Technology vendors and technologists will be the key to changes that “fix” U.S. government spy practices that break U.S. law and don’t work nearly as well as digital spy agencies claim, according to whistleblower Edward Snowden.
Tech companies need to make good encryption and security the default even for consumer products, but the responsibility of people in the know goes farther than plugging holes in their own security products, according to Snowden, who spoke on a live teleconference from Moscow to a session at the South by Southwest (SXSW) Interactive Festival that runs March 7-11 in Austin, Texas.
Both tech companies and individuals have to work on the politics of technology as well as the machinery to “fix” the U.S. government’s policies and practices involving surveillance of its own citizens, Snowden said in a session moderated by the American Civil Liberties Union, which live-blogged the event and posted a video of the hour long discussion with Snowden on YouTube.
“South by Southwest and the tech community, the people in the room in Austin, they’re the folks who can fix this,” CNN quoted Snowden as saying in an earlier session. “There’s a political response that needs to occur, but there’s also a tech response that needs to occur.”
“The key factor is accountability,” Snowden said in response to an emailed question from Tim Berners-Lee, inventor of the World Wide Web. Oversight systems can work, but are complex and often depend on the wrong type of people to provide the supervision.
“Overseers aren’t interested in oversight,” Snowden added, referring to members of Congress who often defend NSA surveillance efforts and weak responses to ‘lies’ about intelligence programs when the truth does come out. “We need a watchdog that watches Congress.”
Snowden appeared from Moscow, where he was given asylum after stealing and then releasing thousands of highly classified documents during a stint as an IT contractor at the National Security Agency (NSA).
Despite what may be permanent exile and the threat of arrest and prosecution, Snowden said he doesn’t regret the decision that changed his life, launched a series of global scandals over NSA spying, and set off an intense debate within the U.S. on the nature of privacy and government surveillance. “Would I do it again?” he said in response to a question from the audience. “Absolutely yes. Regardless of what happens to me, this is something we had a right to,” he said. “We need public oversight … some way for trusted public figures to advocate for us. We need a watchdog that watches Congress, because if we’re not informed, we can’t consent to these (government) policies.”
“I took an oath to support and defend the Constitution. And I saw the Constitution was being violated on a massive scale,” he said to the audience of about 3,000 who attended his SXSW session in person. Corporate surveillance may cost consumers money and privacy, but uncontrolled surveillance by governments is more insidious because “the government has the ability to deprive you of rights,” he said. “They can jail you.”
Aside from their disregard of Constitutional protections and international law, NSA surveillance programs mislead intelligence agencies and decision makers in the executive branch into thinking they know more than they really do, Snowden said. Wholesale surveillance of everyone on the Internet piles up terabytes of useless data that rarely turn up much useful information at all. NSA employees have also complained that PRISM and other large-scale programs deliver huge volumes of low-value data that eat up storage and computing resources for their computers, which have to sift through them for keywords or other indications a particular communication could be relevant to the planning of a terrorist incident. “We’ve actually had tremendous intelligence failures because we’re monitoring… everybody’s communications, instead of the suspects’ communications.”
Following the bombings at the Boston Marathon in April of 2013, for example, tips provided in person or phoned in by people in the Boston area were not as vigorously pursued as they might have been because federal agencies were focusing on digital surveillance data.
The NSA’s aggressive, highly successful efforts to eavesdrop on the phone calls of foreign leaders and crack secure foreign data centers show that it put digital attacks at the top of its priority list and almost ignored defense of the U.S. Internet and telecommunications systems, without which “our economy can’t succeed,” Snowden said.
“Every society has benefited” from his disclosures about the NSA, Snowden said, though it wasn’t his intention to push for a specific decision or response about the programs he was revealing. “What I wanted to do was to inform the public so they could make a decision for what we should be doing… data should not be collected without peoples’ knowledge or consent.”
On personal security, Snowden repeated earlier advice that “encryption does work,” and recommended services such as the TOR anonymous-proxy network.
Poor or inconsistent encryption, proxies that provide only the appearance of anonymity and an over-reliance on free services mislead even some tech-savvy users into thinking they’re protected, however. “If you want a secure service, you have pay for it,” he said.