DIGITAL FORTRESS, the controversial thriller about the ultra-secret U.S. National Security Agency, spent 15 weeks as the #1 national bestselling E-book and was inspired by a true event.

AUTHOR INTERVIEW

"I couldn't figure out how the Secret Service knew what these kids were saying in their E-mail."

Q: A rather startling event inspired you to write Digital Fortress. Can you elaborate on what happened?

A: A few years ago, I was teaching on the campus of Phillips Exeter Academy in New Hampshire. One Spring day, unannounced, the U.S. Secret Service showed up and detained one of our students claiming he was a threat to national security. As it turned out, the kid had sent private E-mail to a friend saying how much he hated President Clinton and how he thought the president should be shot. The Secret Service came to campus to make sure the kid wasn't serious. After some interrogation the agents decided the student was harmless, and not much came of it. Nonetheless, the incident really stuck with me. I couldn't figure out how the secret service knew what these kids were saying in their E-mail.

I began doing some research into where organizations like the Secret Service get their intelligence data, and what I found out absolutely floored me. I discovered there is an intelligence agency as large as the CIA... that only about 3% of Americans knows exists.

It is called the National Security Agency (NSA), and it is home to the country's eavesdroppers. The agency functions like an enormous vacuum cleaner sucking in intelligence data from around the globe and processing it for subversive material. The NSA's super-computers scan E-mail and other digital communiqués looking for dangerous word combinations like "kill" and "Clinton" in the same sentence.

The more I learned about this ultra-secret agency and the fascinating moral issues surrounding national security and civilian privacy, the more I realized it was a great backdrop for a novel. That's when I started writing Digital Fortress.

"The NSA is in charge of waging the information war-- stealing other people's secrets while protecting our own."

Q: The NSA sounds fascinating, can you tell me more about it?

A: The NSA was founded at 12:01 on the morning of November 4th, 1952 by President Truman. No note of this event was made in the Congressional Record. The NSA's charge was simple--to intercept and decipher intelligence information from hostile governments around the globe. Secondly, it was to create the means to enable secure communications among U.S. military and officials.

Put another way, the NSA is in charge of waging the information war--stealing other people's secrets while protecting our own; they are not only the nation's code-breakers, but also our code-writers. Today the agency has a $12 billion annual budget, about 25,000 employees, and an 86-acre heavily armed compound in Fort Meade, Maryland. It is home to the world's most potent computers as well as some of the most brilliant cryptographers, mathematicians, technicians, and analysts. Digital Fortress is about a brilliant female cryptographer who works inside these sacred walls.

"Intelligence analysts joke that the acronym 'NSA' really stands for 'No Such Agency.'"

Q: Why have so few people heard of the NSA?

A: In the novel the intelligence analysts joke that the acronym "NSA" really stands for "No Such Agency" or "Never Say Anything." Seriously though, the NSA is clandestine because it has to be. It is responsible for protecting this nation from some very powerful and hostile forces; often times this involves practices that civilians might find intrusive or immoral.

The NSA is far more effective if it is immune to the public scrutiny that most of the other agencies have to endure. Although not many people have heard of the NSA, that fact is quickly changing. Certainly those people familiar with the intelligence community are aware of the NSA's existence and general code of conduct. Computer users who are savvy about issues of privacy in the digital age are also more and more aware of the NSA's existence and practices.

The battle for privacy rights in a digital world is starting to take center stage, and I suspect it will be THE major issue of the next decade. We can all expect to hear a lot more about the NSA as the battle surrounding national security and civilian privacy develops.

"We communicated via anonymous remailers such that our identities remained secret."

Q: How did you get so much information on such a clandestine agency?

A: Much of the data on the NSA is public domain if you know where to dig. James Bamford wrote a superb exposé of the agency, and there are a number of former intelligence sources who have written extensive white-papers on the subject. I was also fortunate to befriend two former NSA cryptographers while researching the book. We communicated via anonymous remailers such that our identities remained secret.

At first, I was surprised with the information they were sharing, and I suspected, despite their obvious knowledge, that they were probably not who they said they were. But the more we spoke, the more I was convinced they were authentic. Neither one knew about the other, and yet they told almost identical stories. When I asked why they were sharing intelligence data with me, the response startled me. One cryptographer put it this way, "I am a mathematician, not a politician. The NSA's technologies and practices are necessary, believe me, but their level of secrecy is dangerous. It breeds distrust. I believe it is good for everyone that the agency is gradually coming to the public eye. I am not sharing classified information; the information I am sharing is already out there, but it is skillfully buried. I'm only bringing it to the surface."

"There used to be barriers around information. Technology has changed that."

Q: Ten years ago we never read about privacy rights, now it is an enormous issue. Why?

A: Barriers. There used to be barriers around information. Technology has changed that. It used to be we sent our messages in sealed envelopes with the U.S. postal service; now we E-mail.

