The Privacy Question

Last month, a contractor working for the NSA leaked documents revealing that the American government was spying on all of its citizens. I use the term ‘spying’ in the context of confidential communications being intercepted and analyzed without the consent of the parties involved. It’s a loaded word but I think it’s an appropriate one.

There’s an enormous amount to dissect here. One could look at the asymmetric government response between the source of the leaks and the journalists that popularized them. One could question whether dangling execution for revealing the existence of a general government program lends itself to greater accountability. One could wonder if such surveillance frameworks stifles dissent, and therefore impinges the velocity towards a freer and more open state.

What I will focus on today is how this revelation shouldn’t have come as a shock, and why we really ought to have a conversation about privacy in this connected era. This shouldn’t have come as a shock on the basis of three facts:

Signal intelligence agencies are mandated to intercept Internet traffic.

It’s in the namesake. Signals intelligence agencies are required to intercept signals to further the interest of a government. That means intercepting the forms of communications people use. That means the Internet.

I think the uneasiness stems from the fact that previously that would have stirred in the popular mind imagery of listening to satphone calls. Something that affects a few with ties to foreigners. Them. The Internet is everyone. It’s us.

Confirmation of the interception of Internet traffic for the public came in 2006 with the Room 641A story.

Place and content is an intangible on the Internet given the way its put together, so if you want to spy on anyone on the Internet, you really have to spy on everyone.

The concept of geopolitical boundaries has little meaning on the Internet. When you send data across the Internet, you’re not telling it you want it to go to a specific geographical location. You’re telling it you want it to go to a specific computer. That computer has an address, a set of digits that whose ensemble is structured according to the relationship computers have with each other. Not place. Place does not have much meaning here.

So when signal intelligence agencies collects all of this data, it doesn’t really have the ability to distinguish between what’s being sent by citizens to citizens and what’s being exchanged between foreigners. It all looks the same.

Not that that ever mattered much to begin with, since there was data sharing arrangements meaning that everyone was always accessible.

Non-governmental bodies were already conducting this type of data collection openly for years. The only difference was that the level of access and intent, but it wasn’t too far off.

Google goes through your emails to determine what ads to feed you. Advertising companies track you through the images they post on pages throughout the Internet to figure out your shopping habits, and target you that way. Companies specialize in foraging the Internet for all information on you, and develop detailed profiles that they sell to other corporations. All without your explicit consent.

This is intelligence gathering. And while you may think that a company has far less access to you than someone tapping your connection, it’s actually surprisingly detailed. It was only natural for signal intelligence agencies, which are always required to be on the cusp of technology, to mirror this kind of analysis.

So where to now?

The corollary is that it’s likely that every signals intelligence agency in the world is doing the very same. I doubt very much that this operation is unique to the NSA.

This development was to be expected. We can expect as machine intelligence algorithms improve and the data sets bigger and more rich that we will reach a level of scrutiny on individuals and groups that isn’t too far from the targeted manned observation of yore.

So the question becomes – how do we want to handle privacy in a world where our actions are becoming more transparent by the day, and the analysis of that information ever so more accessible. Because this really is a new problem, and I think it’s not necessarily appropriate to frame it through the lens of twentieth century privacy concerns.

There is great benefit to funnelling more and more of our activities through the single medium known as the Internet, and more specifically the world wide web. We are talking on it. We are shopping on it. We are banking on it. We reveal our location on it. It has made everything more accessible, but that’s a two way street. Our own thoughts, derived from our writings and actions, are now all the more accessible to entities both public and private.

We really ought to have a conversation about the implications of this transparency on the Internet. That’s unlikely to happen, however, as there’s no impetus. This surveillance is invisible. You don’t see someone outside going through your mail, reading it for keywords with which to potentially act upon you. That lends itself to both apathy and ignorance.

That’s too bad, because our exposure only increases by the day.