How should surveillance be implemented?

[c_atlas]

This question has been on my mind lately, thanks to the impending Palantir IPO and the commemoration of 9/11. I figured bitcoin users would be pretty critical of infringement on privacy in a free society, so I'd like to hear your thoughts on this.

First, imagine surveillance as a spectrum with the left boundary being no surveillance of any kind, and the right being complete surveillance of all communication.

Now, all rational members of a society would agree that having information about a scheme to harm the society or its members is better than being blindsided by an attack, meaning some amount of surveillance is desirable. At the other end of the spectrum, complete surveillance conflicts with freedom, and while an uncaring person might be alright with others losing their freedom, they certainly wouldn't tolerate giving up their own.

On one end, you're walking through the world blind, which is dangerous. On the other end, you're forcing individuals to live a tracked life that may not be worth living at all, so the answer must lie in-between the extremes.

The next question we may want to ask is: do we want to monitor our citizens, or do we want to monitor foreigner countries? I think the better way to phrase this is: who and where are our enemies? If your enemies have already infiltrated your society, you have a lot of problems to deal with, so let's look at the other case first.

Searching for a needle in a haystack is hard, and since we want to keep things simple, we should avoid mass surveillance. Most people—even during wartime—are unlikely to incite violence at the level of terrorism. The real enemy (outside of wartime) is likely to be a highly vocal, radical group (like ISIS). As a result, surveillance tools should be designed for operations targeting specific organizations and their members. It seems to me that Palantir's software was designed with this idea in mind, whereas the NSA favoured mass surveillance. I'm inclined to believe that the right approach is having the private sector develop the tools and having the government provide contracts, missions, and in some cases, data. Data provided by the government shouldn't have been gathered through mass surveillance; it should be collected by government operatives ('assets'), or military personnel who have infiltrated radical groups and gathered critical information about their organization.

A private sector heavy approach means failure will result in loss of contracts for a firm, and since failure is typically well defined (are schemes uncovered or are they not?), the government, other firms, and taxpayers know when a firm fails. In contrast, failure in 3 letter government agencies is generally 'solved' with more funding, more bureaucracy, and is usually covered up or 'classified'.

I'm not sure you can make a strong case for the surveillance of a free society's own citizens. Yes, there are problems like school shootings, human/drug trafficking, and in some Western countries, the radicalization of young people by terrorist groups around the world. However, these problems can be eradicated through less stringent measures than surveillance, let alone MASS surveillance.

What do you guys think, should surveillance be handled by individuals, companies, the government, or some combination of the three? Should AML/KYC laws be abolished? Is mass surveillance the wrong approach?