In light of the recent publicly leaked PRISM program from the National Security Agency (NSA), I’ve been doing some personal research to reduce my personal exposure to PRISM tech companies. In other words, I don’t like the fact that these big tech companies are spying on me and sharing my personal information with the government, regardless of whether they claim it’s legal or not legal.
After learning the long list of tech companies that privately share information with the government, I’ve decided to cut back on using main stream tech services. Check out prism-break.org for a big list of awesome alternatives to things like Google Chrome, Yahoo Mail, Drop-Box, Apple Services, etc. In my opinion, it’s wiser to use DuckDuckGo instead of Google Search.
Just recently, I read an article where Tech Crunch publishes each major response to the PRISM scandal. Take a look. What’s interesting to me, though, is how each company phrased their non-support for the government’s request for access to their users information.
After a few days of the PRISM story breaking, many large tech companies released public statements to try to restore confidence in the public.
Facebook’s public response after the PRISM story broke was this:
“We do not provide any government organization with direct access to Facebook servers. When Facebook is asked for data or information about specific individuals, we carefully scrutinize any such request for compliance with all applicable laws, and provide information only to the extent required by law.”
The response from Facebook leads me to ask questions, like:
What is direct access? What about indirect access? Maybe Facebook is not granting the government direct access to their user data, but they could just as easily grant the government indirect access to their files. They could easily duplicate a private database they own and transmit it to a government server in seconds without even requiring a human being present to manage the transfer.
Additionally, what does “carefully scrutinize” mean? Is Facebook saying that they’d stand-up to the government and not allow them access to their user information on their servers? My guess, is probably not. Although Facebook probably has an army of attorneys on hand, it’s not like the government couldn’t crush them somehow if they wanted. In my opinion, Facebook shouldn’t be gathering private information about it’s users in the first place.
It boils down to this: Facebook never said that they don’t collect private data on users and they never said that they haven’t ever shared this information with the government. Until they do so, how can they be completely trusted?
Google issued a similar statement after the PRISM scandal broke:
“Google cares deeply about the security of our users’ data. We disclose user data to government in accordance with the law, and we review all such requests carefully. From time to time, people allege that we have created a government ‘back door’ into our systems, but Google does not have a backdoor for the government to access private user data.”
While Google’s statement appears to be more transparent and legitimate, Google’s efforts to secure private information, it still opens doors for further analysis and questioning. First off, what information is provided when “in accordance with the law”. The Patriot Act makes it completely legal for the government to essentially spy on citizens without a warrant.
So, does Google comply with all of the government’s demands? Since, doing so is not technically illegal, why wouldn’t they disclose all information to the government? It leads you to wonder which circumstances that Google doesn’t disclose information to governmental authorities at all. Additionally, maybe Google doesn’t provide a “back door” to their systems, but why would they need one when the front door is always open?
In my opinion, more is going on behind the scenes
I think it’s highly likely that these statement are more of a public relations campaign than actually truth-telling statements. In the PRISM files, it was declared that the PRISM program costs roughly $20 Million. So let me ask you, where is this $20M actually going? It’s probably not paying people sit around and drink coffee with Google and Facebook bigwigs. It’s probably paying for servers, computing power, data warehouses and technical personal to gather information and create reports on important information.
I, personally, was very sad to see DropBox on the list of potential suspected tech companies that allow the government to peek at and gather peoples personal information. I think that DropBox, although a relatively simple concept, is a tremendous system for sharing files, keeping privacy and accessing files anywhere at any time.
The problem is data collection and government reach
The problem isn’t that these large tech companies comply with the law and disclose information to the government for legal matters. The problem is two fold:
A) Tech companies shouldn’t collect more information about their uses than the users are aware of. This goes beyond “Terms and Conditions”. I shouldn’t need to read terms and conditions to know that a website is tracking my location, for example. If I don’t personally input my location into an input field, then tech companies shouldn’t be using “behind the scenes” tactics to try to determine my location. It’s unethical and will eventually backfire.
By collecting too much private information, these companies are putting a target on their back’s for the government to target. The government’s main source of power is information and currency control (which is another topic altogether). And I’m not necessarily saying government information is a bad thing. But when the government has access to unknowing citizens and manipulates it for their advantage, then people lose their trust in the economic and political system.
So by tech companies collecting private information, they’re not only destroying user trust, but they’re enabling the government to destroy trust as we know it.
B) Government reach into personal matters needs to be clearly defined. I need to know if the government is watching me when I use a particular service. When I check my email, I shouldn’t need to worry that the government is looking over my shoulder. Whether I’m emailing someone locally or abroad, whether I’m buying bath soap, car insurance or adult videos, I should be granted maximum privacy.
It’s nobody’s business what I’m doing. Regardless of whether I’m obeying the law or not, I should be considered innocent until proven guilty. The phrase “if you’re not doing anything illegal, then you have nothing to worry about” considers that everybody is guilty and that nobody should be trusted, even in their own homes and with their own property.