This night [june 7, 2013], news broke that the USA’s security agencies have been wiretapping essentially every major centralized social service for private data. Photos, video conferences, text chats, and voice calls – everything. We have been saying this for years and been declared tinfoil hat and conspiracy nuts; it’s good to finally see the documents in black on white.
Text: Rick Falkvinge med tillåtelelse för återpublicering i NewsVoice
This night, European time, the news [Washington Post] broke that the USA’s National Security Agency (NSA) has had direct access to pretty much every social network for the past several years, dating back to 2007, under a program named PRISM. Under the program, a number of social services voluntarily feed people’s private data to the NSA. In short, if you have been using/uploading
- video or voice chat
- stored data
- VoIP calls
- file transfers
- video conferencing
- (and more)
…from any of…
- Microsoft (incl. Hotmail et al), since Sep 11, 2007
- Google, since Jan 14, 2009
- Yahoo, since Mar 12, 2008
- Facebook, since June 3, 2009
- PalTalk, since Dec 7, 2009
- YouTube, since Sep 24, 2010
- Skype, since Feb 6, 2011
- AOL, since Mar 31, 2011
- Apple, since Oct 2012
…then you have been wiretapped, and still are.
This piece of news broke just after it was revealed that the same NSA is demanding phone records from one of the major telco operators in the USA, and presumably all of them.
In short, practically every single service you have ever been using that has operated under the “trust us” principle has fed your private data directly to STASI-equivalent security agencies. Practically every single one. The one exception notably missing from the list is Twitter (but Twitter uses broadcast messages – you shouldn’t write anything secret on Twitter in the first place).
Carefully note that this PRISM program is not unique to the USA: Several European nations have the same wiretapping in place, Sweden among them.
Also, these agencies share raw data freely between them, trivially circumventing any restrictions against wiretapping the own population (“I’ll wiretap yours if you’ll wiretap mine”).
This piece of news practically detonated when it hit this night. We have been saying that this is the probable state of things for years – it’s good to finally get rid of those tinfoil hats, with facts on the table. Predictably, the social comms companies named in the NSA slides are out scrambling with statements and comments.
Google, for example, said in a statement to the Guardian:
“Google cares deeply about the security of our users’ data. We disclose user data to government in accordance with the law, and we review all such requests carefully. From time to time, people allege that we have created a government ‘back door’ into our systems, but Google does not have a back door for the government to access private user data.”
As a politician, what strikes me is how carefully crafted this statement is to give the appearance of denying the allegations, without doing so. It stops exactly short of saying “the presented allegations are lies”.
[UPDATE: The follow-up response from Google’s CEO changes this picture completely. See the followup article. You’ve still been wiretapped if you’ve been using a centralized communications service, but through no fault of Google.]
For example, a system could be in place that continuously fed the NSA data from Google servers in accordance with the NSA documents, and the above Google statement would still be true (if Google feeds data to the NSA, rather than the NSA fetching it from Google).
Microsoft – whose motto is “Privacy is our priority”, the Guardian notes – was the first to join the PRISM program in 2007. On the other hand, that company was never trusted much, so I don’t see a lot of surprise.
What we learn from this is something that us net liberty activists have known and practicedall along: if you want your data to be private, you can trust no one with it. No one. You must make sure to encrypt it yourself. Only then can you place it in the custody of somebody else. Putting an unencrypted file on Dropbox, Google Drive, sending it in e-mail, etc., is and has been the equivalent of shouting it out to the entire world.
A system that requires privacy, but is built on the assumption on trust in a third party, is broken by design.
You can only trust systems that are built around the principle of distrusting the entire world (like bitcoin, nota bene), or systems that are physically under your control.
Note that I say physically: having virtual servers “in the cloud” is not enough, for an administrator of that cloud can trivially go in and take everything you’re processing there and feed it to whomever they like, and must be assumed to do so.
For the same reason, having your own servers in a rented datacenter is not enough, either: an administrator of the datacenter can give access to your computers to whomever they like. That is the reason why I have servers for this site and other sites of mine running on my own balcony:
Photo: The servers for this journalistic site, and other sites with more sensitive personal information, are under my physical control.
This is the reason you cannot trust Dropbox, Gmail, Skype and similar services with anythingremotely sensitive.
If you have sensitive data, you need your own servers to store and communicate it. Servers that are physically under your control. That is why you should be running encrypted SparkleShare on your own file servers rather than Dropbox in the cloud; that is why you should be running default-encrypted Mumble on your own servers rather than using Skype; that is why you should be using RedPhone from your cellphone instead of regular voice calls.
It’s already a matter of life and death in many places on the planet. Also, do note that it may not be the laws today you have to worry about: Everything is recorded and stored, and your innocent words today may come back to haunt you 30 years down the line under a different administration.
Privacy is your responsibility. You can trust no one.
As a final note, this shows very much why pirate parties are needed – worldwide – to kick politicians who authorize these egregious violations out of office, off the coast and into the ocean. (I usually write “next state”, but people from that state always complain how people there don’t want them either.)