Noise or Music?

Why the Guardian is barking up the wrong tree with Prism

Categories: GDPR & Privacy / Comments: 3

My thoughts on why the Guardian and the Washington Post are barking up the wrong tree with their constant side-stories about #Prism. It is disappointing to read the story degrading in this way.

“Analysing this type of meta-data is exactly what companies such as Google, Yahoo, Twitter, Facebook etc. openly do.”

Seriously… what is the problem with collecting and analysing meta-data?

Meta-data does not include the actual conversation (chat, email, phone). As a privacy advocate, I positively support the analysis of meta-data by democratically elected governments.

In fact analysing this type of meta-data is exactly what companies such as Google, Yahoo, Twitter, Facebook etc. openly do. They use it to better target online advertising to the consumer. I want my government to do the same to help identify crime before it happens. By analogy, I consider analysing meta-data as the same as putting more policemen on the streets – we know that works.

For example, if someone is using Google to research making a bomb, I want that information to alert the authorities. Of course in a smart way i.e. building up a pattern of behaviour until it reaches a threshold (bayesian learning).

“With old-school police investigations, once the police have gained enough evidence (analogous to meta-data), they would need to get a warrent from a judge in order to tap a phone or bug an office. Thats the legal process that protects all democracies.”

The REAL privacy story with Prism is that when the CIA/MI6 et al secretly gain access to the Internet, they don’t just “see” meta-data, they see ALL of it. That means, if they can see my search terms and who and when I send emails to, they can also see what the content of those emails are. These are not separate data sets, they are all part of the same packet stream. Once access is gained to the meta-data, there is no barrier to all of the data flowing through the fibres of the Internet.

With old-school police investigations, once the police have gained enough evidence (analogous to meta-data), they would need to get a warrent from a judge in order to tap a phone or bug an office. Thats the legal process that protects all democracies. By capturing Internet traffic, that legal process is by-passed. And that is the BIG story here and the real threat to democracy.

From a technical point of view, the other side of this story is HOW. Accessing unencrypted communications is a high-school project for the smart, but gmail for example is encrypted. In fact if you use your Google account, all Google services are enrypted and cryptology these days is uncrackable by any secret service. The only way to decypher encrypted text is to obtain the master encryption key.

So a message to the Guardian/Washington Post:- please don’t dilute the major impact of this ground breaking story with petty articles. The public simply isn’t buying-in to the idea that ad agencies, Internet companies or even governments looking at meta-data is somehow a massive shock, or even a bad thing.

Share Button

Comments (most recent first)

  1. Michael Powe says:

    If somebody other than a police officer is looking through my windows, it’s a criminal act. I can call the police and have that person arrested. If an FBI agent is looking through my window — “Quis custodiet ipsos custodes?”

    In fact, under current law my neighbor may be committing a criminal act by reporting that she saw an FBI agent looking through my window or even entering my house.

    I agree that few citizens care what the gov’t does with their private data. Sadly, they believe that giving up their privacy makes them more safe.

  2. @Michael – the thing is, anyone can look through your windows. If you don’t like it, you can close your curtains and/or make a complaint. People looking into your windows are also visible by your neighbours. So although invasive behaviour there are enough checks and balances in our western society to take care of this.

    I really don’t think the public care about how many Snowden’s there are or what they are doing with meta-data. However, personal data is important – VERY. It is the lack of legal oversight for this that is scary and has major implication. However, this is being overlooked by the side-stories creating noise.

  3. Michael Powe says:

    “Looking at metadata” could be conceived as the equivalent of the police looking in your house windows to see what you’re doing. They “only” see your couch, chairs, unwashed dishes, maybe the dog. Where’s the harm in that?

    I think what is being missed in these discussions is that living in a free society carries risk.

    “The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.”

    The liberty defined in the fourth amendment is absolute. “no Warrants shall issue, but upon probable cause” — you can’t state it any plainer.

    Unfortunately, in modern America, fear of risk has trumped liberty. Thus, we turn a blind eye to laws that allow warrantless searches, secret searches, the secret collection of “metadata” by the gov’t and its storage for an arbitrary number of years. Also, secret.

    The unasked question is — we have Snowden publicly revealing these activities; what is being done by other analysts behind closed doors? How many Snowdens are there, who are using the data collected for their own purposes, which may or may not align with those of the NSA?

    “There is danger from all men. The only maxim of a free government ought to be to trust no man living with power to endanger the public liberty.”
    – John Adams

    We have given up essential liberty for temporary safety.

Leave a Reply

Your email address will not be published. Required fields are marked *

Anti-spam question (required):

This site uses Akismet to reduce spam. Learn how your comment data is processed.

© Brian Clifton 2019
Best practice privacy statement