NSA Should Thank Edward Snowden

Edward Snowden’s decision in 2013 to leak secret documents about America’s mass surveillance programs did not end them completely. But the reforms adopted in the wake of his disclosures have strengthened not only Americans’ privacy, but the National Security Agency’s (NSA) ability to collect intelligence.

Make no mistake, these reforms would not have happened without a whistleblower like Snowden. Obama’s aides showed little interest in reforming mass surveillance until the Snowden leaks forced their hands.

It was Snowden who forced the NSA to be more transparent, accountable, and protective of privacy. The NSA took painful steps to open up. It released thousands of pages of previously top-secret documents in a transparency drive intended to put the Snowden leaks in context. The head of the intelligence community now publishes an annual transparency report. Congress ended bulk collection of Americans’ telephone records after an outside review found it to be of marginal value.

More fundamentally, Snowden enlarged the way the US government thinks about privacy. The Snowden documents outraged friendly governments and embarrassed US technology companies in the global marketplace.

In response, Obama issued new rules requiring the NSA to consider the privacy not only of Americans, but of everyone in the world. Despite President Donald Trump’s nationalist rhetoric, the new administration is sticking with these rules. Director of National Intelligence Dan Coats agrees that the rules protecting foreigners’ privacy in intelligence collection have helped to reassure European allies.

In fact, one of the biggest beneficiaries of the post-Snowden reforms has been the NSA itself.

The system that Congress created to end the NSA’s bulk collection of telephone records from American companies has actually given the agency’s analysts access to data from more companies than before.

The old bulk collection program was limited for reasons of secrecy, trust, and logistics to a few large providers. According the NSA’s top lawyer, this has given the agency access to “a greater volume of call records” than it had before, without the responsibility of storing the billions of irrelevant records it used to collect each day under the old program.

It turns out that transparency and privacy protection go hand in hand with good intelligence.

Last year, former Attorney General Eric Holder offered qualified praise for Snowden. “We can certainly argue about the way in which Snowden did what he did, but I think he actually performed a public service by raising the debate that we engaged in and by the changes that we made,” he said. (He said in the same interview that what Snowden did was “inappropriate and illegal.”) Despite the dislike my old colleagues in the intelligence community have for Snowden, I have heard many of them privately express similar views.

Trump has inherited the most powerful apparatus for mass surveillance the world has ever seen. While the post-Snowden reforms are a good first step, we delude ourselves if we think they have made the NSA tyrant-proof.

In Snowden’s first interview from Hong Kong, he warned against “turnkey tyranny.” One day, he said, “a new leader will be elected” and “they’ll flip the switch.”

It is important that this warning not be proved prophetic. This year, Congress will review the Foreign Intelligence Surveillance Act (FISA), in which Section 702 allows warrantless NSA surveillance of foreign targets who may be in contact with Americans.

While the law has produced valuable intelligence, it requires additional reforms to protect privacy. Now more than ever, protecting civil liberties is a cause worth fighting for, not only for the surveillance state’s discontents but for the surveillance state itself.

Fortune

You Might Also Read:

Snowden: NSA Should Have Prevented WannaCry Attacks:

US Intelligence Agencies Fear Insiders As Much As Spies:

 

« N.Korea Will Target UK Financial Services
Russian Cyber Campaign Aims To Splinter US Voters »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Nordic IT Security

Nordic IT Security

Nordic IT Security is a cyber security business forum in Scandinavia bringing together the converging worlds of IT, Cyber and Information Security.

techUK

techUK

techUK represents companies operating in the tech sector in the UK. Focus areas cover all aspects of ICT including cyber security.

ID Agent

ID Agent

ID Agent provides a comprehensive set of threat intelligence and identity monitoring solutions.

IDpendant

IDpendant

IDpendant offers a wide range of services, including authentication technology, client security products, single sign on systems, encryption solutions, card and mobile device management systems.

Quorum Cyber

Quorum Cyber

Quorum Cyber offer end-to-end cyber security solutions, specialising in Managed Security Services, Consulting and Resourcing.

Certis

Certis

Certis is a leading advanced integrated security organisation that develops and delivers multi-disciplinary security and integrated services.

SEON Technologies

SEON Technologies

At SEON we strive to help online businesses reduce the costs, time, and challenges faced due to fraud.

Port53 Technologies

Port53 Technologies

Port53 Technologies is focused on delivering enterprise-grade, cloud-delivered security solutions that are easy to deploy, simple to manage and extremely effective.

Envieta

Envieta

Envieta is a leader in cryptographic solutions. From server to sensor, we design and implement powerful security into new or existing infrastructure.

Red Goat Cyber Security

Red Goat Cyber Security

Red Goat Cyber Security have created excellent, informative and interactive Social Engineering Awareness training which is suitable for all levels of staff.

Infosec Institute

Infosec Institute

Infosec is a leading cybersecurity training company, we help IT and security professionals advance their careers with skills development and certifications.

Ampcus Cyber

Ampcus Cyber

Ampcus Cyber specialize in providing comprehensive security solutions and services that are tailored to safeguard our clients' networks, infrastructure, and valuable assets.

63 Moons Technologies (63MT)

63 Moons Technologies (63MT)

63 Moons Technologies is a world leader in providing next-generation technology ventures, innovations, platforms, and solutions.

Astreya

Astreya

Astreya is the leading IT solutions provider for some of the world's most recognizable and innovative organizations.

Securily

Securily

Securily offers the ultimate solution for small to medium-sized businesses, blending cutting-edge AI with expert human insight to deliver the world’s easiest and most effective pentesting experience.

Strategic Security Solutions (S3)

Strategic Security Solutions (S3)

S3 is a leading provider of Cybersecurity consulting services for Identity and Access Governance (IAG), Zero Trust, and Enterprise Risk and Compliance.