Foreign Policy Research Institute A Nation Must Think Before it Acts Post-Snowden: The Hypocrisy of Tech Company Calls for Surveillance Reform

Post-Snowden: The Hypocrisy of Tech Company Calls for Surveillance Reform

The recent call by certain technology corporations to reform government surveillance makes for great public relations, but underneath these calls reek of hypocrisy.  Despite stating the desire for “the world’s governments to address the practices and laws regulating government surveillance of individuals and access to their information,” the call clearly comes only after Edward Snowden exposed that these companies were the primary points by which the NSA accessed information for intelligence efforts.  The Snowden revelations shook these companies to their core.  Why? Well, its not about customer privacy, instead its about Internet company business models. 

During the days of analog, the NSA naturally must have piggy-backed onto telephone companies during the conduct of signals intelligence intercepts. Today’s telephone companies, however, are an amalgamation of a broader set of Internet companies whose business varies dramatically from their analog predecessors. Analog telephone company business models depended on their ability to provide customers a service.  In contrast, today’s telephone and Internet company business models depend not on providing customer access to the Internet, email or social media services, but instead on customer information – collecting, amassing and analyzing customer data to determine every conceivable pattern of a person’s behavior – what might be known in other contexts as “spying”.  

Government surveillance has never been easier because Internet companies are already doing much of the spying for the government. If customers were to find out just how much of their personal information is exposed, say when NSA documents are leaked, they might start sharing less information, thus compromising the Internet company business model and collapsing profits.  Internet companies are not really worried about government surveillance, if they were, they would have called for government surveillance reform before, not after Snowden’s disclosures.  Prior to the disclosures and outside of the NSA, Internet companies are in fact the only entities that were aware of the U.S. government surveillance programs and in a position to join forces to call for reforms.  Yet again, pre-emptively calling for surveillance reforms might have exposed Internet company surveillance activities to customers.  

I could easily conceive hundreds of reasons why the signatories of the Global Government Surveillance Reform are hypocritical but instead I’ll just point to a few of the only recent examples of how these companies pry into our everyday lives.

  • Facebook: Research by Sauvik Das and Adam Kramer revealed that Facebook actually records every keystroke of its users.  Not only do they monitor what their users post on their platform, Facebook actually tracks what their users may write and then decide to delete – aka self-censorship.  With this capability, Facebook is gaining the ability to actually watch how their users think in real or near real time, and they then can likely advertise accordingly. Somewhere, Facebook has a record of what customers didn’t say. So do customers’ trust Facebook with their thoughts, but not the U.S. government with an archived copy of their telephone records? 

  • Twitter: In response to the Snowden revelations, Twitter is allegedly considering the encryption of all direct messages between users to ensure governments cannot intercept these communications. On the surface, this seems like it would protect customers (while still providing Twitter unlimited access to customer direct messages). But this encryption also empowers terrorists and criminals by providing them a free, easily accessible encrypted communication means to communicate actions, coordinate attacks and spread propaganda.  This exact scenario occurred less than three months ago with the Westgate attacks in Nairobi, Kenya where al Shabaab tweeted in real time as they committed their atrocities.  So should the U.S. government pass on the equivalent of U.S. citizen privacy rights to foreign terrorists involved in a terrorist attack overseas against American targets?  Issuing subpoenas of foreign terrorist accounts rather than intercepting them overseas in real-time?

  • Google: No company has tried more than Google to be the self-proclaimed champion of privacy; all the while systematically prying into every aspect of their users’ lives.  We are all familiar with the incredibly creepy targeted advertisements offering exactly what was discussed in one of our Gmail messages or Google searches.  But even more intrusive is this revelation by Nathan Newman in the Huffington Post:

“Google’s illegal “wi-spy” program of collecting user data over home wi-fi hubs using its Street View cars has led to investigations and fines for violations of the law in countries around the world.  Investigators were outraged when they reviewed the downloaded data and found Google had collected massive amounts of personal emails and data revealing everything from people’s medical histories to their sexual preference to marital infidelity.”

While proclaiming to be leading the way in protecting customer information, Google couldn’t even protect U.S. government warrant information on Google servers from Chinese hackers. Remember, Google’s call for reform came after concerns about U.S. government surveillance. Why didn’t they rally all the Internet companies together in a call for reform after the Chinese hacked them in 2010?

  • LinkedIn: Recently, LinkedIn began pushing a new email service where users could route their communications through LinkedIn to enhance their networking. For users, this may seem like a useful free service, but, as Ian Steadman explains,

 “remember that LinkedIn is reading your emails to do this, in a way that exactly mirrors a man-in-the-middle attack. That’s a type of attack where someone slips in between two other computers on a network, intercepting each message that gets passed along and reading it as it goes.”

Internet companies would likely say that customers agree to their terms of service and thus Internet company activities are essentially justified by customer apathy.  But no one, customers, Internet companies or even U.S. courts, believe that several thousand word, multi-page terms of service documents loaded with technical jargon printed in 6 point font fully inform customers on the privacy they might sacrifice using Internet services. 

Most striking about the corporate call for surveillance reform and American reaction to the Snowden leaks is how Americans seemingly value both their own privacy and the services of Internet companies and yet twelve years after the 9/11 attacks no longer see national security as an essential service.  Current NSA capabilities were created as a reaction to the worst attack on American soil in more than 50 years.  Security comes with a price. As a nation, the pendulum is clearly swinging back in favor of privacy over security.  This would be more understandable if Americans saw their privacy losses to Internet companies in the same way they saw their privacy losses to government surveillance. 

The call for surveillance reform comes from Internet companies that could only have reached their current heights based on the services and opportunities provided by the very country from which they now want to protect their customers.  The U.S. is the only country capable of providing the infrastructure, human capital, national & economic security, legal system and creative freedom to develop the most profitable Internet businesses in the world.  The purpose of U.S. government surveillance comes from a desire to protect American citizens not to harm them or suppress them.  If the reform signatories were that concerned about U.S. surveillance, they could always relocate to another large country that offers better protection against surveillance and benefits of the free market system, right, …say China or Russia, the last two stops of Edward Snowden?…Uh, right, that’s what I thought.

In conclusion, having worked in government and with technology companies, I’m confident that government servants share the best interests of the citizens they protect more than technology companies share the best interests of their customers.  Surveillance reforms are already underway, but today’s Internet companies, the world’s leaders in technical surveillance, should not be the one’s paving the way.