Edward Snowden is safe from American “justice” for the moment, and he certainly will go down as the most effective whistle-blower in history. His revelations are going to cause a wholesale restructuring of the world’s most important communications system, the Internet. And that, rather than his whereabouts and fate, is now the real story.
On Aug. 8, Lavabit, a U.S.-based email service provider that promised to keep its clients’ communications private, closed down. The U.S. National Security Agency approached it about six weeks ago demanding the same access to its customers’ emails that it already has extorted from big American Internet companies including Google, Facebook, Yahoo, Amazon and Microsoft.
The company’s owner, Ladar Levison, is under an NSA gag order, but he wrote to his clients: “I have been forced to make a difficult decision: to become complicit in crimes against the American people, or walk away from nearly ten years of hard work by shutting down Lavabit. I would strongly recommend against anyone trusting their private data to a company with physical ties to the United States.”
Jon Callas, co-founder of Silent Circle, another encrypted email service that has just shut down because it cannot protect its clients’ data, went even further. “Email [that uses standard Internet protocols] … cannot be secure,” he wrote.
The mass surveillance being carried out by the NSA not only gives the U.S. government access to everything Americans say to one another. It also destroys everybody else’s privacy, because the standard Internet routing protocol sends messages not by the shortest route, but by whichever route is fastest and least congested. That means, in most cases, through the United States, and therefore straight into the hands of the NSA.
Snowden’s revelations so far have told us about two major NSA surveillance programs, both probably illegal even under American law. The first collects the mobile phone records of more than 200 million Americans.
Don’t worry your pretty head about that, darling, said Sen. Dianne Feinstein, chairwoman of the Senate Intelligence Committee: “This is just metadata, there is no content involved.” The NSA isn’t actually listening to your calls.
Well, of course it isn’t listening to billions of calls. Machines can’t listen to calls, and who has the manpower to do it with human beings? But machines can quickly use the call logs (metadata) to identify everybody you ever talked to, and everybody they ever talked to, and so on out to the fourth or fifth generation.
If one of those thousands of people ever spoke to somebody abroad with a Muslim name (or somebody who works for Siemens, or Samsung, or some other industrial competitor of the United States), they may take an interest in you. If you’re an American who has never had direct phone contact with anybody abroad, they may then apply to access the content of your calls and emails under the Prism program.
The Foreign Intelligence Surveillance Court, which reviews such applications, has refused precisely 10 of them (out of 20,919) since 2001. Besides, the content of most Americans’ messages probably can be examined without recourse to the judges under one of the blanket authorizations issued by FISC. And if you’re not American, or an American resident who once spoke to somebody abroad by phone, then you’re in a free-fire zone.
If you are American, you probably don’t care about that, because you are mesmerised by the guff about a huge terrorist threat that the security barons use to justify the endless expansion of their empire (now almost a million employees). A recent opinion poll by the Pew Research Center found that 62 percent of Americans think “fighting terrorism” is more important than worrying about personal privacy.
But if you belong to the great majority of Internet users who are not American, are not in a perpetual sweaty panic about “terrorism” and have no protection whatever under American law from the NSA’s spying, then you will want ways to avoid it. So the market, or other governments, will create ways.
What’s needed is a big investment in Internet switching capacity in countries where the spies are not completely out of control. Then non-Americans can just join one of the many servers that will spring up to meet an exploding demand for secure Internet services.
Finnish Internet servers already are emphasising the security of their services. Germany, whose memories of the Gestapo and Stasi secret police make it particularly sensitive about the NSA’s spying, may take the lead in building non-U.S. Internet capacity, or it may be big countries such as Brazil and India that are relatively invulnerable to U.S. pressure. But this is a huge market opportunity, and it will get done.
And the losers? The big U.S. Internet providers, which will find that few of their customers want to store their data in American “cloud” services.
“If businesses or governments think they might be spied on,” said Neelie Kroes, vice president of the European Commission, “they will have less reason to trust the cloud, and it will be [American] cloud providers who ultimately miss out.”
As Jennifer Granick, director of civil liberties at the Stanford Law School’s Center for Internet and Society, put it recently: “America invented the Internet, and our Internet companies are dominant around the world. But the U.S. government, in its rush to spy on everybody, may end up killing our most productive industry.”
Gwynne Dyer is a London-based independent journalist whose commentary is published in 45 countries.