How Will Internet Security Change Post-Snowden?

Since June, thanks to the information disclosed by National Security Agency (NSA) whistleblower Edward Snowden, a troubling truth has come to light. The internet, and with it the entire gamut of new communication technologies, have become the centrepiece of a gigantic, secret and complex system of mass surveillance used by governments to spy on citizens, on allies and enemies.

Picture: Getty Images

The Snowden files are quite revealing of the shifting role of communication technologies in democratic societies: from a much-talked-about technology of freedom to one of surveillance.

Evidence shows that American intelligence agents are using hackers’ tools to infect users’ machines and acquire the information they need. Reportedly, the NSA has used specifically designed malware to infect more than 50,000 computer networks worldwide to steal sensitive information.

One of Snowden’s leaks is a NSA memo named “SIGINT [Signals Intelligence] Strategy 2012-2016”. It shows that the agency’s priority for the future is to “aggressively pursue legal authorities and a policy framework mapped more fully to the information age” in order to be able to track the online activities of “anyone, anywhere, anytime”.

More worryingly, according to other documents leaked by Snowden, the NSA is able to collect data each day from “between 30 million and 50 million unique internet provider addresses”. This is real-time data that provides the agency with crucial information to name, localise and map the movements of the owner of the device connected to any of those IP addresses.

Showing a certain penchant for irony, the NSA calls the program the “Treasure Map”.

Have we gone too far?

Ideally, democratic power should always be accountable and open to scrutiny. But the secretiveness and pervasiveness of the many surveillance systems that surround us (both at state and corporate level, within and across borders) shatter the idyllic image of democracy we have cultivated for decades.

These highly complex systems literally disintegrate the spatial and geographical unity of people into streams of rights-less digital bits of data. No democratic system can survive and thrive in this context.

It is worth pondering whether or not we have gone too far in our quest to become a fully functional technological society. This is a quest that carries with it a great danger of displacement: technology evolves, but society – that is, both the institutions that constitute it and the people that live within it – seem to lag dangerously behind.

Our lives are continuously and necessarily immersed in a cacophony of data streams that are essential to our way of life, even though most of this data is beyond our ability to make sense of or even being aware of it.

The road ahead

The solution to this problem is very complex and cannot be handled by one body. It must be both a national and an international effort: an open process involving all stakeholders.

Laws must be rewritten to define adequate safeguards for users and restrain the excessive legal powers with which many governments can request to access to their citizens’ data.

In the latest edition of the Web Index, a report published annually by the World Wide Web Consortium, only five countries out of 81 surveyed were found to follow:

…best practice standards for privacy of electronic communications, meaning both an order from an independent court and substantive justification must be provided before law enforcement or intelligence agencies can intercept electronic communications.

Australia, the UK and the US were not among those five.

Whistleblowers’ role in our increasingly complex and secretive society has become of great importance. And yet, we still attach to them a certain stigma. We often call them traitors. In these troubled times this is the wrong approach. As Tim Berners-Lee, the inventor of the world wide web, put it:

…at the end of the day when systems for checks and balances break down we have to rely on the whistleblowers – [hence] we must protect them and respect them.

Parliamentary oversight has proven itself inadequate to protect citizens’ privacy in a growingly complex information society. Many politicians have no idea how the internet works.

The shape of things to come

We need to devise new mechanisms to control the controllers. We need to properly employ and empower the online community as a watchdog over the integrity of the system.

IT companies should create external non-partisan ethical committees to oversee some of their policies and assess the real efficacy of their encryption protocols. For instance, bodies like the Worldwide Internet Consortium or the Internet Engineering Task Force (IETF) should be an integral part of this process.

Parliaments should also make extensive use of crowdsourcing to craft important pieces of legislation concerning the internet. Brazil has proven to be a step ahead of many with its Bill of Rights for the Internet (Marco Civil da Internet). Admittedly, the process has not been without hiccups and the text of the proposed law is still far from perfect.

Changing the trajectory of our future is crucial. If not adequately dealt with, the NSA’s pervasive system of mass surveillance may well represent the shape of things to come. It will be a 21st century society of control, where the sophisticated exercise of power will be invisible to most of us, and all we will be left with is a quasi-phantom version of the democratic life we thought we knew.

Giovanni Navarria is a Post-Doctoral Fellow at the Institute for Democracy and Human Rights at the University of Sydney, He does not work for, consult to, own shares in or receive funding from any company or organisation that would benefit from this article, and has no relevant affiliations.

This article was originally published at The Conversation. Read the original article.