As noted by myself and numerous big-name figures in the public and private sector, the damage the PRISM spying scandal could inflict on the global economy and key industries, such as the cloud, is catastrophic. By being caught snooping not only on foreign firms, but also a number of political figures in countries that are supposedly allied with the US, the NSA seriously damaged international trust.
This was showcased to great effect in 2013 when Deutsche Telekom said it was considering re-routing all user information through German data centres and servers, in a bid to protect its customers from NSA snooping.
For this reason, I was overjoyed last week when president Barack Obama promised he was going to explain what new measures and safeguards he planned to put in place to ensure a scandal like PRISM does not reoccur.
However, come the big day when he took the stage and began outlining the new measures, my feelings towards his proposed reforms were at best mixed.
On the one hand Obama got a lot right. The US president said he would work to change the way PRISM requests could be handed to companies and increase the amount of information that the businesses involved can disclose to the public.
Specifically Obama pledged to put in place a series of fresh measures created by the attorney general, on how requests using the US Foreign Intelligence Surveillance Act (FISA) and National Security Letters can be made.
FISA and National Security Letters were used by the NSA to force numerous companies, including Google, Yahoo, Apple and Microsoft, to hand over vast amounts of customer data. The nature of the requests means the companies are not allowed to disclose what information was handed over without risk of arrests. The secret nature of the requests is one of the key reasons many people and businesses are still concerned about the safety and sovereignty of their data.
Even better, Obama also promised to make sure the public sector and general public would be represented in the approval process of data-gathering campaigns. He pledged to create a new independent, non-governmental panel of advocates to appear at the secret courts, which will approve or deny operations such as PRISM. Candidates for the new panel of advocates will be approved by congress.
All this sounds great, right? Well on one level it was...until Obama went on the offensive against PRISM critics, boldly saying the US would not apologise to groups or countries affected by PRISM.
"Many countries, including those that feigned surprise following the Snowden revelations, are trying to penetrate our networks. Our agencies will continue to gather intelligence on foreign governments' intentions. We will not apologise for doing it better," he said.
Worse still, in a move all too familiar to those that lived through the Bush era, Obama resorted to constantly mentioning 9/11 as a justification for operations such as PRISM. For me, this is serious cause for concern.
After all, Obama failed to disclose key details, such as what information, or how soon after receiving FISA requests companies will be able to reveal to their customers that they handed information to the NSA. Additionally, by vetting candidates for the new independent, non-governmental panel of advocates through congress – a body full of individuals that serve the US – it's unlikely that European businesses' concerns will be high a high priority.
As a consequence, while the new reforms have the potential to help ensure scandals such as PRISM don't reoccur, they also have the potential to be completely ineffectual; the outcome will be determined by how the US government choses to implement them. As a result, for now at least I can't see Obama's reforms winning back the trust of any concerned European business or governments.
No comments:
Post a Comment