I heard an argument recently that the data collected by PRISM was safe from abuse because if the government had the technical expertise to gather the data, it had the competency to secure it as well. While on the face of it this statement is flatly absurd, its derivatives can seem plausible:
- “The data is only used if a court approves.” (The fallacious assumption being that the government can reasonably control access to the PRISM data.)
- “The government is trying to protect us by safeguarding this information in one place.” (Of course, the idea that this centralized database’s existence has made said data more secure is preposterous.)
- “You had no assurance of privacy on the Internet anyway, so why should this bother you?” (Because while I can take reasonable steps to make my own data secure, once it’s in the government’s hands it’s their responsibility, and, as should be abundantly obvious, leaks happen.)
It’s easy to believe that a government agency capable of collecting this information and then keeping its existence a secret for so long must have a way of keeping it safe. Unfortunately, the access that was given to the NSA to take this information has no correlation to the skills necessary to secure it; and the very fact of PRISM’s existence will probably prove too enticing a target to remain secure for very long.
Essentially, the argument as I heard it can be expressed as a simple question: if the government is savvy enough to gather the data, surely they’re not incompetent enough to lose it? Unfortunately, big brother can indeed be both savvy and incompetent. I think this is the greatest danger to the data PRISM allows access to – not improper use or excessive domestic surveillance, but complete and outright theft.
Savvy Through Access
Why does the act of collecting this information have no bearing on said information’s security?
Consider a child visiting the Library of Congress. He has an enormous storehouse of human knowledge at his fingertips: would you say then that this child would make a reasonable gatekeeper of that knowledge? Certainly not – just because the child has access to this repository doesn’t mean he should be director of it. He’d lend books out without properly tracking them, he wouldn’t be able to adequately secure the premises, and before you know it instead of a great Library of Congress you’d have a tremendous auditorium empty of books.
The US Government found itself in a similar position. Through the unique and regrettable powers offered it through the Patriot Act, it could visit the library (in this case, the storehouses of data on the Internet) whenever it wanted to. So of course it decided that this meant it should be the director of that library. The government has no particular skills or capabilities that make it uniquely suited to the administration of the knowledge it’s gathered: it seems savvy enough to have gathered it when, in fact, anyone with access similar to the NSA’s could have done so and would have had just as much of a “right” to it.
This analogy is somewhat troublesome. After all, prior to the NSA’s intervention, there wasn’t one library for personal information on the Internet at all. If you wanted to know someone’s Google searches, you’d presumably have to hack Google. And if you wanted their bank account information, you’d have to compromise their bank. That brings me to my next point: that assembling this single unified source of information represents a catastrophic single point of failure, and simultaneously provides a tremendous motive for theft.
Eventually Incompetent
My primary concern isn’t that the data will be misused by the government (though it seems inevitable it will be). It’s the security of the data itself. One point of access with all this information is akin to storing all gold in the entire world in one bank. Regardless of how well the bank is guarded, a lot of people are going to be very interested indeed in finding a way in – and it seems inevitable that, due to the fact that there are so few guards relative to potential criminals, and the incentive to break in is so motivating, a way will eventually be found.
When my email, my online orders, my telephone conversations were stored separately in different servers, the barrier to assembling a complete profile of my online activity was rather high – a potential hacker would have to compromise numerous services and some incredibly tight security multiple times to really get a clear picture of my habits. But the NSA has done all of this hackers’ work for him: all he must do is hack into one incredibly secure system, instead of a plethora of them.
And while hacking the NSA sounds nearly impossible, there are security flaws discovered all the time in software, even software widely considered extremely secure. And now that the existence of PRISM is well-known, all of those flaws (and the newest ones discovered, before there’s even an opportunity to fix them) will be tried on the NSA. Both by hacker groups and foreign governments.
Does anyone really believe this new treasure trove of knowledge will remain secret for long?
What Can We Do?
Unfortunately, at this point, not much can be done about the situation. As should be abundantly clear it’s really only a matter of time until PRISM is compromised. There are too many people who want the information it contains, and eventually they’ll hit on some means to acquire it.
The only really safe thing to do, now that PRISM is public knowledge, is to destroy the data it contains and stop the program. Regrettably it seems that the government really does believe that, because it had the savvy to acquire the knowledge, it’s somehow competent enough to keep it safe from everyone else on the planet. In the end, it isn’t the government that will pay the price for this hubris, but instead us citizens who were monitored: our secrets will be the ones to be released, because we trusted our government to allow us some privacy.
Going forward, everyone should start encrypting their emails and conversations. The EFF’s surveillance self-defense site is a good read that gives some helpful tips. But ultimately, if you don’t want your information to available on PRISM, it might be time to set up your own personal cloud or VPN and stop using big data and social networking sites. If that’s not possible, then at least consider what you post to them – now we truly know that not only is everything we do on the Internet public, but there are people dumb enough to gather it all in one place so that it can easily be stolen.