This is the 1st blog of the MyShadow series: "Why shrugging at the Snowden revelations is a bad idea"
Author: Maria Xynou, Researcher at Tactical Tech
Let's be honest. Following the Snowden revelations, how many of us thought or said:
"I'm not surprised! We already knew we were under surveillance!"?
Likely many of us.
True, some already knew that most countries in the world have had surveillance laws and schemes in place for a while – especially following the 9/11 attacks in the United States. Furthermore some knew about ECHELON from European Union reports or from various rumors. Some had also heard about the NSA's Total Information Awareness (TIA) programme – renamed as the Terrorism Information Awareness programme - as reported in various newspapers. These general topics and some specific surveillance programs are of course part of a larger discourse over many years - in some cases ongoing for decades.
Yet, even those of us who were aware of all of this were shocked when Snowden started leaking confidential documents about the NSA and GCHQ's secret surveillance. And here are some reasons why:
1. We now have proof that intelligence agencies spy on almost all of us
“Accidentally” accessing the “wrong website” without using anonymity software, such as Tor, including a flagged-for-surveillance word in one of your emails or phone calls, or being connected – directly or indirectly – to the “wrong” people through your Facebook photos, for example, might lead to the surveillance of your private communications.
Surveillance systems are designed to uncover the “hidden relationships” and “patterns of behaviour” of “normal” citizens – which could potentially include anyone.
Spying on everyone and everything appears to be the doctrine that the NSA and GCHQ are following. According to the documents leaked by Snowden, the NSA and GCHQ's operations are not limited to targeted surveillance, but expand to the mass and indiscriminate surveillance of almost all communications around the world through a “collect it all” strategy – often without warrants and court oversight.
In other words, surveillance is not limited to the communications of the “bad guys”, but expands to all of our communications – regardless of if we have “something to hide” or not. And Internet users who are not linked to any criminal activity account for most of the communications content stored by the NSA.
2. We now have proof that our trust in companies which handle our private data has been compromised
Do you use Google? Facebook? Skype? Big commercial companies, such as Google and Microsoft, have promised to protect our personal data, which is one of the reasons why we have probably, directly or indirectly, trusted them with our private photos, personal ideas and opinions, private contacts and more.
However, the documents leaked by Snowden reveal that such trust has been compromised.
Our private emails, chats, photos, videos and file transfers are routinely being collected by the NSA from companies that include Google, Facebook, Yahoo, Skype, Apple, PalTalk and AOL. And such data can then be accessed by the FBI and the CIA. The data centres of both Google and Yahoo have been infiltrated by the NSA and by the GCHQ, which allows them to transfer millions of records to the NSA's data warehouses every day. Other documents indicate that Microsoft's data centres, which include services such as Hotmail and Windows Live Messenger, might have also been broken into by intelligence agencies.
Additionally, Microsoft has been collaborating with the FBI to develop surveillance backdoors which provide it access to its products. In other words, services that we trust, such as SkyDrive, are being accessed by the NSA through the backdoors that Microsoft has created in collaboration with the FBI. But that's not all; a new collection capability was developed last year which allows the NSA to collect “buddy lists, credit card info, call data records, user account info, and other material” from Skype. And to make matters worse, it has also been revealed that Microsoft has handed the NSA access to encrypted messages.
Our private lives exist on the servers of some of the largest commercial companies in the world, such as Google, Microsoft and Facebook. Such companies have promised to protect our personal data and while such promises might be earnest, things are actually a bit more complicated. In some cases, companies have been pressured into complying with intelligence agencies. In other cases, they might not have been aware that intelligence agencies had access to their servers and data centres.
And while all of this might be debatable, what is not debatable is the fact that our personal data appears to be compromised in the process.
3. We now have proof that intelligence agencies around the world collaborate with the NSA in creating a global surveillance ecosystem
In some cases, intelligence agencies around the world – such as the Swedish FRA – collaborate with the NSA by spying on the leaders of other countries, by sharing intelligence data and by having access to each other's mass surveillance systems.
In other cases, intelligence agencies from numerous countries collaborate with the NSA by providing it direct access to the fibre optic cables which make up the backbone of their Internet. Not only does the NSA work closely with the so-called Five Eyes surveillance alliance – including the United States, the United Kingdom, Canada, New Zealand and Australia – but also with numerous other countries, including Singapore, Saudi Arabia, Pakistan, Tunisia, Thailand and the United Arab Emirates.
And while many governments around the world have been targets of NSA surveillance, that hasn't prevented numerous intelligence agencies around the world from fostering the NSA's global, mass surveillance regime in secret.
As such, the Snowden revelations appear to be about an entire surveillance ecosystem being built right under our nose which can potentially entrap us when we least expect it.