A Year Since Edward Snowden: The Five Most Important Things to Know — Part 1
A year ago, Glenn Greenwald at The Guardian published the first of what would become an avalanche of leaks from ex-NSA contractor Edward Snowden about the U.S. National Security Agency and the modern world of digital surveillance and spying. Here are the five most important takeaways from a year that changed our perspective on our privacy in the digital age.
1: The NSA Can Obtain Pretty Much Any Data on You, If They Want
The full list of NSA capabilities is as long as it is mind-boggling. The Electronic Frontier Foundation has a list of 65 things we now know about NSA surveillance, thanks to leaks from Edward Snowden.
Among them are programs like: PRISM, the first major leak that showed the U.S. government was secretly compelling tech companies including Microsoft, Google, Apple, Facebook, Yahoo, and many others, to hand over user data; MUSCULAR, which vacuumed up unencrypted data from links between Google and Yahoo data centers; XKEYSCORE, which can view and analyze email, online chat transcripts, and browsing histories ("nearly everything a typical user does on the Internet," as an NSA presentation put it) of anyone in the world; CO-TRAVELER, in which the U.S. collects location data on up to 5 billion devices, from cell towers, Wi-Fi, and GPS hubs around the world, and analyzes it to find people possibly associated with a target; and many, many more.
And the leaks keep coming. Just last week, The New York Times published new information on an NSA program dating from at least 2011 that intercepts "millions of images per day" including tens of thousands of "facial recognition quality images" with "tremendous untapped potential" for facial recognition identification systems.
But what's the main takeaway from all of these disclosures? If you are a modern, digitally connected person, your privacy is an illusion — just a concept, a fairy tale you tell yourself to feel comfortable.
This is not to say the U.S. government is spying on you (that is, if you're a U.S. citizen living inside the U.S.). The NSA constantly says it does not "intentionally target" U.S. citizens and does not collect the content of their communications, and there has been some pushback and slight reform on the breadth of its phone record ("metadata") collection on U.S. citizens. And the NSA certainly has been busy spying on the rest of the world.
But the systems are in place. The NSA — despite its (mostly obeyed) internal policies and the executive strictures against spying on citizens for no reason — at least has the capabilities in place to absolutely own your data, and thus, your life. Just because it has not, does not, or will not, doesn't mean it cannot.
In his interview with NBC's Brian Williams, who took out his iPhone to ask about privacy, Edward Snowden put it this way: "Do you check it when you travel, do you check it when you're just at home?" Snowden went on, "They'd be able to tell something called your 'pattern of life.' When are you doing these kinds of activities? When do you wake up? When do you go to sleep? What other phones are around you when you wake up and go to sleep? Are you with someone who's not your wife?" Another Snowden assertion applies to non-mobile information: "I, sitting at my desk," said Snowden, could "wiretap anyone, from you or your accountant, to a federal judge or even the president, if I had a personal email."
A year after the first Snowden leak, we've mostly come to grips with the fact that this is the world we live in.
2: So Can a Lot of Other Governments
The NSA has such an incredible technological spying capability that it almost inspires awe and good old-fashioned American pride. We're number one in hacking and tracking the world!
It can also, for U.S. citizens, inspire complacency. If the everyday citizen is not being spied on (at least, not very much) then what's the problem?
The problem is that the U.S. isn't the only government with the capability to spy on people around the world. For one, the U.S. cooperates with four other nations — New Zealand, Australia, the U.K. and Canada, which are collectively called the "Five Eyes" — to share citizen data and avoid own-country and international legal surveillance restrictions.
For example, Australia shares citizens' raw information with its intelligence partners; the NSA paid the U.K.'s GCHQ spy agency hundreds of millions of dollars for access to their intelligence programs, including a webcam-chat image-collecting program that took snapshots of 1.8 million Yahoo users around the globe (including sexually explicit content); and according to the U.K.'s former home secretary David Blunkett, the NSA freely offers the GCHQ data its obtained on U.K. citizens (rather than waiting for GCHQ to request it) in order to bypass the U.K.'s anti-domestic spying laws. Isn't it at least conceivable that data in that partnership could flow in the opposite direction?
Beyond the "Five Eyes," the NSA provides Israel raw data without filtering out data on U.S. citizens, according to a leaked memo. And beyond that, lots of other governments who aren't necessarily friendly with the U.S. are getting in the mass surveillance game. Even if you trust the U.S. government and NSA, do you trust Russia, China, Syria, and so on? Do you ever plan to travel outside the U.S.?
Going back to the recent NBC Snowden interview, Snowden told the iPhone-toting Williams, "The NSA, the Russian intelligence service, the Chinese intelligence service, any intelligence service in the world that has significant funding and a real technological research team can own that phone the minute it connects to their network."
And just Friday, on the anniversary of the first published Snowden leak, The Guardian and Vodafone, one of the world's largest mobile phone and fixed broadband providers based in the U.K. and operating around the world, published a transparency report showing that 29 countries requested or regularly obtain wiretaps to listen to calls, or look at text messages, chats, and emails. Six of those countries, which remain officially unnamed because "certain regimes could retaliate by imprisoning [Vodafone's] staff," have direct, warrant-less, unfettered access to all data traveling through Vodafone's local networks.
3: Cyberspace Isn't as Secure as We Like to Think
Maybe it's because the NSA disclosures began piquing our interest in cyber security, but 2013 and this year have been full of attention-getting stories about cyber crime, cyber theft, security vulnerabilities, and hack attacks.
Whether you're an Australian waking up in the middle of the night to realize your iPhone has been hijacked, one of the tens of millions of holiday shoppers who were exposed to Eastern European credit card fraudsters by Target's mismanaged cyber-security, or other major consumer companies, like Adobe and eBay — or even vital American industries like nuclear technology firm Westinghouse Electric and U.S. Steel, which the U.S. recently accused the Chinese military of hacking — we now know that digital data is about as secure from random thieves, criminals, and hackers as it is from the NSA.
A recent CNN Money/Ponemon Institute report revealed that 110 million Americans, or about 47 percent of adults, were hit by hack attacks in the last year alone. Those attacks resulted in personal data theft that included names, credit or debit card numbers, email addresses, phone numbers, birthdays, passwords, security questions, and physical addresses.
"If you're not a data breach victim, you're not paying attention," said the Ponemon Institute head, Larry Ponemon.
Another recent report by PricewaterhouseCoopers found that corporations are afraid they're losing the "cyber arms race" against hackers. "Cyber criminals evolve their tactics very rapidly, and the repercussions of cybercrime are overwhelming for any single organization to combat alone," said David Burg, PwC's Global and U.S. Advisory Cybersecurity Leader.
Check out A Year Since Snowden — Part 2: The last two things you need to know — We allowed this to happen, and we can still get control of our privacy back.
Subscribe to Latin Post!
Sign up for our free newsletter for the Latest coverage!