Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

Parting Shots (Q4 2019 Issue)

It may be more than six years since Edward Snowden released the first details of government surveillance, but his shadow still looms large over the information security sector. Just this year, his book was released to a rage of controversy. A few days before the release of the book, the US Department of Justice filed a civil lawsuit against Snowden for violating non-disclosure agreements he signed with the NSA and the CIA.

His book Permanent Record enraged the US government, because he published it without submitting it to the agencies for pre-publication review, which violated his express obligations under the agreements he signed. A press release from the Department of Justice claimed that the lawsuit “does not seek to stop or restrict the publication or distribution of Permanent Record,” but instead the government was seeking to recover all proceeds earned by Snowden.

Assistant attorney general Jody Hunt of the Department of Justice’s Civil Division said: “We will not permit individuals to enrich themselves, at the expense of the United States, without complying with pre-publication review obligations.”

The lawsuit was countered by the ACLU, where Ben Wizner, director of its Speech, Privacy, and Technology Project, and attorney for Snowden, said that the book “contains no government secrets that have not been previously published by respected news organizations.” He also argued that the government “continues to insist that facts that are known and discussed throughout the world are still somehow classified.”

Patrick Gray, journalist and host of weekly information security podcast Risky Business, also pointed out that Snowden would have received an advance payment from the publisher, so in fact, the majority of the earnings from sales would go to the publisher rather than Snowden himself.

At the time of writing, I had purchased but not yet read a copy of Snowden’s book, but the subject of the ethics surrounding surveillance has been a feature of various printed works over the years. 

Along with his new hardback, Snowden also recently penned a comment piece for the The Guardian. In that article, Snowden argued that the UK, US and Australia were calling for a backdoor to be created within Facebook after the social network announced its intention to incorporate end-to-end encryption into Facebook Messenger and Instagram (with WhatsApp already using it prior to Facebook’s acquisition of the service in 2014).

Donald Trump’s attorney general, William Barr, UK home secretary Priti Patel, Australia’s minister for home affairs and the US secretary of homeland security, all co-signed an open letter demanding Facebook abandon its encryption proposals, citing the need for countries to be able to access intelligence on terrorism and crime.

“The true explanation for why the US, UK and Australian governments want to do away with end-to-end encryption is less about public safety than it is about power,” Snowden argued in his comment piece, pointing out that “by ensuring they no longer hold the keys to our most private conversations, these corporations become less of an all-seeing eye than a blindfolded courier.”

We have heard this type of discussion before many times. Back in January 2015, then UK Prime Minister David Cameron asked rhetorically “In our country, do we want to allow a means of communication between people which we cannot read?” This was widely considered to be proposing a ban on end-to-end encryption in messages, and The Guardian’s James Ball said at the time that “there is no such thing as ‘good guy encryption’ and ‘bad guy encryption’ – the same encryption that protects you and me protects companies, protects governments, and protects terrorists.”

We’ve seen the impact that even rumors of backdoors in encryption and software can have on tech companies, and witnessed the erosion of trust that results when governments attempt to interfere with encrypted services. It also remains an unwinnable debate with both sides of ‘need to know’ and ‘need to protect’ holding firm on the reasons for and against breaking encryption.

Elements of this conversation have seemingly evolved into vote-winning exercises, as Cameron was possibly arguing his point to appear extra tough on crime to get votes, while three years later, the new home secretary has seen the political benefit of aligning with post-Brexit trading partners in the US and Australia.

Whatever the case may be, as Wizner said in his statement: “Snowden wrote this book to continue a global conversation about mass surveillance and free societies that his actions helped inspire. He hopes that today’s lawsuit by the United States government will bring the book to the attention of more readers throughout the world.”

Snowden’s shadow may or may not always loom over security and privacy discussions, but the debate on whether governments should or should not have the capability to interfere with encryption is clearly not going away anytime soon.

What’s Hot on Infosecurity Magazine?