NSA PRISM surveillance: Necessary evil or a misuse of power?
Is indiscriminate surveillance by agencies such as the NSA ever acceptable? Khidr Suleman wrestles with his conscience.
Is digital privacy dead? When former NSA analyst and whistle blower Edward Snowden outed Project PRISM over the summer, he presented a convincing case that the US government is watching us.
Following the revelations, the NSA admitted that it "touches" 1.6 per cent of data which passes through the internet every day. However, it claims the collection is the equivalent of putting a dime on a basketball court and that just 0.025 per cent of data is reviewed by analysts.
This may not sound like a lot but it still means the NSA processes around 29 PB of data per day - more data than the 20PB web giant Google handles on a daily basis.
Is this form of indiscriminately monitoring on such a global scale simply the price we have to pay for all the technology we can use in the modern world. Or is it a giant leap too far? And can the positives of such surveillance ever outweigh the negatives?
Pro Surveillance: Sacrifice for the greater good "The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it," Albert Einstein
Isn't the whole point of the data collection to make the world a safer place? The internet is now critical to our daily lives. Not only is it the primary source of information, but it's also the cornerstone of our economies - providing jobs and facilitating the transfer of goods and services. Unfortunately, the internet is also heavily abused. The web is used not only to plan, but to promote and execute atrocious actions including paedophilia and terrorist attacks.
If there is even a remote possibility that such heinous crimes can be prevented via some form of monitoring, isn't it the duty of law abiding citizens to comply? Even if that means sacrificing digital privacy? Look across Capitol Hill and you'll find plenty of people who will argue this to be the case.
The NSA claims its surveillance programmes and solutions, such as its XKEYSCORE analytics tool, are necessary. The agency claims to have captured 300 terrorists using intelligence generated from its XKEYSCORE tool, for example.
In his testimony to a Standing Committee on Intelligencein June, NSA chief General Keith Alexander claimed more than 50 terror plots have been foiled since 9/11 because of the programmes in place. These include plans to attack the New York Stock Exchange and the New York City subway system with possibly devastating consequences.
So is having emails scanned and meta data collected from phone calls really that big a deal, if there's a possibility that it could help save just one life? In that context, a reasonable person would likely respond in the affirmative, especially when you consider that most emails are spam, the content of phone calls are not disclosed and there is no proven impact on the daily life of innocent people.
You could go further and say that society has already willingly consented to monitoring on a daily basis. We've all got smartphones that can track our locations to within metres, ISPs have access to our internet browsing habits and, if you live in an urban area like London, the chances are your face is plastered over CCTV walls on a daily basis.
With wearable technology such as Google Glass on the horizon, the arrival of smart rubbish bins, and encrypted email services run by Lavabitin addition toSilent Mail being shut down in recent weeks, the lack of digital privacy is perhaps something we're going to just have to get used to.
Against surveillance: It's a gross misuse of power "They who can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety," Benjamin Franklin
That's what the founding father of the US would have made of Project PRISM. Data collection is illegal, questions remains over the effectiveness and the NSA seems can't be trusted with the responsibility of the powers it has been granted.
In the US, the 4th amendment in the Constitution protects civilians from unreasonable searches and seizures and sets out requirements for search warrants based on probable cause. Almost all other countries have similar laws, which aim to protect the rights of citizens.
The Human Rights Act 1998 is used by European member states and Article 8 guarantees a right to respect for private and family life a law which at times is so liberally applied that it even protects the rights of known criminals.
By collecting information from US citizens and foreigners, the NSA is breaching fundamental laws that the US and its allies are built on. And with the US Congress and secret FISA Court green lighting this without input from citizens, who's to say that further down the line these bodies may not choose to restrict other Constitutional rights. Freedom of Speech, Freedom of Religion and even Freedom of the Press may be curtailed in the future - all in the name of safety.
In fact, the limiting of Freedom of Speech already appears to have started. Google has already tried to use the first amendment to challenge bodies such as the DoJ and allow it to reveal information about data collection - unsuccessfully, so far. And the web giant isn't the only one to have been silenced.
Ladar Levison,owner of encrypted emailing site Lavabit, made the decision to shutdown the service after apparent pressure to grant access to customer information. The exact reasons behind the closure are unclear as Levison explained.
"I feel you deserve to know what's going on - the first amendment is supposed to guarantee me the freedom to speak out in situations like this. Unfortunately, Congress has passed laws that say otherwise. As things currently stand, I cannot share my experiences over the last six weeks, even though I have twice made the appropriate requests," he noted on the site.
Despite the NSA claiming to have foiled 50 attacks, questions remain over how and why some of the world's deadliest attacks such as 9/11 and the Boston bombing slipped through the net.
In the case of 9/11, reports suggest the NSA started collecting data in some form around seven months prior to the attack and that other agencies, including the FBI and CIA, knew of a substantial threat and even the identities of the hijackers. It would seem all parties involved failed to co-operate and act.
Perhaps, more worryingly, was the failure to prevent the Boston bombings given the length of time the NSA has had its surveillance procedures in place. Dzhokhar Tsarnaev, the surviving suspect told federal investigators he downloaded extremist materials from the internet, including instructions on how to make home-made pressure cooker bombs. Yet, what appeared to be a primary source of suspicious activity was not picked up in the day-to-day NSA data sweeps. And no explanation has been forthcoming.
Even if we take into account all the good the NSA does, can it really be trusted with the information it gathers? The answer, in my opinion, is no.
A leaked internal audit conducted by the NSA from May2012 appears to confirm a gross misuse of power. The audit uncovered2,776 incidents of unauthorised collection, storage and distribution of legally protected communications over a 12-month period.
Serious breaches included a violation of a court order and unauthorised use of data of around 3,000 Americans and green-card holders. Is this evidence that absolute power corrupts?
Acquiesce or object?
It's a polarising subject, but whatever your views on data collection, the NSA leak did us all a favour by getting it out in the open and generating debate. After all, you can't change something if you don't know it's happening in the first place.
People now have two options. Most will choose to do nothing. They'll simply carry on with life, which will remain unaffected, for now. Or you can sign up to petitionswhich are trying topush through reform and take steps to restore some semblance of privacy, particularly if you're tasked with dealing with sensitive information.
With the closure of encrypted email services Lavabit and Silent Mail, and assertion by Google that users can expect "no legitimate expectation of privacy", emails appears to be the most vulnerable type of communication.
But it's still possible to encrypt instant messages and phone calls using services provided by companies like Silent Circle. The Pirate Bay co-founder has also secured funding for an anti-snooping app called Hemlis in response to the NSA's data collection. And with no doubt more services set to pop-up, maybe there is still hope for privacy yet.
A daily dose of IT news, reviews, features and insights, straight to your inbox!
Why technology, cyber and privacy risk management are critical for digital transformation
A daily dose of IT news, reviews, features and insights, straight to your inbox!
Thank you for signing up to ITPro. You will receive a verification email shortly.
There was a problem. Please refresh the page and try again.