![Telling the NSA to
[Back] Off
Evan Greer & Chris Conley
SXSW Interactive 2014
#NSABackOff](https://image.slidesharecdn.com/sxsw2014nsabackoffnovids-140308164544-phpapp02/85/sxsw-2014-telling-the-nsa-to-back-off-1-320.jpg)
Recomendados
Más contenido relacionado
La actualidad más candente
La actualidad más candente (8)
Último
Último (12)
Telling the NSA to Back Off: Self-Help Guides
- 1. Telling the NSA to [Back] Off Evan Greer & Chris Conley SXSW Interactive 2014 #NSABackOff
- 20. • ds
- 22. So what can I do?
- 33. vs.
Notas del editor
- As you might have heard, the NSA has interpreted its own authority rather broadly…
- Hey I’m Evan Greer, campaign manager at Fight for the Future. We’re a digital rights nonprofit working round the clock to expand and protect the transformative power of the Internet to drive social change. That’s a fancy way of saying that we do our damnedest to stop governments and corporations from screwing up the Internet and all the great stuff that comes with it.
- We’re probably best known for our role as the group that organized the first protests against SOPA, the Stop Online Piracy Act
- And we helped build many of the tools and rally the Internet for the now infamous SOPA blackout on January 18th 2012.
- I’m sure by now you all know the story, but the SOPA strike redefined what was possible when it came to collective action. In a single day we drove over 8 million phone calls to Congress, and resoundingly defeated a bill that everyone thought would pass.
- Since the Internet's big win against SOPA, we’ve been continuing to organize. We’ve maintained the Internet Defense League, a network of thousands of websites who are commited to sounding the alarm whenever there’s a major threat or opportunity for the open Internet.
- We fought SOPA because one of our most fundamental rights was at stake: our freedom of expression. And it’s for that exact same reason that Fight for the Future has been organizing to oppose government and corporate surveillance, and advocate for online privacy, since well before the first Snowden story hit the media. For us, opposing mass surveillance is not about wanting to “hide something” – it’s the logical next step in our ongoing mission to defend free speech online.
- Starting in 2012, we successfully defeated two versions of CISPA, the Cyber Intelligence Sharing and Protection Act, a bill that would have given private companies more freedom to share our data with government agencies including the NSA. When organizing against CISPA and about privacy issues in general, some people would say “Yeah government surveillance is creepy and all, but that’s not MY issue. I care about income inequality, or I care about gun rghts, or I care about healthcare.” My response is this: whatever you care about, whatever your issue is, making change in the world requires challenging entrenched and powerful institutions. Mass surveillance creates a climate of fear that makes speaking out and organzing against those powerful institutions infinitely more difficult. Privacy isnt’t about hiding something, it’s about
- Privacy isn’t about what we have to hide, it’s about our ability to be ourselves.
- Mass spying is a brutal and insidious form of censorship. It causes us to second guess what we say. I think ever since the Snowden revelations every single one of us has had the experience of being about to press end on an email, or post on Social media, and hesitating for a moment to ask ourselves, who else might read this beyond the intended recipients? That moment of hesitation is dangerous, and it turns out that we aren’t the only ones hesitating.
- A PEN America report from November 2013, made clear what we already intuitively know. NSA spying has a chilling effect on journalism – and many journalists in the U.S. have felt compelled to self-censor under the weight of oppressive government surveillance.
- As you might have heard, the NSA has interpreted its own authority rather broadly…
- Why do we care? Because life is not merely imitating art – life is imitating the Simpsons! Sadly, it’s not funny. The NSA seems to think that it has nearly limitless power to collect data, intercept communications, and undermine encryption – all in the name of “security.” But that security undermines the very principles that our country was founded on: a government “of the people, for the people, and by the people” that is bound by law rather than rewriting it to suit its own purposes.Without oversight, the potential for abuse is enormous. We’ve already seen surveillance of religious groups and anti-war protesters under the guide of “fighting terrorist.” The enormous power that the NSA has is unconscionable, especially without any sort of effective democratic safeguards to limit its misuse.
- Another critical thing to understand is that, really, the NSA is the least of your concerns. Government surveillance is a much bigger problem. In some cases it’s because laws are outdated or vague, in other cases authorities are breaking the law with impunity, but literally hundreds of government agencies have the ability to spy on you without a warrant, all the way down to local law enforcement. With last week’s bombshell revelations about the CIA spying on the Senate Intelligence Committee out of fear, wanting to keep their torture practices secret, it should be more clear than ever that spying is about protecting power, not people.
