a political rival’s private conversations.

So who is the underdog (to many, a sign of whom to cheer for) in today’s scenarios?  Is it the someone occasioning a digital break-in to get lots of private data, or is it the person targeted by such a break-in?

DC Leaks started anonymously in April of 2016, and it describes itself in a way siding with those breaking in — and invoking the mantle of the powerless against the powerful:

The project was launched by the American hacktivists who respect and appreciate freedom of speech, human rights and government of the people. We believe that our politicians have forgotten that in a democracy the people are the highest form of political authority so our citizens have the right to participate in governing our nation.

There’s a big disconnect between the ideals of this underdog manifesto and DC Leak’s actions, though it’s easy to simply treat it as a raw news source like any other.  A healthy and free press should be concerned with playing into others’ agendas.  Carefully selected truths can be assembled to make an utterly false mosaic, and to simply publish any concededly-newsworthy tidbits left on a publication’s doorstep abdicates the work that many journalists wish to do — painting a true picture of the world.

It is, of course, hard to begrudge the Free Beacon’s or the New York Times’s decisions to publish interesting quotes when a former public official’s candid thoughts are exposed. If they don’t, others will, and there’s a strong imperative not to be scooped. And the quotes they’ve published are surely newsworthy – so much so that the Times featured some of the contents of Powell’s and Podesta’s emails on its front page.

But before we consume the fast food meal of messages containing private citizens’ unguarded moments with friends and move on, we should consider the longer term effects on the body politic of partaking too often, and too indiscriminately.

There might be cases in which a hacker’s breach of a private citizen’s email might reveal something so explosive, so terrible, that some might justify the ethics of the breach – or at least not deem the fruits of the breach off-limits from further coverage. But it’s worth noting that the Fourth Amendment’s broad prohibition against warrantless searches means that an unwarranted government hack of someone’s account, revealing terrible wrongdoing, would not only be cause for damages against the government, but exclusion of that evidence in any criminal case brought against the wrongdoer. The “exclusionary rule” was designed precisely for the purpose of vindicating individual rights, drawing a line with few exceptions where the ends cannot justify the means.

Should we feel any differently when a private party – or a country other than the United States – conducts such a search? To bless it is to condone vigilantism, or intrusion by other states into our own citizens’ private affairs. Few would welcome a self-designated house intruder who, in the name of “the right to participate in governing our nation,” breaks into people’s homes, finds their old files, and then publishes them online for others to look through. Whatever that activity is, it’s not whistleblowing. In fact, it’s antithetical to whatever values might be said to be behind legitimate whistleblowing.

This point is not academic.  Recently DC Leaks published apparently-complete personal email troves from a White House “advance associate” – a person responsible for arranging the logistics of visits – so now anyone can check out the updates from his college fraternity and his efforts with his family to lock down plans for his college graduation weekend.  This hack and others like it reveal no official wrongdoing; they leak no official government or institutional documents; and they expose private citizens without any recourse, because they’re undertaken anonymously.

To crack people’s online accounts is a moral wrong, full stop. And apart from the wrong to the people hacked — Colin Powell will surely get over it, though that’s less sure of the young advance team member whose personal emails were also compromised — it is a chilling reminder, and signal, that anyone can be similarly exposed. Republican, Democrat, Libertarian, or Green – the message is that if you stick your neck out publicly by expressing a view on social media that others could disagree with, or choosing to work on a campaign, you and those with whom you correspond privately could pay a price.

There are those who think the American political system is so utterly corrupt that embarrassment to anyone taking part in it at any level is a good way to “burn it all down”; to them, discouraging people from participating is a feature, not a bug. But to anyone who sees civic and political participation as the most important way to advance democracy, and to beat back any capture by special interests, this is not medicine. It is poison. And it can be injected from afar — organizations with no identity or affiliation with a state and its polity can from a distance effect the kinds of leaks that before, short of foreign spying with agents on the ground coupled with the rare public leak of what was found, were produced by people who themselves were intertwined with the systems they were challenging.

Still others might look at today’s free-for-all and say that whoever dares to use email – a notoriously insecure medium – has it coming. The underlying idea is as if someone were foolish enough to leave the front door of a house open before going on vacation. But the more accurate analogy is daring to have a house at all – with a door using a lock that can be picked. Which is to say, all of them, or at least those without occupants so conscientious – and wealthy – that they can afford special security.

This lack of empathy is corrosive, because over time continued leaks will lead people to keep their thoughts to themselves, or to furtively communicate unpopular views only in person.  That’s profoundly unhealthy for a society.  It calls to mind the Soviet Union or East Germany: environments representing the opposite of respect for human rights.  We need the freedom to associate and communicate without constant fear of surveillance, whether from the state or from strangers.  And worse, hacking and selective release means that the hackers and anyone they answer to — such as other countries — can intervene in our public discourse, and our elections, in ways that slant public perceptions and views to suit their own motives.

Whatever you think of the columns of Thomas Friedman, or George Will, or Jennifer Rubin, or anyone writing for RedState or the Huffington Post, it’s astounding to contemplate that such writers face the prospect of hacking by, say, Russia, should they say anything contrary to Russia’s state interest.  That hacking could not only include release of private email and photos, but also entail compromise of online bank accounts, and it could make writers think twice before daring to put certain ideas to paper.

Worse, there’s no reason to think that hackers who say they’re providing accountability will stick to politics. The tools can and will be deployed against anyone — any slight or grudge will do, no matter how personal. This challenges a notion that hacks against public figures can be ethically separated over the long term from hacks against private ones, just as more and more people move back and forth between the private and public spheres. Celebrities, web personalities, people who happen to accrue large follower counts, sometimes overnight — what would make these legitimate targets?  Even if the distinction between private and public figures as targets could be defined, that obscures the fact that each is entitled to privacy for personal correspondence. Public figures who must adopt an official tone at all times will become that much more wooden and detached from the rest of us.

There’s enough injustice and wrong around the world and at home that handwringing about the leaked email of public servants or other notables may seem overwrought. But worry about this privacy issue need not diminish worry about, and action taken for, other issues, including government corruption or undue surveillance. The answer to a surveillance state is not to applaud private hacking of individuals, and we shouldn’t shape our view of a hack depending on whose side in a political conflict is being disadvantaged. Whether it was Sarah Palin’s Yahoo account, Colin Powell’s Gmail, or those of people we haven’t heard of, the impact on them as people is real and unfortunate. When we lose our empathy for that, we contribute to the unraveling of our public sphere.

Tags: ,


About the Author

is the George Bemis Professor of International Law at Harvard Law School and the Harvard Kennedy School of Government, Professor of Computer Science at the Harvard School of Engineering and Applied Sciences, Director of the Harvard Law School Library, and co-founder of the Berkman Klein Center for Internet & Society. You can follow him on Twitter (@zittrain) and you can find his full bio here.