Date:7 October 2013
National security – by Glenn Derene
A series of classified documents leaked by former National Security Administration contractor Edward Snowden put US Government officials on their heels in June, forcing them into an uncomfortable debate about privacy and national security. But the leaks also raised questions about the role of US companies in America’s surveillance operations.
James Clapper, the director of national intelligence, defended the programmes as legal – and indeed, it seems that the NSA’s snooping efforts were conducted with the oversight of Congress and Foreign Intelligence Surveillance Act (FISA) courts. Nevertheless, privacy advocates reacted with outrage. Within days of the disclosures, the American Civil Liberties Union had filed a lawsuit against the NSA.
There is still plenty of mystery surrounding the two programmes, but Snowden’s documents show the outlines of one surveillance operation that collects the metadata about – but not the content of – Americans’ domestic phone calls. Another, known as PRISM, focuses on the actual content of the online communications of foreigners. What’s especially controversial about PRISM is the involvement of nine large American tech companies, including Microsoft, Google, Facebook and Apple, that the NSA uses to gather its information. These companies have worked hard to clear up what they claim are misconceptions about how much access the government has to their users’ data. But the companies are legally barred from disclosing many details of PRISM.
Given the information we have, how bothered should we be? There are legitimate privacy concerns regarding the mass collection of American phone records. But foreigners aren’t protected by the US Constitution. Every nation with the means to do so conducts espionage on enemies (even allies). So why not get as much intel on foreign communications as possible?
Here’s why: collecting vast quantities of user data from Americanbased multinational companies could end up poisoning their reputations and harming their business. Consider how the US economy has changed in the past 40 years. Some of the most ascendant companies in America since the 1970s have been in the information technology sector. Industry giants such as Microsoft, Apple, Facebook and Google are major exporters of information services (if you can think of such a thing as exportable). Products such as Gmail, iCloud, Facebook Messenger, Exchange and Azure have hundreds of millions of users worldwide. These companies have always been uneasy participants in the intelligence process, and now it’s been revealed that they are required by law to routinely give up user communications to the NSA.
If you live in Japan, India, Australia, Mexico or Brazil, and you use Gmail, sync your photos through iCloud or chat via Skype, how would you feel about that? Let’s say you run a business in one of those countries that relies on information services from a US company. Does that make using such a service a business liability? It almost definitely makes it a national security risk for any other government to use information services from companies based in the US.
How should America expect the rest of the world to react? Other countries could respond by routing around the US information economy – developing, even mandating, their own competing services. (The interior minister of Germany has already advised his country’s citizens to avoid Web services that go through American servers.) The PRISM programme is effective because of the dominance of US companies in the information services sector. But that could change if American companies are deemed untrustworthy.
What’s more, by forcing tech companies to give up foreigners’ data, the authorities open them up to litigation in foreign countries. Many European countries have strict data-privacy laws, and PRISM puts tech companies that do business with Europeans in a bind: give up foreigners’ user data and run afoul of EU law, or refuse to give up that data and get into trouble with the US Government.
Intelligence gathering has always been a question of priorities. America has developed a formidable arsenal of technological tools to find and catch terrorists. Those threats are real. But so are concerns that a vital section of America’s economy could suffer collateral damage.