- Case in point: stingrays. Not the marine type
- Or the car type
- But this one. This is basically a fake cell phone tower that some police department have used to identify and track individuals. And they have gone to ridiculous lengths to prevent any kind of public debate about this technology, even breaking down a door without a search warrant based on a claim that they were prohibited by a “nondisclosure agreement” from telling a JUDGE why they wanted to search a specific house. Elsewhere cops have mislead courts or simply used stingrays without any kind of oversight. And with more tech coming, it’s just going to get worse.
- Beyond the threat that it poses to freedom of speech, there are a few important points I want to make about government surveillance. The first, and perhaps the most important, is to understand the historical context, and know that government spying is not new. You’re probably all familiar with the more recent examples like COINTELPRO and the targeted surveillance of Muslim and Arab people in the U.S. Post 9-11 but it goes back much further than that. Sure, technology has completely changed the game in ways that have serious implications for your World of Warcraft playing, but the origins of this run deep. If you read any ancient mythology or stories about civilizations of the past – or heck, since I’m sure all of you are paying HBO subscribers – even if you’ve watched Game of Thrones – we know that every authoritarian government dating back to Kings and Queens has used spying and surveillance as a means of protecting their own power. What’s even more illuminating, is the fact that those in power have always used the same justification for their privacy intrusions they tell us it’s for own good, that it’s necessary to keep us safe. The face of the enemy has changed but the rationale has remained the same.
- Mass surveillance is a global problem. The NSA is just one player. Other governments are spying as well, and private corporations are collecting increasingly invasive amounts of data for their own purposes. What all of this means is that fighting mass surveillance is not as simple as passing a law that will reign in the NSA, though that would be a good start, it’s going to take a sustained, and global effort of people organizing collectively to shut the spying down. We need to fight this with every tool we have: education, technology, policy, and direct action.
- So we know it’s going to take a lot to stop this. But where do we start? Well one thing that’s exciting in the Snowden documents is that – while they’ve revealed that agencies like the NSA and the British GCHQ have some terrifying technological capabilities, up to and including the nightmare scenario revealed two weeks ago that they’ve intercepted millions of images from webcams – the documents also show that more often than not the NSA have been lucky opportunists who have exploited tech companies mistakes. These are mistakes that we can fix, both collectively and individually. If the NSA wants to hack you personally, there’s probably not much you can do about it. But there are a variety of easy things that you can do to make it exponentially harder and more expensive for them, and that will protect you from the type of dragnet surveillance that poses the greatest threat to our rights. Chris is going to share some resources on that front in a bit. But if you walk away from today with one thing it’s that you should know the NSA is not invincible. Snowden made that abundantly clear, but it’s true with us too. Every small step you take toward protecting your privacy, whether it’s setting a password on your cell phone or running a VPN on your computer, makes their jobs harder and makes all of us a little safer.
- There are a number of self-help guides out there. Here are a few of our favorites that can help individuals think about
- There was a time when there was no such thing as bad publicity.I think the companies on this slide would probably argue otherwise today.The NSA revelations have had widespread impact on companies. Users are scared. International customers are hesitant to trust U.S. businesses with their data (rightly or wrongly). And companies are quite frankly outraged at the implication that they are both targets and willing collaborators of the NSA’s espionage efforts.
- One of the basic steps companies need to take to protect against surveillance is to protect user data. All data should be properly encrypted with access controls in place. Passwords should be salted and hashed to ensure that even a breach does not leave them vulnerable. And so on.
- It’s also critical to protect data in motion – whether it’s travelling between your servers and your users or “internally” between data centers (since the Snowden revelations have demonstrated that those connections are also vulnerable). There are several best practices, such as broadly deploying HTTPS, that can help secure your users’ data and make it less vulnerable to interception.
- You also need to be prepared to respond when the government comes to your front door demanding information about your users. One way you can really stand up for your users is to take an aggressive position and push back against over-broad demands. Facebook gets plenty of flack for privacy, and deservedly so, but they have staked out a strong position with regard to demands for information. While we think that the government does need to get a search warrant to access content, it’s not cut-and-dried – but Facebook is pushing the envelope and helping to strengthen user rights in the process.(Of course, if you do get what appears to be a demand for information, it’s probably not a good idea to just refuse it on principle unless you have a valid legal reason. If you’re unsure, call us, or EFF, or your nearby law school clinic, to get a better idea of your real options.)
- Of course, protecting your data doesn’t do much good if you share it with someone who doesn’t have the same respect for your users’ privacy. Make sure anyone you partner with lives up to your standards.
- To learn more about all of these topics, check out our primer for businesses. Case studies galore!
- Another key piece of the puzzle is transparency. We shouldn’t have to wait for the next Snowden to learn how surveillance practices evolve in the next few years. By being as transparent as possible about the requests you get and how you respond, you can help inform the critical debate about the appropriate limitations on surveillance powers.