Privacy: The US NSA’s PRISM program appears to be a set of specialized deep-packet inspection filters combined with pre-existing wiretapping points at high-level Internet carriers in the United States. Since the program’s revelation the day before yesterday, speculations have ranged far and wide about who does what to make this surveillance state nightmare possible. Adding it all together, it would appear that the social tech companies did not, repeat not, supply bulk data about their users at the US Government’s will – but that the situation for you as an end user remains just as if they had.
The day before yesterday, news broke – no, detonated – that the NSA named nine social communications companies as “providers” for spy data. Among them were Microsoft, Hotmail, Skype, Apple, and Facebook – no surprises there, activists in repressive countries say “Use once, die once” about Skype – but also companies like Google and Gmail. This raised a lot of eyebrows, not to say fury.
The idea that the companies you trust with your most private data were handing that data wholesale to today’s Stasi equivalents was mind-bogglingly evil and cynical. As the news of this broke, the companies would have been a lot better off if they had just been found out doing something like eating live children.
The impression that companies were playing an active part in providing private data to the NSA was strengthened by the precision of the presentation – that there were dates when each company had, as it seemed, voluntarily joined the surveillance program.
Seeing the companies in question scramble to deny the allegations of the NSA deck – first from on-duty spokespeople with their polished façade, then from CEOs – was the inevitable next step. But this is where things became interesting. While the initial polished façade was barely credible, the response from the CEOs came across as surprised, open, and candid.
So far, there are three parties to this story: the NSA with its leaked slide deck naming the nine companies as data providers, the media who reported on it, and the companies denying any active part in NSA spy activities. The first reaction is that at least one of them must be lying. But I don’t think any of them are. I think the leaked deck from the NSA is genuine, I think the Washington Post and Guardian didn’t conspire to make shit like this up, and I have come to believe the response from the companies. How could this be possible?
At this point, there are three possibilities of what PRISM is:
Phi Beta Iota: What we draw from this is two conclusions and one question. The first conclusion is that the nine service providers were not actually aware at the executive level of the degree to which NSA had gained access to all of their capacity for the purpose of selective but unconstained monitoring of both foreign and domestic targets. The second conclusion — one we arrived at much earlier — is that an Autonomous Internet that is fully encrypted at rest and in transit, is desperately needed. The question is this: did NSA take the easy route of mirroring the entire take into its own database for as needed exploitation, and did it actually process down to where it found what it wanted, or is this just an exercise in total collection with zero demonstrable value in the form of decision-support? The bottom line for us is that neither the government nor the commercial sector should have unconstrained access to private communications among companies and individuals. This is, in the USA, unconstitutional. As with the world financial system that is now being dumped by the BRICS in favor of one they control, the real outcome of these disclosures should be an acceleration of emergence of “pirate” networks that commit to being unbreakable, while also commited to ending pattern analysis by obscuring points of origin and termination. Given a choice between incompetent spies and competent citizens, we embrace the latter.