Snowden and the Perseverance of Privacy

liberty_bell_jefferson_quote

If you’re not outraged, you’re not paying attention.

In early June a 29 year-old NSA security contractor, Ed Snowden, decided to go public with information that should permanently alter the discourse and decisions that balance intelligence gathering and citizen privacy in this country for the next 50 years.

In brief he detonated 2 intelligence bombs, that the NSA had,

  1. Required Verizon, via the FISA court, to disclose “the numbers of both parties on a call are handed over, as is location data, call duration, unique identifiers, and the time and duration of all calls” on all of its customers. This was not a one time requirement but an order to produce this data on an ongoing basis. via The Guardian: NSA collecting phone records of millions of Verizon customers daily
  2. Created a data mining program that had direct and complicit Access to Web Companies like Facebook, Google, and Skype. via The Washington Post: U.S., British intelligence mining data from nine U.S. Internet companies in broad secret program

Ied_snown response to these revelations Ed Snowden has been charged with espionage and has slipped out of Hong Kong to seek political asylum in Ecuador. He appears to be employing the advisers of Wikileaks founder Julian Assange who is currently in asylum in the Ecuadorian embassy in London.

These revelations represent a stunning abuse of our basic rights to freedom and privacy and the whistleblower that brought them to light is on the run.

This is not my America.

We are all at fault

In the post 9/11 era George W. Bush’s administration pushed for and a narrowly Republican congress passed the Patriot Act which broadly expanded law enforcement’s surveillance powers without sufficient judicial oversight. Then remarkably his administration went even further by embarking upon an illegal warrantless wiretapping program that when it became public required congress to enact the FISA Amendments Act of 2008 so the covert program would no longer be criminal. Lest we forget, FISA stands for the Foreign Intelligence Surveillance Act, keyword: foreign.

Every iota of privacy we are clamoring to regain from the intelligence community is a direct result of this sweeping “patriotic” legislation and its re-authorization amendments.

Amendments that have been consistently supported by Republicans. (The NSA phone surveillance program that Snowden revealed was authorized under Patriotic Act Section 215.)

However, if Bush initiated this dreadful state of affairs then President Obama has made it into an art form. Obama made such a seismic shift from his campaign trail opposition rhetoric to supporting the FAA expansions as President that the outcry from the left at the time was deafening. When you couple the AP leak investigation with these NSA disclosures you must wonder at what point do we convene congressional hearings on domestic spying and haul this administration in and demand answers under oath?

So regardless of your political persuasion it is time to take responsibility for the cess pool that our willful ignorance has hydrated. We are all at fault.

Let us now resolve to become part of the solution.

The Time is Now

If we, the citizens and voters in this Republic, do not take a vocal and visceral stand against this abuse of power and in opposition to an intelligence community operating with impunity we may very well find that we have permanently punted our ability to preserve liberty or have oversight of these “public servants” who have sworn to uphold the tenets of this country they so readily shred.

It is imperative that we ask our elected officials and candidates for Congressional office the tough questions about protecting our privacy.

It’s time to ask why 53 senators thought so little of an NSA briefing on phone surveillance that they could not be bothered to attend. Senator Pryor why weren’t you there?

Let us ignore the party affiliations affixed to the names of candidates and instead ask them to explain how they will uphold our Bill of Rights including the Right to Privacy. If their answer doesn’t demand specific warrants for domestic surveillance then it is the wrong answer and they should be voted out.

May I suggest 2 specific actions:

  1. Support the Bipartisan HR2399 LIBERT-E Act – It seeks to limit government surveillance without due process of law.
  2. Sign the StopWatching.us Open Letter to Congress – It calls for reform to section 215 and asks for a special committee to investigate the extent of domestic spying. <– 2 great questions to ask the next politician asking for your vote. Also I’d recommend following @stopwatchingus

On Snowden

There is little doubt that Snowden broke the law and at least some of the charges against him are legitimate. However, as Schneier eloquently states, “before the Justice Department prosecutes Snowden, there are some other investigations that ought to happen.”

