Snowden’s lawyer: governments and tech firms can keep each other in check

Edward Snowden's lawyer, Ben Wizner, director of the American Civil Liberties Union's speech, privacy and technology project, was in town this week.

I sat down with him over coffee to hear his views. Not on the challenging case of his client, but on Silicon Valley, and how Snowden’s disclosures changed how the technology industry handles data, views government, and campaigns on issues.

“I think that one of Snowden’s significant impacts, already, is forcing major American companies to be publicly averse to intelligence agencies,” he says.

“There’s this ethos around Silicon Valley of libertarianism that’s been gently mocked in some quarters because we know the Silicon Valley companies have been working hand in glove with security agencies,” he says. “By both exposing some of those links and also disclosing even to the companies some of the ways in which the security agencies were breaking in their back doors, even as they were invited in their front doors, Snowden has required these powerful entities to take public stands against the NSA [US National Security Agency] and [British agency] GCHQ. And that is important because, if those two enormously powerful entities . . . are working quietly together in the dark, the results are terrible for individual rights and liberties.”

But he notes: "If they can be a check and balance on each other I think the environment is far more favourable. I want to see the technology companies stand up for their users against unreasonable surveillance, but I also want to see the government, in this case the Federal Trade Commission [a regulatory body], protect us as consumers against these powerful organisations. That adversity . . . is very healthy for democracy."

Still, I venture, Europeans are going to concerned about whether data held in data centres in Europe, run by US companies, is secure. “I think there’s no question that already the tech companies have hugely improved data protection and encryption,” he says.

“That doesn’t prevent lawful surveillance. Those companies will be able to respond to orders from US and other courts to turn over customer data, but it does [prevent] dragnet, passive, mass collection of unencrypted data. It makes it harder for the NSA and GCHQ to sit on the backbone of the internet and passively collect everything that goes through.”

Surveillance regimes

However, the surveillance regimes exposed by Snowden will not be addressed through technology alone. Democratic reforms, with greater and more visible oversight for surveillance programmes, is also necessary. And technology companies are pushing for those too, he says.

One of the early defences to Snowden’s revelations that people heard from president Barack Obama and others in the US government “when they thought this was an American debate was, US citizens shouldn’t worry so much because most of this collection and surveillance was taking place overseas,” says Wizner.

“You don’t hear that any more, for a number of reasons. First, there was diplomatic push-back from allied governments but, more importantly I think, the heads of the major technology companies, which are getting increasingly powerful in US politics, called up and said, ‘Shut up!’,” knowing it would hurt overseas business.

He feels there’s much greater political awareness across Silicon Valley. “These companies are playing in Washington now, and they’re doing it in a very sophisticated way. They’re hiring lobbyists from both parties and using nonprofit groups to push their agendas.”

His view of this is mixed. “I think these are going to be the critical allies of the civil liberties community in putting constraints on government. At the same time, they are going to stand in the way of meaningful consumer protections, and their mantra, of course, is ‘innovation’. They say it is too early for stronger regulations because it will stifle innovation, and then sometimes in the very next sentence they say it is too late for regulation because it will break the internet.”

The bottom line, he says, is businesses need strong security, not just agreements when it comes to the NSA and GCHQ.

“The end of this process will not be a regime in which it is legally and technically impossible for US authorities to get data being stored in Europe. Nor should that be the outcome,” he says. “I hope that the end will be a regime in which they cannot passively collect it in bulk, and can only get it through compliance with open and adversarial legal proceedings.”