Dark clouds for the tech industry as Prism allegations expose dangers of internet age
Surveillance revelations open our eyes to inherent threat to society posed by the worldwide web
Supporters gather at a rally in Manhattan's Union Square in support of whistleblower Edward Snowden. Photograph: Mario Tama/Getty
The revelations over the past week about the scale of NSA surveillance of global digital communications is likely to be seen as a pivotal moment in the internet age.
Edward Snowden, the 29-year-old systems analyst who leaked the top secret data, has opened our eyes not only to the scale of US surveillance, but also to how the internet not only brings transformative benefits to society, but transformative threats as well.
And while the details of the NSA’s Prism programme are not yet clear, the complicity of the giants of Silicon Valley in enabling this broad surveillance is very much a key concern to arise out of the leaks. The idealistic founding myths of the likes of Apple, Google and Facebook are looking somewhat tarnished and the technology community is facing a crisis of conscience.
As is often the case, that conscience found voice in the form of Tim Berners-Lee, the architect of the worldwide web. “Unwarranted government surveillance is an intrusion on basic human rights that threatens the very foundations of a democratic society,” he told the Financial Times, as if expressing the outrage of a disappointed parent.
“Over the last two decades, the web has become an integral part of our lives. A trace of our use of it can reveal very intimate personal things. A store of this information about each person is a huge liability: whom would you trust to decide when to access it, or even to keep it secure?”
The released slides concerning Prism reveal that from 2007 to October of last year, technology firms Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube and Apple in some way agreed to facilitate NSA requests for information under FISA; Dropbox is apparently due to join the programme in the near future.
The same slides boast about the “US as World’s Telecommunications Backbone” – making explicit the strategic benefit that the US intelligence community sees in having all these companies based in the US.
The companies in question were quick to issue strident denials, though most seemed to hinge on the notion of whether the NSA had “direct access” to company servers, which is not necessarily how the FISA requests would have been facilitated.
Clearly, the denials reflect the desperation of these technology companies to contain the damage to their reputations. If the likes of Google and Facebook, firms that rely on users freely volunteering personal information, come to be seen as tools of the US military-espionage complex, their credibility will be in tatters.
The long-term implications of that would be disastrous for US technology firms. Peter Eckersley, technology projects director of the Electronic Frontier Foundation, the US digital civil liberties organisation, believes the fallout could be stark.
“We’ve been living in a state of paradox,” he says. “The web was an extraordinary thing to build, but we didn’t build it to offer people anything like the sort of privacy they’d enjoyed with previous states of technology.
“If you’re a US tech company right now, you’re probably going to be worried about the fact that well-informed customers will be making plans to leave your services. If I was in Europe and was using Google Docs for business purposes, say, my risk assessment would tell me to use something else.”
And the pressure on US tech companies won’t just be coming from users – the European Union’s much stricter privacy laws makes some form of reckoning here inevitable.
The American economics writer Matt Yglesias illustrated the quandary with an amusing analogy: “Imagine if it had come out in the 1980s that Japanese intelligence agencies were tracking the location of ever Toyota and Honda vehicle, and then the big response from the Japanese government was to reassure people that Japanese citizens weren’t being spied upon this way. There would have been – legitimately – massive political pressure to get Japanese cars out of foreign markets.”
But that analogy only goes so far – nobody in the 1980s expected cars to be tracking our location, whereas the dilution of our privacy is something we have become conditioned to over the years of using online email and social networks.
That erosion of our sense of privacy is a key factor in allowing this sort of surveillance to arise – it might seem hard to believe now, but when Google unveiled Gmail a decade ago, the inclusion of targeted ads alongside your inbox, chosen by keywords in your mail, sparked a significant debate and controversy about privacy. It did not take long for such concerns to seem quaint, and our notion of privacy had imperceptibly been shifted.
The arrival of smartphones and, in particular, cloud computing has meant we share exponentially more information about ourselves via these companies now than a decade ago, but the debate over what sort of privacy we are entitled to was effectively over.
And that broad acceptance led inexorably to the harvesting of our data for commercial purposes, with digital marketers hoping to tailor advertising based on the myriad pieces of information that can be gleaned from our status updates and location check-ins and browsing history.
For many people, the distinction between corporate and state surveillance is a largely theoretical one – having tacitly accepted one, what’s the problem with the other?
This might partly explain the first few polls suggesting that the American public is not overly concerned about NSA surveillance – when you have voluntarily devalued your own privacy through the use of these services, it is almost inevitable that government agencies will devalue it further.
But perhaps we are overstating the importance of widespread user trust to these technology companies. After all, back in 2009, then Google chief executive Eric Schmidt actually said in an interview, “If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place” .
At the time, it seemed to be just another example of Schmidt’s spectacular insensitivity to privacy issues, one of a series of gaffs he became renowned for. But in retrospect, perhaps it was a well-meaning warning – the surveillance state is coming, he seemed to be saying, so best behave. The most regrettable thing, it need hardly be pointed out, is that Schmidt’s advice wasn’t meant to apply to the NSA itself.