NSA Surveillance, Retrospective Risk Analysis and the Terrorism Trump

There are surely good arguments for the NSA metadata collection program. The bare assertion—evident on the Sunday shows last weekend—that it would have prevented 9/11 is not one of them.

It is, for starters, highly speculative. The pre-9/11 problem was not a lack of data but a lack of coordination. One need not engage in retrospective blame to observe that clues generated by the old technology—larger needles in a smaller haystack—seem, in searing hindsight, not to have been lacking.

The deeper problem is retrospective risk analysis.  Its concomitant is the attempt to use 9/11 as a rhetorical trump.  It is intended to stop conversation rather than start it, as in Rep. Peter King’s understandable display of pathos on Meet the Press: “I live in New York. I lost about 150 friends, neighbors and constituents on September 11. If the NSA had had this metadata in 2001, that attack probably wouldn’t have happened.”

The Congressman’s personal loss deserves both sympathy and honor. But the distance of a dozen years provides adequate space for deliberate rather than impassioned consideration, and the simple assertion—which is hindsight working in hindsight—that surveillance would have prevented the attacks cannot conclude the issue in foresight for the simple reason that, looking forward, preventing attacks can never be all that matters.

Those are stark words, to be sure, and doubtless would sound harsh to someone like King with a personal connection to the tragedy. But they are also axiomatic. Everyone knows there are prices we are unwilling to pay for potential security—just as there are prices we are unwilling to pay in domestic affairs, such as 15 mph speed limits on interstates, even though they would obviously save lives. The question is merely whether the collection of metadata and the other elements of the NSA program rank among them.

But if we are to pay the price, we ought to know what we are buying, and potential security—the hedge against danger—is it. It is an insurance policy, and like all insurance policies, it protects against a threat, not a certainty. Thus the problem with rearview risk analysis: The difficulty in such conversations is the awful and inescapable knowledge that 9/11 did occur. Policy debates, by contrast, are inherently prospective. Does anyone believe such a program as the NSA’s would—or, for that matter, even should—have been tolerated on 9/10 on the argument that it could have prevented an attack like 9/11?

And in the mists of prospection, there are no single trumps, only the simultaneous management of multiple values—of which security is one, and a large one, but of which liberty, privacy and constitutionalism are others. The White House review panel recognized as much when it wrote:

When public officials acquire foreign intelligence information, they seek to reduce risks, above all risks to national security. The challenge, of course, is that multiple risks are involved. Government must consider all of those risks, not a subset, when it is creating sensible safeguards. In addition to reducing risks to national security, public officials must consider … other risks [including risks to privacy and to freedom and civil liberties].

Note that the challenge is “reducing,” not “eliminating,” risks to national security. (Incidentally—actually, not incidentally—despite all the talk about unique methods being required because terrorism is a unique threat, the report also mentions a wider array of intelligence objectives that includes “counterintelligence, counteracting the international elements of organized crime, and preventing drug trafficking, human trafficking, and mass atrocities.”  Is surveillance permissible for all of these?)

In any case, it is only the retrospective knowledge of 9/11 that makes the notion of a pre-9/11 surveillance program plausible. But the proper debate today is not whether the program would have prevented 9/11 but rather whether, looking forward, its costs in liberty, privacy and constitutionalism are overcome by the combined probabilities that a future attack will occur and that metadata would inhibit it.

The certainty of a future attack, like the fact that one happened on 9/11, might be a trump in such a conversation, but no such certainty obtains. Whether surveillance could have prevented 9/11 is thus a relevant factor in these discussions but not a conclusive one.  That these programs impose costs, however, is very certain indeed. That is not a trump either, but neither can it be categorically dismissed by laying 9/11 like a spade on the table. Both security and liberty require consideration, with prudential judgment holding the balance between them. But prudence requires exactly that—judgment—not the certainties that retrospective risk analysis entails.