Means of Control begins with an author’s note describing the extensive research on which it is based, including more than 350 interviews and tens of thousands of pages of documents. The book’s subject—“a chronicle of how different kinds of data became available for purchase by the U.S. government after 9/11,” and why that is important—is so fraught with significant legal and philosophical issues that author Byron Tau was right to emphasize his painstaking endeavors; if he hadn’t, readers might be tempted to downplay his ominous findings.
Means of Control: How the Hidden Alliance of Tech and Government Is Creating a New American Surveillance State
By Byron Tau
Crown Publishing, 400 pages
Release date: February 27, 2024
If I were to provide a thorough summary of Means of Control, I would probably need double the book’s four hundred pages. I can only touch on some of the high (low?) lights in this review. After the events of September 11, 2001—al-Qaeda’s assaults on the World Trade Center and the Pentagon—American intelligence and law enforcement organizations learned “that data valuable in understanding the attacks wasn’t just hidden in government databases.”
Corporations, it turned out, also owned a massive amount of pertinent consumer information, and in that information were “potential signals to law enforcement or the intelligence community that something was amiss [before 9/11]—if only law enforcement had bothered to look.” Government agencies, fearful of more attacks, were determined to rectify this disquieting (and embarrassing) situation.
Since 9/11, there have been any number of private companies that were (and are) eager to supply user data not only to the federal government, but to local police forces. Tau groups data brokers into four types: those that “collect information like names, address histories, and consumer preferences”; “social data providers that emerged to monitor the conversation on social media”; “advertising and location data brokers that sprang up to understand the movement of phones and the behavioral preferences of their owners”; and “gray data providers that specialize in the most niche data sets.”
Crown Publishing
If you’re wondering what some of these categories have to do with fighting foreign or even domestic terrorism, it’s a good question that Tau works quite hard to explain. Underpinning that question is a more fundamental concern: “Most people are bewildered to learn that their phones and apps might be a vector for data collection. Why would any government care about me? they ask.” Tau’s plausible answer: “Apps are a backdoor portal to doing data collection. Beneath software code running on millions or even billions of mobile devices is a world that the ordinary person can’t possibly begin to unravel and understand without a Ph.D.”
Ever heard of the data broker Acxiom? I hadn’t before I read Tau’s account. It was founded in the 1960s and by 9/11 had amassed a wide range of consumer information. Soon after the al-Qaeda attacks, the company discovered that eleven of the nineteen terrorist suspects were in its data bank. Inevitably, in retrospect, “this was the beginning of a whirlwind experiment in becoming a government contractor. In the weeks, months, and years [after 9/11] the company’s executives and sales reps would be ushered into rooms all over Washington[, D.C.].”
“Acxiom’s breakthrough,” Tau writes, “was that it figured out how to pull disparate records and tie them together into a single consumer profile . . . . Acxiom had invented a system called AbiliTec—a way of joining together disparate fragments of data such as addresses and maiden names and linking them to a specific individual. AbiliTec aimed to assign each individual in the United States a single, stable unique identifier and then organize all of the consumer information about that person under that identifier.” (Does that disturb you? In 2002, Vice President Dick Cheney thought it looked “promising.”)
Along with data brokers, the book explores the legal issues raised by these companies’ work for government organizations, which is perhaps its most important contribution to the understanding of our post-9/11 world. It might surprise readers of The Progressive to learn that federal intelligence and law enforcement agencies have been cognizant of, even sensitive to, the laws—Constitutional and otherwise—that controlled their alliances with civilian data brokers. Having said that, it’s also true that these agencies were staffed with many intelligent people who contrived ingenious methods for twisting the legal regulations inside out or occluding them altogether.
Which brings us to metadata. “Metadata,” Tau writes, “is information about information, or data about data.” For instance, when it comes to telephone communications “metadata is the who, what, where, and when of a call. . .And because you’ve shared that information with a third party [the telephone company] you lose your expectations of privacy [if the government is watching you]. This loophole also applies to other communications systems: the post office, digital search engines, emails, et al."
Tau succinctly sums up one of Means of Control’s most momentous conundrums: “At the heart of U.S. privacy law is an unresolved tension: that corporate data conveyed voluntarily does not ‘count’ as surveillance. Under nearly fifty years of Supreme Court precedent, the government can buy data. After all, all of that information had been conveyed to third parties at some point before being repackaged and sold.” In a nutshell, government monitoring that previously had required a search warrant might now be unencumbered by this impediment.
Tau, who currently works at the Allbritton Journalism Institute, used to be a reporter for The Wall Street Journal, where he began his investigation of many of the topics covered in this book (his first). I sometimes felt a bit overwhelmed by Tau’s cascade of research, but if other readers of Means of Control encounter the same problem, I would hope they stay the course and finish the book. Tau is right about a crucial point: the “new American surveillance state” demands our conscientious reflection.
Can we, in the long term, balance our cherished American privacy with security? The book’s hero is Democratic Senator Ron Wyden of Oregon, because, among other things, he introduced legislation in 2021 that “would put a stop to U.S. law enforcement buying data that it would otherwise need a warrant to acquire.” (To my knowledge, the bill is still in legislative limbo). And while it’s clear that Tau treasures Americans’ privacy (Means of Control’s appendix is entitled “An Ordinary Person’s Guide to Digital Privacy”), I’m also of the opinion that the problems inherent in that balance also vex him more than he lets on. They certainly trouble me.