The recent revelations of the breadth and depth of the telecoms surveillance being conducted by the United States has been highlighting the extent to which communication is no longer private. This post discusses some matters that Caribbean and non-US Internet users especially, should be consider.
Unless you have been wholly disconnected from international news over the last two weeks, we have been inundated with reports about the extent of the surveillance and spying being done by the United States National Security Agency (NSA). Although from time to time we here at ICT Pulse have been discussing the fact that Internet privacy is an illusion, and suggesting ways in which to improve your privacy online, these recent revelations indicate a more pervasive (and government-sanctioned) programme exists. Hence it is opportune to revisit not just our thoughts on privacy and the Internet, but also some of the implications of those revelations.
US telecoms surveillance in a nutshell
Through electronic surveillance projects, most notably one codenamed PRISM, the NSA has been collecting data from, inter alia, telecoms companies, such as AT&T and Verizon, and from large internet properties, such as Microsoft, Yahoo, Google, Facebook, AOL, YouTube, Skype and Apple (Source: US Today). When news about PRISM was made public, some of companies sought to refute claims that the NSA was collecting the data “directly from the servers”. However, subsequent reports have suggested that the US government has indeed been getting access to user content (Source: The Guardian UK).
To defuse some of the outcry that occurred in the US when the story broke, the government revealed that its surveillance has been geared primarily towards identifying potential threats to America. The data it receives from various sources (such as those indicated above) was being stored, and would be referred to as and when needed (Source: CNN).
With regard to voice calls, the US government indicated that it collects the metadata of those transactions, and did not necessarily listen in on people’s conversations. However, the metadata, while not capturing the actual content of persons’ interactions, can provide enough information to deduce the nature of those conversations, as the Electronic Frontier Foundation outlines below:
…What they are trying to say is that disclosure of metadata—the details about phone calls, without the actual voice—isn’t a big deal, not something for Americans to get upset about if the government knows. Let’s take a closer look at what they are saying:
- They know you rang a phone sex service at 2:24 am and spoke for 18 minutes. But they don’t know what you talked about.
- They know you called the suicide prevention hotline from the Golden Gate Bridge. But the topic of the call remains a secret.
- They know you spoke with an HIV testing service, then your doctor, then your health insurance company in the same hour. But they don’t know what was discussed…
…Sorry, your phone records—oops, “so-called metadata”—can reveal a lot more about the content of your calls than the government is implying. Metadata provides enough context to know some of the most intimate details of your lives. And the government has given no assurances that this data will never be correlated with other easily obtained data….
Revisiting online behaviour?
For those of us in the Caribbean, our telephone conversations generally might fall outside of US jurisdiction, and so not be immediately subject to PRISM and other forms of scrutiny. However, in circumstances where Internet Messaging and Voice over Internet Protocol- (VoIP) type services are being used, e.g. Skype, Viber, and iChat, and especially when the servers might be located in the US, those interactions could be subject to US government surveillance.
We also ought to bear in mind, that even in the region, law enforcement is increasingly seeking to have access to and to rely on the tapping of phones (fixed and mobile/cellular) in their investigations. In many Caribbean countries, mobile/cellular phone registration is mandatory, which means that, up to a point, the original owner of a device is known. Moreover, from time to time, proposals are mooted to relax device-tapping or call interception procedures – for example so that a government Minister can sanction such activities instead of the courts. Although generally there has been opposition to those proposals, they will continue to rear their head, as law enforcement continues to grapple with crime, and governments place increasing focus on “national security”.
Are countries complicit in the US’ behaviour?
With the exception of the European Union, countries worldwide have been relatively silent about the disclosures regarding the depth and breadth of US electronic surveillance. Hence it could cause us to question whether or not, or the extent to which countries, including those in the Caribbean, might have cooperated with the US on such matters.
To be clear: the US is a world power and one of the largest trading partners for many countries. In the Caribbean, the relationship with the US might be more acute, as our economies are dependent (to a considerable extent) on our neighbour to the north, and we all have a strong affinity, including family linkages, there. Hence countries might opt to choose the lesser of two evils, and acquiesce to the US’ demands, but such an approach might not necessarily foster the confidence that your country is prepared to defend you and your rights whilst within its jurisdiction.
Over reliance on the US Internet facilities
Finally, and in a completely different vein, we may also need to re-examine and recognise that our personal and business-related data could also be subject to US scrutiny, should they be stored in the US. Hence for those of us who are using US-based email and web-hosting facilities, or servers located in the US, our content, whether we like it or not, could be copied and stored by the US indefinitely and potentially used in ways we had not envisaged.
From a sovereignty and national security perspective, a case could be made for individual countries or even the region collectively, to actively develop their own web hosting, server facilities, Internet infrastructure, etc., in order to encourage their citizens to bring their data closer to home. However, that would require countries to have a clearer sense of the value of their citizens’ data and the intellectual property from which they could inherent benefit.
Image credit: Stuart Miles (FreeDigitalPhotos.net)