Global corporations used to gather for closed-door meetings; now they teleconference. Once we sent important documents with bonded couriers; now we FAX. All of these transfers take place through a vast network of cables and satellites that is impossible to keep entirely secure. Technology has made global communication more efficient, but the down side is that there is a lot more of each of us floating around out there waiting to be intercepted.

"ITT and Western Union were under enormous political pressure to cooperate silently... and they did so."

Q: Does the government really read our E-mail?

A: Government monitoring of civilian communication is something that has been going on for decades. Even though the public is widely unaware, government officials and specialists in privacy-related fields are certainly aware of the practice. The debate over its ethics is complex because a precedent exists that intercepting certain E-mail, cellular phone, and FAX communications can help law-enforcement officials catch dangerous criminals. The question turns into one of civilian privacy vs. national security. In the 1950's the NSA's then top-secret Project Shamrock intercepted and scanned all telegrams sent in or out of the country; ITT and Western Union were under enormous political pressure to cooperate silently...and they did so.

Project Shamrock stayed in effect until 1975. Nixon's Huston Plan and later Project Minaret further relaxed regulations on monitoring civilian communications and even activated enormous watch-lists of U.S. civilians whose communiqués were regularly tapped. Just recently, of course, the FBI caught the infamous hacker Jose Ardita by secretly monitoring computer activity at Harvard University. As you can see, this sort of activity is nothing new.

"The loopholes are obvious..."

Q: But aren't there laws against intercepting E-mail?

A: Current laws are shaky at best. The Electronic Communications Privacy Act (ECPA) provides that personal E-mail cannot be intercepted while it is in transit. However, once the E-mail is digitally "stored" it is fair game and officials can legally gain access. The irony in the law is that E-mail travels by copying itself from server to server; the moment it is "in transit" it is also stored on servers across the country.

The loopholes are obvious. It's hard to prove that unwarranted monitoring takes place, but most privacy specialists agree that monitoring is rampant, a point well-taken when you consider the following: Government Incentive -- Terrorist activity against the U.S. is on the rise (some from domestic sources), and the incentive certainly exists to protect national security in anyway possible. It's Easy - The technology now exists for the government to secretly scan enormous quantities of data very cost effectively. It's Legal - The current laws are written such that they do not hinder the intelligence agencies in any real way from scanning civilian communications for subversive activity. Historical Precedent - The intelligence community has a long history of protecting national security through domestic intelligence gathering.

Operation Shamrock and Minaret are two examples. Daily Proof - Almost every day there are stories in the news of civilians arrested for child pornography, embezzlement, drug trade, etc. These arrests usually hold up in court based on evidence from intercepted private communications. Officials often have court-orders when they tap E-mail and phones, but it is not difficult to imagine time-sensitive crises where court-orders are not feasible and laws are bent in the name of protecting the common good.

"If I send E-mail that reads, 'Tonight I'm taking out my wife,' how would you interpret that?"

Q: Most individuals are law-abiding citizens, why should they care if a government agency might be listening in to their personal communications?

A: First, there is the obvious moral issue of whether or not we want to live in an Orwellian society where big brother is peering in from all sides. But more immediate concerns are those of abuse and misinterpretation of data. For example, if I send E-mail that reads, "Tonight I'm taking out my wife," how would you interpret that? Am I treating my wife to a date, or am I killing her? Because language is sometimes ambiguous, it runs the risk of misunderstanding. The results can be disastrous.

"The priest made a single typo that changed his life forever."

Q: Can you give us any "real life" horror stories of instances of abuse or misinterpretation?

A: Absolutely. There is one I heard recently that has become somewhat of an urban legend. Although I can't vouch for the accuracy of the story, it's a perfect example of the sorts of things that we now hear happening all the time. Apparently, last year a priest from Utah sent E-mail to his sister in Boston. In his message he mentioned that some local teenagers had stopped by his church that day and baked him brownies. Hoping to impress his sister with his technological wizardry, he borrowed the church's new digital camera and took a photo of the brownies. Then he attached the photo to his E-mail and sent it off. Of course everything should have been fine.

Alas, it was not. In a cruel twist of fate, while typing his E-mail the priest made a single typo that changed his life forever. While writing the phrase "teenagers baked brownies", instead of typing "B" for baked, he missed and hit the letter "N" (the letter directly next to the "B"), resulting in the phrase "teenagers naked brownies."

Because he had unknowingly typed the words "naked" and "teenagers" next to each other in his E-mail, his message was flagged by a secret government computer scanning for child pornographers on the Internet. To make matters worse (much worse) the priest had attached a photo to his E-mail, so his transmission was flagged top-priority for immediate analysis.

