The revelations concerning the U.S. National Security Agency (NSA)'s Prism surveillance program and the global implications of that program are fascinating. But are they shocking?
I don't think so. Wherever data is stored in a digital format, it will be accessed by those other than the guardians of that data -- that is a reality in 2013.
And is there a communications service provider in the world that doesn't hand over customer records to security agencies? That would be shocking. Verizon Communications Inc. has been named in the early reports about the NSA's recent activities, but that is just a matter of timing. If this story had broken on another date, it might have been AT&T Inc.
Of course, there is a major ethical debate concerning data security and surveillance strategies and rightly so: There are policies in place globally that enable security agencies to request data downloads from telcos and ISPs but even the suggestion that the NSA is plucking data from the servers of Web services giants as and when it feels the need to do so will likely have major implications for the likes of Apple Inc., Facebook, Google et al. In what way might regular users change their social media habits? Will people be scared to wear Google glasses for fear of having their lives and experiences tracked by an invisible security application? (See NSA Dragnet Debacle: What It Means to IT.)
Whether any debates, rulings or even legal decisions will ever change the modus operandi of any security agencies is, I believe, very much in doubt. It will be business as usual for the spooks that spy on anyone they feel deserves being spied upon, whether domestic or overseas.
Putting aside the ethical issues involved, what the Prism revelations have done is bring the topics of Big Data and analytics under the global spotlight. In that context, it's intriguing just how data is extracted, sorted and examined: Exactly what do the security agencies do with the data and how much "intelligence" can they gather from it? Already the names of various Israeli vendors are being linked to the Prism operations and, again, that doesn't come as a surprise -- if you want the best data technology, then you start by asking companies from the most tech-centric country in the world, right?
All the major CSPs and Web services firms have their own Big Data strategies (for commercial reasons, you understand, though of course there's a major element of "snooping" involved). Those strategies are now set to come under the spotlight too.
After Prism, paranoia could be the next major "P word" of the year. But whatever the fallout from the Prism program, don't expect to be too shocked. Outraged, maybe, but not shocked.
re: Prism in a Big Data World I think I attribute this to Scott McNealy, but we do have to "get over this". Popular URLs and hosts, including required vendors all require us to use tools where they collect and use our information without our consent. How many times using Taco or NoScript do we argue with websites about undisclosed site referrals, even if we were to read the fair use policy. Very popular sites, including light reading. Even if the sites did not use the information pro-actively; the information is enabled in the tools and protocol raw records we enable for the industry.
My only two concerns have been mitigated by the sheer fire-hose method of collecting information and inability for operations groups to effectively store, search and effectively apply decisions. The two concerns I have 1) the people and companies who capture data - what they can manage and then abuse what they are able to manage, organized crime is all over their own hydrants and all over everyone else's hydrant. Why not the government? 2) There are trusted people/companies who are learning to capture and use what they can to make a half informed decision. Perfect example of #2 a) how many of us log-into Vz as a vendor, as an applicant, as a customer, as a agent for mutual business partners. You simply cannot use your log-ins and profiles on the Vz website with any success. You have not been able to for more than 10 years. example b) is as innocent as the 1999 conversion of Google from search results obtained through the crawler analysis they gained market share with. When transitioning to relative-results associated to SIC results associated with advertisers. All simple search became obscured by the three metrics, Today, I believe it is impossible to get a website address to an authorative site with a query. Then again, many sites try marking their sites private from crawlers as if the crawler would honor the request
We as technology enable a lot of people by default in protocols. We have no enforcement ability and worse yet nobody willing to pay us to enforce the use of the tools.
So get-over this issue. We let anyone with our technical skills and test tools access our data. As a country we enabled Satellite and trans-ocean cables only on the condition that all information was collected. As a government we grabbed all security/encryption keys. Way before 9/11 we enabled SF and Seattle storage and analysis offices adjacent to telecommunication offices for the government. Even if we wanted to enforce ethics, we are not willing to pay anyone to be vigilant.
re: Prism in a Big Data World Johan, I think you hit the key point -- this sort of program, behavior and strategy is preventable "if there is a political will to do so." Not just at the politicians' level (those currently elected representatives) but also those that carry out the day-to-day tasks of 'government' (including security) ie in the U.S. the CIA.
My view is that the political will is very much along the lines of "we know what's best, we'll do what's necessary" and that involves breaking pretty much every 'rule' in the book.
