Year 1 AS: I hope we get more Snowdens
By Mikko Hypponen June 12, 2014
- Snowden’s leaks have opened our eyes, and we should be outraged
- Make your voices heard with the #digitalfreedom movement and manifesto
A YEAR ago, the Snowden revelations were just beginning to shock the world. And today, we are better off because of Edward Snowden's actions.
Companies and consumers are more privacy-minded and thinking about what's happening to their data. And a global conversation is being held about complex issues of technology, security, and privacy.
Let’s look at the impact on the security industry, the change in behaviour of consumers versus businesses, and the most important leaks of the year.
What were the major events of the Snowden leaks?
The initial leak, PRISM, was crucial. It opened up our eyes that these services we all know and use, like Google and Apple, are being watched.
The revelation that phone calls of foreign leaders like German Chancellor Angela Merkel were being spied on was important – although not necessarily surprising.
The leak of the US National Security Agency (NSA) ANT catalogue in December showed just how advanced the technology used by the NSA is. It gave technical details about the kind of surveillance gear it already had five years ago.
The Quantum leak showed how the United States is actively using web exploit kits against their targets.
And finally, the leak from Glen Greenwald's new book shows that the NSA has access to Microsoft SkyDrive, or OneDrive. We didn't know until now that SkyDrive is available to the NSA, too.
Which revelation was the most surprising?
The revelation that Britain’s surveillance agency, GCHQ (Government Communications Headquarters), spied on people’s webcam chats. What in the world were they thinking?
Did the Snowden leaks impact how security vendors do business?
Definitely. Especially companies outside the United States. We now feel we have a responsibility to provide for customers all over the world who would rather do business with non-US companies.
Company-wise, in the 23 years I've been with F-Secure, our company has never changed as much as it has the past year. We've changed our look, slogan, and mission, started new business areas, and we've released more new products than any year before, several of which are centred on privacy.
How about the handling of customer data?
The revelations didn't have much impact on how F-Secure handles customer data, because we've always been very privacy-centric. But they were a big reason why we recently published a whitepaper that details data collection for our Internet security products.
In the past year, people have become more concerned about what happens to their data. Security software is very low level and has wide access to the system, so as a security vendor, we wanted to be up-front.
We became the first and, so far, only security vendor to document what kind of data we collect on end user systems and how we anonymise it. We challenge other security vendors to do the same.
Did people really leave US Internet services?
When people learned about the revelations, many said they didn't want to store their data in big US services anymore.
But in practice, there has been no massive shift among consumers. It takes time and effort to leave old services and take up new ones.
Businesses, on the other hand, are very much moving their data away from US clouds. They know that when they store data in US clouds, the US Government has a right to look at that data, and they must take that very seriously.
What are alternative services to US services missing?
Where are the mainstream European search engines? Web mails? Cloud storage services? These questions are part of the reason F-Secure has decided to enter the cloud storage space - because we didn't see European alternatives, and we see it as our own responsibility to provide one.
How has the US Government behaved? Any improvements in sight?
It has made changes already. But practically all the changes we've seen have been to improve the privacy of US citizens, not foreigners. Politicians have to keep their voters satisfied, and we foreigners won't be able to vote them out of their positions.
What gives you hope?
Edward Snowden gives me hope. Here's a guy who sacrificed all to save us, and we the citizens of the world should be thankful.
Not everything he did was technically right - he broke the trust of his employer and his NDA (non-disclosure agreement), but nevertheless he did the right thing.
Now we know a lot about surveillance the Five Eyes countries are conducting. Other countries are spying as well, we just don’t have concrete evidence about it yet because they haven’t had their Snowdens. So I hope we get more Snowdens from other superpowers.
What should leaders of the world do?
Instead, perhaps we should ask the question ‘What should normal people do?’
Normal people shouldn't be worried, they should be outraged. The way to change things is through the political process. Vote, talk to your representatives, make your opinions count, and join our movement.
Join the Digital Freedom Movement
Fed up with espionage? With having your private information gathered without your consent? Make your voice heard by helping write the #digitalfreedom manifesto.
It’s a crowd-sourced document that will be used to advance digital freedom in the world. Anyone concerned about digital freedom and privacy can contribute their ideas and opinions – even if it’s just a sentence.
The manifesto is licensed under creative commons and is open for contributions until June 30. Contribute at f-secure.com/digitalfreedom.
For more information, click here.
Mikko Hypponen is a security expert and F-Secure’s chief research officer. F-Secure is an online security and privacy company from Finland.
Cloud adoption shaken by Snowden revelations: Survey
The world needs to unite on privacy and trust: EU official
USA vs the world: The problems with PRISM
US spying, and casting the first stone
For more technology news and the latest updates, follow us on Twitter, LinkedIn or Like us on Facebook.