Photograph by Matt Wilson
The US National Security Agency (NSA) has direct access to information on the servers of major American internet companies, according to reports published in the Guardian and the Washington Post.
The NSA has been able to obtain emails, documents, photos and complete contents of voice and video calls from Microsoft, Yahoo, Google, Facebook, Apple, YouTube, Skype, AOL and PalTalk. According to the US government the purpose of this was to improve the NSA’s ability to track foreign targets.
With direct access to databases on servers, the NSA could collect anything without judicial or congressional oversight. This access is part of a previously undisclosed program called PRISM. A White House statement says that there was legal oversight, but the mechanisms of oversight are unclear. It also said that, although the aim was to collect foreign intelligence, PRISM inevitably collected information on Americans who were in contact with its foreign targets.
This intrusion into the privacy of ordinary citizens, comes on the heels of yesterday’s revelation that the NSA has obtained massive quantities of “metadata” of telephone calls from Verizon, a phone company.
Privacy? Whatever …
PRISM creates the possibility of gross violation of privacy of American citizens, and practically anyone else. Rights to privacy exist for a reason. People say or write or photograph things that could be embarrassing, damage personal relationships, or lead to financial losses, if this information is accessed by someone else.
One of the lessons of the 20th century is that governments have their own interests in hiding their embarrassing mistakes and targeting people. There is a tendency for government employees to conflate people who don’t like what they are doing with enemies of the entire nation.
One need not go the examples of Mao’s China, Stalin’s USSR, or Nazi Germany. It is enough to remember Nixon and Watergate, as well as the many whistle-blowers who have been persecuted (or prosecuted) for exposing facts about government actions. Intelligence-gathering without checks and oversight is an open invitation to abuse of power.
In technology circles, it’s trendy to talk about big data. Roughly put, big data stands for the ability to use very large amounts of data to find patterns that would otherwise remain hidden. The danger is that, without oversight and attention to individual rights, it can sweep up the innocent as well as the guilty.
Big Surveillance
Decades of advances in electronics have made information storage and retrieval cheap and easy. There is a technological momentum that pushes any dream toward being realised. Has access to these servers been used to conduct big data style data-mining? Well, big data offers the opportunity for big surveillance.
The NSA program shows the scope of government intelligence-gathering, and suggests a need for public debate. The central issues involve the balancing of values of privacy against the need for information to protect citizens from the danger of terrorism.
Even if PRISM collects valuable information, it may not be the best way to get such information. The competing priorities need to be weighed in a balance. Even an effective program may not be compatible with society’s values.
There is a lot that we don’t know yet. It appears that this program has direct access to any US citizen communications. How many US citizens were targeted as a result of this program? What is the relation between this program and foreign intelligence agencies? The answers to these and many other questions will come out over the coming days.
It was revealed today that the UK Goverment Communications Headquarters (GCHQ) has been gathering information through the NSA. After all, British citizens are “foreigners” from the point of view of the NSA. PRISM seems to allow countries to sidestep laws governing domestic intelligence-gathering to gather information without actually conducting surveillance on own citizens.
Stop the Snoopers
If you need to protect your privacy what can you do? It is easy to encrypt emails, documents and folders. The simplest approach is to use the free 7-Zip tool with the 256-bit Advanced Encryption Standard (AES). AES 256-bit encryption is currently unbreakable for any practical purposes. It won’t encrypt emails directly but you can always send encrypted documents as email attachments. Tools like Pidgen with Off-the-Record Messaging create secure private chats and instant messages. Tor allows you to browse anonymously. Use is as easy as downloading Tor and launching it.
Historically, the internet has been anonymous, strikingly expressed by the New Yorker cartoon caption “On the internet nobody knows you are a dog”. After today’s revelations this has to be revised.
On the internet the NSA now knows you are a dog.
By Grant Blank, University of Oxford
Grant Blank owns Microsoft shares.