When the task force went to examine the photo, however, they found that the file was corrupt and could not be opened. All they knew was that the photo was entitled "Brownies", and it was sent by a priest who was writing about naked teenagers. They tracked the priest's identity through his Internet service provider and secretly began investigating his church. They found to their horror that both the Cub Scouts and the Brownies met at there on a regular basis. They concluded that this priest had been sending pictures of naked Brownies... a felony. They arrested him.

"The government is far less intrusive than most forces."

Q: Is the government the only force that pries into our lives?

A: Absolutely not. In fact, the government is far less intrusive than most forces. With the evolution of the personal computer, small companies and even individuals can now keep track of enormous databanks. Can you imagine ten years ago your neighborhood grocer making a note of every single item you as a customer purchased? Now it happens automatically at the check-out scanners. If you buy groceries with a credit or debit card, a detailed record of your personal purchasing preferences is instantly cataloged. Marketing agencies pay top dollar for these lists.

"Even our simplest daily actions are recorded and can come back to haunt us."

Q: Can you give us other examples of how we are spied on?

A: The list is endless. Aside from the cameras that are trained on us at all ATM's, toll-booths, and large department stores, there is plenty of subtle spying. Sweepstakes are a good example. If you enter $100,000 dollar sweepstakes, you should be aware that the company sponsoring the sweepstakes will make ten times that much selling your personal information to direct-mail marketing firms. Another example is the ubiquitous "free blood pressure clinic." Many of these clinics are set up NOT to check your blood pressure but rather to gather prospecting lists for pharmaceutical companies.

The world-wide-web is anything but private. Many computer users still don't realize that the web sites they visit will, in many cases, track their progress through the site--how long a user stays, what he lingers over, what files he downloads. If you're visiting sites on the web that you don't want anyone to know you're visiting, you better think again.

Even our simplest daily actions are recorded and can come back to haunt us. One of my favorite stories is of a political race in California in which a candidate was running on a platform of conservative family values. His challenger simply went to the man's local Blockbuster Video and tipped the clerk $100 to print out a list of every movie the candidate's family had ever rented. The list contained some titles that were by no means Disneyesque. He leaked the list to the papers, and the election was over before it began.

"Ultimately, the price we pay for national security will be an almost total loss of privacy."

Q: What's in store for us in the future, more or less privacy?

A: Less. Every day, civilians have fewer and fewer secrets, and it's only going to get worse. The world has become a dangerous place, and our security is harder to protect. Criminals have access to the same technology we do. If we want the government to catch terrorists who use E-mail or cellular phones, we have to provide a means for them to monitor these types of communication.

There are plenty of very sharp folks who are working hard to find some happy medium-- key escrow systems that would enable officials to monitor communications only with a court order--but despite all the efforts to leave the public some semblance of secrecy, ultimately the price we pay for national security will be an almost total loss of privacy.

"Currently, criminals can obtain the necessary level of anonymity to commit their crimes. That is changing."

Q: Is this death of privacy all bad news?

A: Not entirely. Many people will want my head for saying that, but if you think about it, most of the bad things that occur in society happen because people have privacy -- that is to say, criminals can obtain the necessary level of anonymity to commit their crimes.

One needs privacy to break the law and get away with it. Child molesters, terrorists, organized criminals--- they all work in private. If their communications and daily activities are less clandestine, they will not last long. Of course, there is the obvious question of whether or not we trust the law-enforcement officials who are listening in.

Whether or not we trust those people we've elected to watch over us is a question asked by the antagonist in Digital Fortress--"Quis custodiet ipsos custodes," he quotes -- "Who will guard the guards?"

"Ultimately, privacy will not survive the digital revolution."

Q: Isn't there any way to protect ourselves from prying eyes?

A: Ultimately, privacy will not survive the digital revolution. We live in a society experiencing exponential technological growth. Within the decade, most of our daily activities will be conducted through our home computers-- paying taxes, voting, shopping, all of our entertainment, movie-downloads will replace videos, music downloads will replace CD's... all of this personal information will be zipping around between satellites and through cables...it would be naive to believe that we will develop some foolproof method of keeping all this information secure.

"The important thing for us to do is to ensure that the death of privacy is bilateral."

Q: How should we prepare ourselves for the end of privacy?

A: The important thing for us to do is to ensure that the death of privacy is bilateral--that is, that while snoopers know more about us, we know more about them. If a supermarket or clinic is selling our personal information, we should know to whom. If a web site plans to watch our every move, we should be warned before we enter the site.

"The death of privacy may have some wonderful side effects we don't yet imagine--it may just make us a more moral society..."

Q: The scenario sounds grim. Can you leave us with any words of hope?

A: Sure. The death of privacy may have some wonderful side effects we don't yet imagine--it may just make us a more moral society. If we are more visible to our peers, our behavior as a society will undoubtedly improve. Think about it... if your whole town knows when you are on the Internet sneaking a peek at Lois Lane in her underwear, you might just decide to do something else... maybe even curl up with a good book.