Who hasn’t heard his last name, if not his first? Edward Snowden. Just as there are thousands of keywords set by our security establishment to target a person for further investigation, so too do we now have hundreds to describe the current state of data security in the modern world.
Fortunately for me as a student with very little time, the enormous saga of Edward Snowden and his leaks lies just outside the scope of this column. That being said, a summary of this summer’s news might benefit the uninformed. Until early June, Edward Snowden was an intelligence analyst working for the firm Booze Allen, a defense analytics firm working under contract with the NSA. As many know, he fled to Hong Kong shortly after leaking internal PowerPoint slides describing a program called PRISM, which used network analytics to find targets for further surveillance. Although the NSA claims analysts such as Snowden require clearance before targeting an individual, Snowden’s leaks seem to indicate that low-level employees could setup wiretaps and otherwise spy on people worldwide with virtually no authorization, whether by internal means or through the courts. Since these initial revelations, the scandal has grown to include many related programs, including some with foreign intelligence agencies to spy on each other’s citizens so as to avoid legal trouble. It also seems clear that the director of the NSA, James Clapper, lied to Congress on several occasions regarding the scope and nature of these programs. As far as I know, there are no plans to charge him with perjury.
I am of the opinion that Edward Snowden isn’t important in all this. Whether you see him as traitor, a patriot or a secret foreign agitator is irrelevant to the issue of internet security, so long as you take the information he leaked at face value. The internet age will continue whether he remains in Russia or comes back to the U.S. to face trial. The issue is not Snowden, his motives or his character, but the information he leaked.
The encroachment of the security establishment will also continue to be unabated regardless of Snowden’s fate, for that encroachment feeds off the connection of our real lives to our internet behaviors. This development in society has been a gold mine for a new security establishment rivaled only by the military-industrial complex. We now have a latent police state, and I feel there’s no hyperbole in that statement. Under the guise of protecting us from terrorists and other ner’er-do-wells, people like Michael Chertoff, the former head of Homeland Security and James Clapper have come to see themselves as the best defense against these actors. This is not only a system consisting of institutions and industry, but also one consisting of individuals with obvious protector complexes. It is a cancer upon our rights and an insult to our independence as citizens in a free democracy.
I would tell you now to delete your Facebook and stop using Google, but I just wandered over to both without thinking. The process of retrieving our rights is difficult when we are so intertwined with the internet in our daily lives. No one is going offline anytime soon, so the only way out of this latent police state is forward into a new era of rights and responsibilities. I say rights because nothing you do will stop some level of collection of data, so this must eventually be limited by law or constitutional amendment. I say responsibility because no amount of slacktivism and whining on Facebook and Google+ will stop Facebook and Google from complying with government orders until people reject their compliance.
This column, then, seeks to do what few in national circulation will: teach the campus community to vote with their clicks. I want to teach our campus how to limit their involvement with the national security apparatus through all legal means possible because I believe these activities are not simply an overstepping of bounds, but a wholesale violation of our rights, specifically those enumerated by the Fourth Amendment. I invite you to read about my exploration of digital security at Grinnell and how it relates to the national scandal. No one will give you rights, so take them or encrypt them until they are yours forever.
Since first writing this, it has come to light that most standard forms of encryption, i.e. those used for banking and online purchases, have been broken by the NSA and it’s partner in the UK. This indicates that only strong encryption, the kind that doesn’t occur automatically, will be required to protect one’s data. Read the next column to learn how to use strong encryption for files and emails.