The big internet and telecommunications companies are fighting back. The tech giants have been taking a public and private pounding over government’s spy agencies success in obtaining information from them. Outraged citizens are not only complaining but refusing to buy new equipment until assured that the technology will be safe from government and corporate access. Foreign governments meanwhile have made things more complicated. First, they registered their dissatisfaction by railing against US government interception of their communications, and second by demanding the same kind of cooperation on information access from the tech companies in their own backyards.
One of the biggest indirect consequences from Edward Snowden’s revelations, technology experts say, has been the surge in demands from foreign governments that saw what kind of access to user information the NSA received- voluntarily or clandestinely. A year after Snowden’s disclosures, the era of quiet cooperation between the tech companies and government is over. Telecommunications companies say they are rejecting requests to volunteer data not covered by existing law. A.T.&T, Verizon and others say that compared with a year ago, they are much more hesitant to collaborate with the US government in grey areas where there is no explicit requirement for a legal warrant. Eric Grosse, Google’s security chief, suggested in an interview that the NSA’s own behaviour warranted this reaction from the tech behemoths.
After years of cooperating with the government, their immediate goal is to impede Washington and other foreign powers. They also hope to preserve overseas business by assuring countries they can deliver the goods- safe from government snooping. It’s interesting to note that governments around the world have demanded the same capability to tap directly into their communication networks. Vodafone, for one, refused to name the nations for citing security risks for employees in those countries. But it is important to note that some of these foreign countries also did not obtain warrants for phone, email or web-searching traffic. They didn’t have to. The authorities already had in place permanent access to customer communications via their own direct links.
Grosse said, “I am willing to help on the purely defensive side of things.” This referred to Washington’s efforts to enlist Silicon Valley in cybersecurity efforts. But he noted that signals intercept is a no-go. That refers to bulk collection of data by the spy agencies. “No hard feelings, but my job is to make their job hard,” he added.
The latest move in the war between intelligence agencies and technology companies arrived this week in the form of a new encryption tool (see specifics below). The company released an easy to use, email encryption method to replace the clumsy and easily broken encryption schemes which the NSA readily exploited.
What are some specific steps that tech companies are taking to thwart government intrusion? Google for example is laying its own fiber optic cable under the world’s oceans. This initiative began as an effort to cut costs and extend its influence. But now it has a more immediate purpose: to assure that the company will have more control over the movement of its customer data. Microsoft is now fully encrypting all its products, including Hotmail and Outlook.com, by the end of this year with 2048-bit encryption. This is strong protection that would take a government far longer to crack. The software is protected by encryption both when it is data centers and when data is being sent over the Internet.
These are welcome development to both private and business users. The company is also setting up transparency centers, the first being in Brussels. These centers will allow governments who are customers to view technology and be assured that there are no back doors which would allow snooping by the US intelligence agencies. Most American companies said they never knowingly let the NSA weaken their systems or install backdoors. Mr Snowden’s leaks showed that NSA analysts had found a sweet spot inside Google’s data centers where they could catch traffic in unencrypted form.
Google was already wary that their internal traffic could be read and had started a program to encrypt the links among its internal data centers. Snowden’s revelations served as the proof which confirmed their suspicions and made the accelerating of the program necessary. Facebook and Yahoo have also been encrypting traffic among their internal servers. And Facebook, Google and Microsoft have been moving to more strongly encrypted traffic. The Aptly named Perfect Forward Secrecy is specifically devised to make it more laborious for the NSA or anyone else to read stored, encrypted communications.
Until last year technology companies were forbidden from acknowledging demands from the US government under the Foreign Intelligence Surveillance Act (FISA). But in January, Google, Facebook, Yahoo and Microsoft brokered a deal with the Obama administration to disclose the number of such orders they receive in increments of 1,000. As part of the agreement, the companies agreed to dismiss their lawsuits before the Fisa Court.
The government in the US and others around the world are not taking this lying down. They are pushing back harder than ever. Vodafone reported that some governments around the world have demanded the ability to tap directly into its communication networks. Again, fear of reprisals kept them from naming the countries. Robert S. Litt, the general counsel of the Office of the Director of National Intelligence, which oversees all 17 American spy agencies, said on Wednesday that it was “an unquestioned loss for our nation that companies are losing the willingness to cooperate legally and voluntarily” with American spy agencies. He cautioned that some future intelligence failure could be laid at the feet of the tech companies and their lack of compliance. He acknowledged that, for now, the days of getting information easily from the tech giants is over.
The tech companies respond that if there is an intelligence catastrophe it will be the government’s own fault. For its underhanded data collection tactics have undermined web security for all. They pointed out that, in the past, protocols produced by American intelligence agencies were co-opted by Russia and Iran. These protocols were created by The US government’s exploiting a previously unknown flaw in Microsoft’s operating system.
While this drama has been playing out, VPN enterprises around the world have flourished as a result. Savvy global citizens, wary of inscrutable government practices, have used VPN’s to protect their privacy.
Who’s at fault in this debate can be argued ad infinitum and ad nauseum. What is apparent is that the game is rapidly changing and the government, because of its past furtive behaviour, is going to have to play catch up again. It can be argued that the tech giants are merely trying to protect their business interests with both the average citizen-user and foreign government clients. Regardless, the real winner will be personal privacy advocates.