The NSA's problem is that new threats are a form of innovation, but that it's hard to predict innovation, and harder to target surveillance towards people planning a dangerous activity if nobody has seen that activity before. New ideas are a threat.
So perhaps their method is to define Normal, and then monitor everybody Abnormal, on the basis that dangerous innovation is more likely to come from the Abnormal.
Enthusiasm for Linux isn't as abnormal as it used to be, but it definitely puts you in the "dangerous 1%".
I could see a group of analyst deducting that people interested in traffic privacy fall into two groups. Technology intent and nefarious intent. If you were looking for people with nefarious intent, then that would lead you to monitor the tools that those in the nefarious group would use. This article feels very much like link bait for the technology activist.
You don't put a DUI checkpoint outside the library you put it outside the pub.
My point being that they tasked intelligent people with finding "terrorist" and this search pattern is a natural evolution of that task. Policy aside.
But what if they view the technologists as "incidentally" aiding the group with "nefarious intent". Remember a US president in our lifetime said: "Either you are with us, or you are with the terrorists."[1]
The treatment of Jacob Appelbaum[2] and David Miranda[3] suggests that members of US/UK Government may believe that if one provides "incidental help" to the current ideological enemies of the US you are a terrorist/extremist or at the very least targetable under terrorism laws (Miranda was detained under schedule 7 of the Terrorism Act).
Schedule 7 of the Terrorism Act of 2000 does not require a person to be a "terrorist" or imply that anybody detained under its authority is thought to be one.
Notice that I said, "Miranda was detained under schedule 7 of the Terrorism Act", this statement does not contradict your statement.
I am not a lawyer and I am in no way familiar with UK law, but my reading of the law is given below:
tdlr; Section 7 applies people that the officer wishes to determine are terrorists defined in Section 40(1)(b)[1]. It does not require evidence, but the purpose is to determine if the person is, in fact, a terrorist.
Section 7 states: "For the purpose of satisfying himself whether there are any persons whom he may wish to question under paragraph 2 an examining officer may—"
Paragraph 2 states: "An examining officer may question a person to whom this paragraph applies for the purpose of determining whether he appears to be a person falling within section 40(1)(b)."
Section 40(1) (b) states: "In this Part “terrorist” means a person who— (a)has committed an offence under any of sections 11, 12, 15 to 18, 54 and 56 to 63, or (b)is or has been concerned in the commission, preparation or instigation of acts of terrorism."
You also said that "members of US/UK Government may believe that if one provides "incidental help" to the current ideological enemies of the US you are a terrorist/extremist", which you haven't shown at all, and that "at the very least targetable under terrorism laws", which is meaningless, because anybody crossing the border can be detained and questioned by that statute.
This policy is significantly similar to the subpoena policy in most US states. With the exception of the questioning being court ordered. In most states police can detain and question numerous people in the course of an investigation without a subpoena.
If you were to have concern about the JA incident your primary argument should be with the seizure of assets not with the detention and questioning.
The presumed search of material on JA and his partner are the only issue that is not within the norm in the US, but is actively being deliberated about in the courts. The act of searching a cell phone specifically while you are detaining someone for questioning is being actively challenged in the court system.
In reference to schedule 7, the questioning of a concerned party within a specific context that is being used in the commision of crime is commonplace in most if not all policed states. For example a comparison would be the detention and questioning of Target IT department following the breach of their system last year. They are not a suspect but are directly concerned with the commision of that crime.
This is exactly who an intelligent group of analyst would target for completion of their task.
The problem is that you misconstruing the They that are policy makers and the they that are the individuals that wrote these configuration files. The transfer of little theys actions onto big theys policy is flawed logic.
If I told you to find a bug in a large code base, there are two gross options. Scour the code yourself(xkey) or talk to an original author(JA). Those tasked with monitoring TOR obviously chose to try both approaches.
The value of a target always dictates the cost tolerance of the acquisition process. ie detain JA at political cost.
Lastly, the inference that JA detention was something other that a collection action and somehow a "terrorist" designation is disingenuous.
So perhaps their method is to define Normal, and then monitor everybody Abnormal, on the basis that dangerous innovation is more likely to come from the Abnormal.
Enthusiasm for Linux isn't as abnormal as it used to be, but it definitely puts you in the "dangerous 1%".