You can't hide a nuclear bomb, which is why there is such clear accountability. Cybersnooping is invisible until uncovered and the top folks always have an alibi.
Am I resigned? In a way. I see it more as being a realist than being resigned. That doesn't mean I don't think actions should not be taken to prevent this from happening. This is a crime against the populace. Let's see if anyone is held to account and actions taken to prevent it happening again.
re: Prism in a Big Data World Not an earlier piece - just noted earlier in the blog. And I didn't go deep into the ethics because that would be repeating what 10,000 analysis articles from around the world during the past few days have focused on (quite rightly so). And I held myself back, also, on noting how completely embarrassing the quite insulting response of the governing British politicians has been so far, particularly the UK foreign secretary, William Hague. I can't figure out whether he is stupid or if he thinks we're all stupid. I go for a combination of both.
re: Prism in a Big Data World This article reeks of resignation. Sure, spies will always try to get all the information they can, but this is perfectly stoppable if there is a political will to do so. This kind of project is not something that can be done in a garage in a suburb. As telecom professionals we understand the infrastructure and resources that are needed - it's doable but quite massive. Since it is massive, it is also stoppable.
As experts we have an obligation to explain this. Also, I'm struck with the lack of imagination as to what could go wrong with Prism. "Ethics aside", putting such power in the hands of thousands of humans (mostly men, I'm afraid) is outright scary. This is the nuclear bomb option of information gathering, but we don't let consultants decide whether to launch a missile. Again, we are experts here, and we can all tell stories about humans screwing up telco networks. I think we have an obligation as experts to try to raise the level of the debate.
re: Prism in a Big Data World Have you not done anything wrong or embarassing in your life? Congratulations.
You should be concerned about your democracy. Just as an obvious example, consider what would happen if Obama is a new Nixon, or if the director of NSA would have political ambitions. They have full access to the internal communication of the republican party, and the private communication of all the GOP candidates. They could feed the media 24/7 with nasty stuff and destroy any candidate they wish. Already at this point one must ask: Would the politicians dare to actually challenge NSA?
You should also be concerned as an individual. What if your wife's jealous ex gets a consulting job at NSA?
You should be concerned for your country's security. "Forces of evil" will sooner or later get an agent into the NSA system. This is inevitable, history tells us (There are 500 000 people involved). Just try to imagine the kind of information such a spy could get about the POTUS, the military, you name it.
What happens when a Snowden type decides to sell his knowledge instead?
re: Prism in a Big Data World Or, Manoj, to flip your argument around, why should I welcome being treated like a criminal when I've done nothing wrong?
re: Prism in a Big Data World Ooh. I didn't see the earlier piece. Granted, it's hard for me to see beyond the ethical, for the moment. It's so friggin' egregious and completely embarrassing.
And, yes, my 4square account looks like that of a man the government should pay attention to, especially if they want to know where gin and aged red wine is stored near the world's busiest train stations and bus stops.
re: Prism in a Big Data World People get concerned because it's an invasion of their civil liberties. And, It has been shown time and time again that people who have not done anything 'wrong' have been persecuted by government agencies who collected information about them and drew either inaccurate conclusions or pursued politically (or other)-motivated campaigns against them. In the minds of those in power, nearly every adult can be construed to have done something wrong or be a potential wrongdoer.
re: Prism in a Big Data World Having already mentioned the ethical issue(s), I was 'putting them aside' (not ignoring them) to address some of the considerations not purely in the ethical domain ie. the actual processes involved in the access to, extraction and analysis of the data involved and the potential 'intelligence' outcome.
I am not for one minute suggesting that any clandestine access of digital (or non-digital) data is anything other than wrong, on many levels.
BY the way, your recent travel schedule, as identified by the analysis of your Foursquare data, suggests you hung out with some rather dodgy characters in some rather unsavoury establishments while in London recently...:-o
re: Prism in a Big Data World I dont feel that this needs to be hyped this much. And I dont think this is something new. Even before this new IT world, we should remember government and intelligence agencies used to collect the data they need by different means. Also, its not something which happens just in the USA. Not mentioning the country names here, but I have read allegations against various other governments doing similar things, asking google, blackberry or similar sevices to provide the data that the government needs and all...
After all, why should anyone get concerned if you are not doing anything wrong...
To save this item to your list of favorite Light Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.
If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
(11) | 
Digg
Del.icio.us
Reddit
Tweet This