The revelations concerning the U.S. National Security Agency (NSA)'s Prism surveillance program and the global implications of that program are fascinating. But are they shocking?
I don't think so. Wherever data is stored in a digital format, it will be accessed by those other than the guardians of that data -- that is a reality in 2013.
And is there a communications service provider in the world that doesn't hand over customer records to security agencies? That would be shocking. Verizon Communications Inc. has been named in the early reports about the NSA's recent activities, but that is just a matter of timing. If this story had broken on another date, it might have been AT&T Inc.
Of course, there is a major ethical debate concerning data security and surveillance strategies and rightly so: There are policies in place globally that enable security agencies to request data downloads from telcos and ISPs but even the suggestion that the NSA is plucking data from the servers of Web services giants as and when it feels the need to do so will likely have major implications for the likes of Apple Inc., Facebook, Google et al. In what way might regular users change their social media habits? Will people be scared to wear Google glasses for fear of having their lives and experiences tracked by an invisible security application? (See NSA Dragnet Debacle: What It Means to IT.)
Whether any debates, rulings or even legal decisions will ever change the modus operandi of any security agencies is, I believe, very much in doubt. It will be business as usual for the spooks that spy on anyone they feel deserves being spied upon, whether domestic or overseas.
Putting aside the ethical issues involved, what the Prism revelations have done is bring the topics of Big Data and analytics under the global spotlight. In that context, it's intriguing just how data is extracted, sorted and examined: Exactly what do the security agencies do with the data and how much "intelligence" can they gather from it? Already the names of various Israeli vendors are being linked to the Prism operations and, again, that doesn't come as a surprise -- if you want the best data technology, then you start by asking companies from the most tech-centric country in the world, right?
All the major CSPs and Web services firms have their own Big Data strategies (for commercial reasons, you understand, though of course there's a major element of "snooping" involved). Those strategies are now set to come under the spotlight too.
After Prism, paranoia could be the next major "P word" of the year. But whatever the fallout from the Prism program, don't expect to be too shocked. Outraged, maybe, but not shocked.
— Ray Le Maistre, Editor-in-Chief, Light Reading
My only two concerns have been mitigated by the sheer fire-hose method of collecting information and inability for operations groups to effectively store, search and effectively apply decisions. The two concerns I have 1) the people and companies who capture data - what they can manage and then abuse what they are able to manage, organized crime is all over their own hydrants and all over everyone else's hydrant. Why not the government? 2) There are trusted people/companies who are learning to capture and use what they can to make a half informed decision. Perfect example of #2 a) how many of us log-into Vz as a vendor, as an applicant, as a customer, as a agent for mutual business partners. You simply cannot use your log-ins and profiles on the Vz website with any success. You have not been able to for more than 10 years. example b) is as innocent as the 1999 conversion of Google from search results obtained through the crawler analysis they gained market share with. When transitioning to relative-results associated to SIC results associated with advertisers. All simple search became obscured by the three metrics, Today, I believe it is impossible to get a website address to an authorative site with a query. Then again, many sites try marking their sites private from crawlers as if the crawler would honor the request
We as technology enable a lot of people by default in protocols. We have no enforcement ability and worse yet nobody willing to pay us to enforce the use of the tools.
So get-over this issue. We let anyone with our technical skills and test tools access our data. As a country we enabled Satellite and trans-ocean cables only on the condition that all information was collected. As a government we grabbed all security/encryption keys. Way before 9/11 we enabled SF and Seattle storage and analysis offices adjacent to telecommunication offices for the government. Even if we wanted to enforce ethics, we are not willing to pay anyone to be vigilant.