The Guardian has a presentation called The NSA Files that is the most brilliant rich media presentation of a complex subject I have ever come across outside of a museum. So go read it, even if it is just to see the presentation.
As technology races ahead, from time to time public debate and the law of the land must catch up to it. Government surveillance is one of the most important technology issues of our times. In the US, the NSA files have already had a profound impact on the perceptions of Americans about surveillance and civil liberties. Outside the US, Germany is aghast that the US and UK, NATO allies would spy on Angela Merkel and Germany. On the other hand, there is some evidence that the NSA has aided in combating Mexican drug cartels and prevented terrorism.
The political issues surrounding mass electronic surveillance are complex and do not lend themselves to quick fixes. The issues at stake involve civil liberties, anti-terrorism efforts and international spying, among other things. It might take a decade of public education and wrangling in courts, legislative bodies, NATO and perhaps even the UN, before policy, practice and the law around surveillance settles down.
Leaving aside the political issues, the NSA files will feed a long surge in surveillance and anti-surveillance technology. Snowden’s leaked files are like the Trinity test – the first detonation of a nuclear bomb. Prior to that governments knew that a nuclear bomb was feasible and some were feverishly working on making one, but the public did not really know much about it. The Trinity test, first brought the power and potential horror of a nuclear bomb to the attention of people around the world. And just like Trinity set off a nuclear arms race that lasted for decades, the NSA files will set off a “Snoop Brawl” which will lead to a burst of technology spending around the world. But unlike the nuclear arms race, which was a race principally between nations, this Snoop Brawl is going to be multi-faceted; many players and many fist fights.
Country vs Country
Countries now realize, if they hadn’t actually known it all this while, that the NSA gives the US almost unfettered access to their secrets – those of their governments, politicians and companies. Dilma Roussef, Petrobras, Ban Ki-moon and Angela Merkel were all targets of the NSA; none of which can be justified by national defense. Surveillance is not a single-purpose (e.g. protect the country against terrorism) tool. It is an arsenal of weaponry to project a country’s power and further its interests. And no country has a bigger arsenal than the NSA.
Not China for sure. A few months back, China was pilloried for not doing enough to stop Chinese hackers, allegedly sponsored by the Red Army. That doesn’t seem so egregious anymore. If all major countries decide to bolster their electronic espionage and counter-espionage capabilities, that itself is going to be a lot of hardware, software and thousands of tech jobs.
Country vs Citizens
The NSA collectes metadata on all phone calls in the country – who called whom, when and from where. It is easy to see how this data could be very useful in tracking the networks involved in illegal activity. Or political opponents. If information is power, this is the hammer of Thor (Thor 2 was so-so by the way). Which country that isn’t shackled by its laws, can pass up the opportunity to gather this data?
Outside of a few advanced democracies with active civil liberties protection groups, there is no countervailing force to stop a government from collecting and using this data. The only hurdle is the technology and skills to mine a massive data set like this. Which money can buy. Expect countries to spend a lot on this and other Big Brother technology.
While this gives the government a valuable instrument to catch the bad guys, the very same instrument, in the wrong hands could be used to suppress democracy itself. Or give more power to despots. Expect big orders from tin pot dictatorships as well as big nations where ruling classes are trying to quell democracy.
Companies vs Governments
The US is a hub for internet companies and cloud companies that carry the private data of people and businesses around the world. Much of this data travels through pipes in the US or sits in databases controlled by US companies. Courtesy of Snowden now the world knows that US companies have been cooperating with the NSA with no disclosure to the customers.
European and other advanced nations are likely to enact laws that prevent companies like Google and Apple from becoming listening posts for the US. They may require these companies to “fragment their clouds” and keep the data of their, say, German customers in Germany with restrictions on who can this data be shared with.
On the other hand, companies like Google will have to work hard to regain the trust of their customers. Google is already taking measures to prevent the NSA from eavesdropping without them knowing. Apple is making noises that they might challenge the legality of not allowing them to disclose when information has been shared with the government at their request.
Companies vs Companies
The other things that all companies will realize – not just cloud companies with user data – is that their IP is not safe. In the past year, the Chinese hacking incidents being reported have already raised awareness of this issue. But what the NSA files make clear is that ethics and national interest seem to have no intersection at all. Every country may be spying on foreign companies that can bring value to leading companies in that country. Protection of IP and confidential information will become a key concern for companies. Much more than it is today.
Consumers vs Companies and Governments
Consumers are going to increasingly want to know how their communication and confidential information is protected by online services. Now that they know that “Enemy of the State” is for real what steps should they take to protect themselves? Encryption and information security are complex technical issues which most people don’t understand or even care about. Perhaps there is a need for “information security rating agencies” that rate online services on how they protect users’ confidential data – from hackers and governments everywhere. Perhaps people will increasingly want to roll-their-own email rather than use Gmail or Yahoo mail.
Like the nuclear arms race, the Snoop Brawl will create a flood of spending from both governments and companies. And exactly like the nuclear arms race, it leaves no positive impact on the human condition.
My blog post | Government Mass Surveillance Will Create a Surge in Technology Spend | 6 AM Pacific http://t.co/ORG7Jg1ucS
It feels like there are no rules. So the strongest party (or the one with the least ethics) will “win”. This is rather sad – but you are absolutely right. I can see products built for use for very high confidentiality emails, documents etc. that are built for compliance, multi-factor Auth etc. Companies in MFA (mutl-factor auth) should be the early winners. That’s the least you can do!
Unfortunately, this takes away from building to solve real world problems and connecting the un-connected people (and things).
RT @basabp: My blog post | Government Mass Surveillance Will Create a Surge in Technology Spend | 6 AM Pacific http://t.co/ORG7Jg1ucS