I’m no legal scholar but perhaps we can find a way to simply indict him and release him on bail pending further review. I’d much prefer Snowden be sitting in the Capitol giving testimony than in an Ecuadorian embassy on the run from intelligence community I no longer trust.

For more enlightenment on this issue may I suggest:

Understanding Your Exposure in a Social World

Embracing social networking means your privacy is dead.

While some will bristle at this notion, I contend if you spend long enough using social platforms you will ultimately reveal some if not all of the following:

  • Where you work
  • Where you live
  • Who you hang out with

Yes, you can use privacy controls and moderate what you share but if your goal is truly connecting with others you’ll find this strategy is often unsustainable and always limiting.

Facebook and Twitter have allowed us to share our daily lives in very intimate ways and these communities reward authenticity and openness. The risk means we are putting a ton of our lives in the public spotlight.

enemy2CNN recently posted, The internet and the ‘end of privacy’, where they profiled my friend LouisGray, @louisgray, and {gasp} published his phone number. For more read his followup and see the #endofprivacy tweetstream.

You might consider folks like Louis and I extreme cases but it doesn’t diminish the fact that many of you are trending this direction.

Individual social networking is a risk vs. reward equation.

The more you open up = the more opportunities to connect = the more most anyone can learn about you.

I love social networking and I can’t begin to list the amazing people and opportunities its brought into my life but I also understand my exposure. Heck I joined twitter to follow smart hackers and to this day I’m known by a pseudonym due to my initial notions of maintaining privacy.

What I discovered is that I liked the reward side of the equation and in the past 5 years I’ve done a complete 180, but I did it with full knowledge of how this data can be used.

You should be sharing from an informed perspective.

Be aware how all of this shared data can be used to profile you. I’m not an alarmist but there are bad folks in the world. Take your personal safety into consideration.

To give you an idea what digital profiling can produce watch this excellent presentation by @DaveMarcus, Director of McAfee Labs Security Research. He’s a hacker (on this blog that is a good word by the way) and he’s showing a roomful of hackers what he can learn with nothing more than twitter, geotagged tweets, and Foursquare checkins.

Hat tip to my man IronGeek for posting the video.

“The only privacy left is inside your head, and maybe that’s enough” – Jon Voight’s character in Enemy of the State

While you may not agree with the sentiment it isn’t far from being accurate.

Privacy as a Feature

What is the number one stumbling block to location based social network adoption?

Photo by rpongsaj

Privacy.

To better judge how people use networks like Foursquare and Gowalla I did an informal survey.

twtpoll

63% of users only share their location with close friends, while 37% have a much more open approach. There are varying shades of gray in between the 2 choices I listed but I think the 60/40 split is an accurate representation of the larger user base.

The question illustrates the basic problem with geosocial apps.

To maintain privacy you have to be very restrictive whom you friend which lessens the chances of extending online connections to the offline world but the more public approach is at times just too public.

It’s time for Gowalla & Foursquare to recognize that Privacy is a Feature.

The Case for Complexity

The recent debates about Facebook have elevated the conversation of online privacy into a very public arena and this should prompt social networks to seriously consider their privacy offerings.

We’ve all heard the stories of people getting prank calls at the gym and the media salivates every time they can possibly tie Facebook/Twitter to a home break-in, while some of these incidents are a bit overblown the fact remains that sharing our exact location has ramifications.

*As a sidebar I think this is particularly important when we are talking about ladies using geosocial networks.

Facebook needed simplicity. Gowalla/Foursquare need complexity.

Checkin privacy should be a layered approach based upon two factors

  • Groups – I should be able to define a group of close friends that can see my exact location while others can only view neighborhood/city/state.
  • Proximity – I should also be able to adjust that privacy based on your proximity. If you are an acquaintance but checked in to the same location I should be able to allow them a more detailed view.

The more correct answer to my poll is “both”. Geosocial apps should offer users a better method to control who can see our current location so we can use it how we prefer.

GeoSocial adoption must have privacy as a feature.