Sophos Cloud Optix
NSA whistleblower Edward Snowden conducted a rare Q&A session yesterday in which he answered questions put forward by Twitter users.
Snowden responded to questions about whistleblower protections, surveillance policy and America’s role in tackling the global mass surveillance problem.
During the session Snowden revealed his own thoughts on what he believes is an appropriate level of surveillance in the US, confirming that some spying is indeed necessary:
Not all spying is bad.
The biggest problem we face right now is the new technique of indiscriminate mass surveillance, where governments are seizing billions and billions and billions of innocents' communication every single day.
This level of indiscriminate spying, he said, was unnecessary and disproportionate to the threat:
This is done not because it's necessary - after all, these programs are unprecedented in US history, and were begun in response to a threat that kills fewer Americans every year than bathtub falls and police officers - but because new technologies make it easy and cheap.
Snowden said the issue of mass surveillance isn’t just confined to the security agencies within his own homeland, but he does feel that the US has a leading role to play in shaping the future:
This is a global problem, and America needs to take the lead in fixing it. If our government decides our Constitution's 4th Amendment prohibition against unreasonable seizures no longer applies simply because that's a more efficient means of snooping, we're setting a precedent that immunizes the government of every two-bit dictator to perform the same kind of indiscriminate, dragnet surveillance of entire populations that the NSA is doing.
Snowden was asked whether he thought it was worth still encrypting emails – did it even work? He answered:
As I’ve said before, properly implemented strong encryption works. What you have to worry about are the endpoints. If someone can steal you keys (or the pre-encryption plaintext), no amount of cryptography will protect you.
However, that doesn’t mean end-to-end crypto is a lost cause. By combining robust endpoint security with transport security, people can have much greater confidence in their day to day communications.
Later in the chat session Snowden highlighted how the overreaching surveillance measures, designed to improve security, were actually eroding the freedom of those they are supposed to protect:
The worst and happening-right-now harm of bulk collection - which again, is a euphemism for mass surveillance - is two-fold.
The first is the chilling effect, which is well-understood. Study after study has show[n] that human behavior changes when we know we're being watched. Under observation, we act less free, which means we effectively *are* less free.
The second, less understood but far more sinister effect of these classified programs, is that they effectively create 'permanent records' of our daily activities, even in the absence of any wrongdoing on our part. This enables a capability called 'retroactive investigation,' where once you come to the government's attention, they've got a very complete record of your daily activity going back, under current law, often as far as five years. You might not remember where you went to dinner on June 12th 2009, but the government does.
When asked about returning to the US in the future, Snowden said that would be the best possible resolution for himself, as well as the government and public.
However, he said, the “hundred-year-old law” under which he’s been charged made such an outcome impossible, not least because he didn’t believe he’d be able to secure a fair trial as the law was “never intended to be used against people working in the public interest, and forbids a public interest defense”.
Last week President Obama spoke about Snowden’s revelations:
I'm not going to dwell on Mr. Snowden's actions or his motivations; I will say that our nation's defense depends in part on the fidelity of those entrusted with our nation's secrets. If any individual who objects to government policy can take it into their own hands to publicly disclose classified information, then we will not be able to keep our people safe, or conduct foreign policy.
Additionally Eric Holder, the US attorney general, yesterday told NBC that he did not recognise Snowden as a whistleblower at all, saying that he prefers the term “defendant.”
Holder added that any question of amnesty for Snowden would be going too far.
“Not all spying is bad.”… so now he’s trying to “walk it back” as they say. I guess life in Russia with Mr. Putin ain’t so good after all.
I don’t think he’s really trying to “walk it back” here. When he was originally working as a contractor, he was working for spying services — therefore, he must have believed at the time that not all spying is bad (unless he believed himself to be behaving badly). At some point, he felt that what he discovered was being done crossed a line, and the rest is history.
NO… actually he admitted to taking the job with the sole purpose of stealing classified information, so I think he wants to come home and realizes that he can’t so now he wants to further the impression that he is the victim.
…Or maybe he only objects to the practices he chose to disclose? I don’t recall any earlier remarks that contradict that statement.
(Still, I’m under no delusion: Snowden’s safety in Russia lasts exactly as long as he is useful to Putin.)
Yeah…wikileaks sure chose the least biased questions to have him respond to! #sarcasm
Snowden makes some very reasoned arguments.
The idea of collecting data “just because they can” and then doing a retroactive investigation simply because they have the data is dangerous.
Some of the data is supposed to be metadata. People (including the UK government) use the argument that it is anonymous. Anonymous data is only that when there is one source of data. The UK want to sell our anonymous health service data. The thing is that when you combine this with other data, you can “de-anonymise” it. Take anonymous statistical data on (say) teenage cancer by postcode. Merge with the electoral register which shows 16 and 17 year olds. I am pretty sure that with this, you could identify at least some of the individuals.
There is no law then to stop insurance companies refusing these people life insurance or any other form of discrimination.
When I lived in the US I was refused a credit card based purely on statistics – when I called them up, they said “our statistics say that someone of your age with two kids is a high credit risk”. And that was that.
Snowden has exposed the cliff we are all sleepwalking towards. And we can have a reasoned debate on privacy because of this – where do we draw the line of what is for the common good v an individual’s right to privacy.
“Whistle blowing” is one thing – TREASON, quite another. He should be tried for treason, and live with the outcome.