NSA Should Thank Edward Snowden

Edward Snowden’s decision in 2013 to leak secret documents about America’s mass surveillance programs did not end them completely. But the reforms adopted in the wake of his disclosures have strengthened not only Americans’ privacy, but the National Security Agency’s (NSA) ability to collect intelligence.

Make no mistake, these reforms would not have happened without a whistleblower like Snowden. Obama’s aides showed little interest in reforming mass surveillance until the Snowden leaks forced their hands.

It was Snowden who forced the NSA to be more transparent, accountable, and protective of privacy. The NSA took painful steps to open up. It released thousands of pages of previously top-secret documents in a transparency drive intended to put the Snowden leaks in context. The head of the intelligence community now publishes an annual transparency report. Congress ended bulk collection of Americans’ telephone records after an outside review found it to be of marginal value.

More fundamentally, Snowden enlarged the way the US government thinks about privacy. The Snowden documents outraged friendly governments and embarrassed US technology companies in the global marketplace.

In response, Obama issued new rules requiring the NSA to consider the privacy not only of Americans, but of everyone in the world. Despite President Donald Trump’s nationalist rhetoric, the new administration is sticking with these rules. Director of National Intelligence Dan Coats agrees that the rules protecting foreigners’ privacy in intelligence collection have helped to reassure European allies.

In fact, one of the biggest beneficiaries of the post-Snowden reforms has been the NSA itself.

The system that Congress created to end the NSA’s bulk collection of telephone records from American companies has actually given the agency’s analysts access to data from more companies than before.

The old bulk collection program was limited for reasons of secrecy, trust, and logistics to a few large providers. According the NSA’s top lawyer, this has given the agency access to “a greater volume of call records” than it had before, without the responsibility of storing the billions of irrelevant records it used to collect each day under the old program.

It turns out that transparency and privacy protection go hand in hand with good intelligence.

Last year, former Attorney General Eric Holder offered qualified praise for Snowden. “We can certainly argue about the way in which Snowden did what he did, but I think he actually performed a public service by raising the debate that we engaged in and by the changes that we made,” he said. (He said in the same interview that what Snowden did was “inappropriate and illegal.”) Despite the dislike my old colleagues in the intelligence community have for Snowden, I have heard many of them privately express similar views.

Trump has inherited the most powerful apparatus for mass surveillance the world has ever seen. While the post-Snowden reforms are a good first step, we delude ourselves if we think they have made the NSA tyrant-proof.

In Snowden’s first interview from Hong Kong, he warned against “turnkey tyranny.” One day, he said, “a new leader will be elected” and “they’ll flip the switch.”

It is important that this warning not be proved prophetic. This year, Congress will review the Foreign Intelligence Surveillance Act (FISA), in which Section 702 allows warrantless NSA surveillance of foreign targets who may be in contact with Americans.

While the law has produced valuable intelligence, it requires additional reforms to protect privacy. Now more than ever, protecting civil liberties is a cause worth fighting for, not only for the surveillance state’s discontents but for the surveillance state itself.

Fortune

You Might Also Read:

Snowden: NSA Should Have Prevented WannaCry Attacks:

US Intelligence Agencies Fear Insiders As Much As Spies:

 

« N.Korea Will Target UK Financial Services
Russian Cyber Campaign Aims To Splinter US Voters »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Frazer-Nash Consultancy

Frazer-Nash Consultancy

Frazer-Nash is a leading engineering, systems and technology company. Areas of expertise include information security and cyber security.

TZ-CERT

TZ-CERT

TZ-CERT is the National Computer Emergence Response Team of Tanzania.

Fortify Experts

Fortify Experts

Fortify Experts is a search and recruitment firm specializing in Cyber Security.

CryptoCodex

CryptoCodex

Cryptocodex has developed Counter-Fight, the most advanced, yet simple to implement, counterfeit detection system.

SCIPP International

SCIPP International

SCIPP’s courses are based on internationally recognized best business practices for security awareness, for both technical and non-technical staff and to comply with regulatory mandates.

CyberArrow

CyberArrow

CyberArrow (formerly EBDAA) is a consultancy company providing high quality consultancy services in Risk & Compliance and Awareness & Education.

LevelOps

LevelOps

LevelOps is an industry application security platform that tracks and develops your application security.

INVISUS

INVISUS

INVISUS protects businesses against the latest cyber risks – including business and employee identity theft, data breaches, and cybersecurity compliance.

Logit.io

Logit.io

Logit.io is a log analysis & management platform that provides a scalable solution for hosting the open-source tools Elasticsearch, Logstash, and Kibana.

Cyber Security Canada

Cyber Security Canada

Cyber Security Canada is an accredited Certification Body for government-backed Cyber Security Certification Programs, designed specifically for small and medium-sized Canadian businesses.

Inflection Point Ventures (IPV)

Inflection Point Ventures (IPV)

Inflection Point Ventures (IPV) is a 6000+ members angel investing firm which supports new-age entrepreneurs by connecting them with a diverse group of investors.

MyCISO

MyCISO

MyCISO is the World’s first SaaS application that will vastly simplify security management for all.

American Technology Services (ATS)

American Technology Services (ATS)

American Technology Services provides unparalleled services in information technology to support small and mid-sized business. From top-level strategy, to managed services and infrastructure support.

Concorde Technology Group

Concorde Technology Group

Concorde Technology Group is one of the UK’s leading IT support and services providers, delivering cost-effective and innovative IT solutions to businesses across the country.

Confidencial

Confidencial

Confidencial is a provider of solutions that help organizations secure their most sensitive information, regardless if that information exists inside or is shared outside the organization.

Sequentur

Sequentur

Sequentur is an award-winning Managed IT Services company. We are SOC 2 certified and provide Managed IT Services and Cybersecurity services to businesses nationwide.