Security and privacy on the level of the telephone network
Fifth, the once powerful myth that there exists a separate, virtual space where one can have more privacy and independence from social and political institutions is dead. To see why, look no further than the Microsoft memo issued after The Guardian had reported that NSA may have been tapping Skype chats and video calls (Skype is now owned by Microsoft). Buried in Microsoft’s non-denial is a very peculiar line. Justifying the need to make its digital products compatible with the needs of security agencies, Microsoft’s general counsel wrote that “looking forward, as Internet-based voice and video communications increase, it is clear that governments will have an interest in using (or establishing) legal powers to secure access to this kind of content to investigate crimes or tackle terrorism. We therefore assume that all calls, whether over the Internet or by fixed line or mobile phone, will offer similar levels of privacy and security.” Read this again: here’s a senior Microsoft executive arguing that making new forms of communication less secure is inevitable – and probably a good thing.
For most of the 1990s, everyone thought that digitization would usher in the so-called “convergence”: undoubtedly, a good thing as far as security was concerned. Thus, the reasoning went, as they move to one single network, old forms of communication – the good-old telephone and the like – would eventually become as secure as encrypted email. But we have actually moved in the opposite direction. What we have now is one single network – that much we got right – but the one where security and privacy have returned to the level of the telephone network. It’s the telephone – not encrypted email – that is our common denominator at least when it comes to wiretapping potential. Convergence did happen – we weren’t fooled! – but, miraculously, technologies converged on the least secure and most wiretap-friendly option available.
The users in authoritarian states will suffer the most
This has disastrous implications for anyone living in dictatorships. Once Microsoft and its peers start building software that is insecure by design, it turbocharges the already comprehensive spying schemes of authoritarian governments. What neither NSA nor elected officials seem to grasp is that, on matters of digital infrastructure, domestic policy is also foreign policy; it’s futile to address them in isolation. So, we want to catch all the terrorists before they are born? Fine, Big Data – and big bugs in our software and hardware – are here to help. But, lest we forget, they would also help the governments of China and Iran to predict and catch future dissidents. We can’t be building insecure communication infrastructure and expect that only Western governments would profit from it.
This brings us to the most problematic consequence of Snowden’s revelations. As bad as the situation is for Europeans, it’s the users in authoritarian states who will suffer the most. And not from American surveillance, but from domestic censorship. How so? The already mentioned push towards “information sovereignty” by Russia, China or Iran would involve much more than protecting their citizens from American surveillance. It would also trigger an aggressive push to shift public communication among these citizens – which, to a large extent, still happens on Facebook and Twitter – to domestic equivalents of such services.