Friday, June 14, 2013

NSA and "The Cloud"

Honey, we broke the Internet.

So, the news about the NSA Prism program going access to so much of our internet traffic and data is stil unfolding, and the actual details are shrouded in fog. I expect the NSA and others in the government with a single-minded focus on security are probably contributing more fog.

A frequent response to NSA data-gathering is "if you've done nothing wrong, you have nothing to hide".  Much smarter people than me have refuted this more articulately than I ever could, but I do imagine that if NSA has all that data, law enforcement has got to be thinking about how they can use it to their advantage.  Then, the slippery slope includes probably insurers, looking for more information on whether you engage in risky behaviors, to hiring employers doing background checks (this will start with military contractors, but will surely extend). I''m sure the IP lawyers at the RIAA and MPAA are still gleeful about the idea that everyone's Internet traffic has been logged, and can hardly wait to get their hands on it.  And so on.

From my point of view, unfortunately, this gives pause to people worried about the security and privacy of their data.  You have to wonder about people in other countries deciding to use their own local hosted cloud providers or even revert to their own servers again, and I fully expect other geographic regions to make sure enough big routers and network infrastructure exists in their own countries so internet traffic won't get routed through USA pipes and routers.

http://www.techdirt.com/articles/20130614/12173323472/why-tech-industry-should-be-furious-about-nsas-over-surveillance.shtml

https://twitter.com/normative/status/345670289767669760

updatehttp://www.schneier.com/blog/archives/2013/06/blowback_from_t.html

further update:  http://www.theatlantic.com/technology/archive/2013/06/us-government-surveillance-bad-for-silicon-valley-bad-for-democracy-around-the-world/277335/

http://www.zdnet.com/prism-fallout-could-cost-us-cloud-industry-billions-warns-europes-digital-chief-7000017712/

There's been a lot of worry in recent years that efforts in the ITU would attempt to bring Internet governance into UN or similar purview, which many people would expect would result in a chilling effect on innovation as well as the power of the Internet as a agent for democratization.   I don't expect ITU to get their way on this, but its possible the US Gov't and the NSA did more as a result Prism to derail the growth and interoperability of the international Internet than ITU or any other effort by governments to wrest control.

On the other hand, maybe a silver lining (no pun intended) is that, like all other attempts to censor the Internet, technology will route around the issue.  I can envision rapid innovation in sure "personal clouds", for example.  We've talked previously about the Global PKI being outdated and broken, but if the (warning - rank speculation ahead) major Certificate Authorities are drop-boxing private keys to the NSA, or in other ways SSL has been compromised to the benefit of the spymasters, new forms of internet security will arise that are more distributed and more flexible, and not subject to top-down control.

Interesting times.  We get to watch, and maybe influence, how this unfolds.

No comments: