NSA Should Thank Edward Snowden

Edward Snowden’s decision in 2013 to leak secret documents about America’s mass surveillance programs did not end them completely. But the reforms adopted in the wake of his disclosures have strengthened not only Americans’ privacy, but the National Security Agency’s (NSA) ability to collect intelligence.

Make no mistake, these reforms would not have happened without a whistleblower like Snowden. Obama’s aides showed little interest in reforming mass surveillance until the Snowden leaks forced their hands.

It was Snowden who forced the NSA to be more transparent, accountable, and protective of privacy. The NSA took painful steps to open up. It released thousands of pages of previously top-secret documents in a transparency drive intended to put the Snowden leaks in context. The head of the intelligence community now publishes an annual transparency report. Congress ended bulk collection of Americans’ telephone records after an outside review found it to be of marginal value.

More fundamentally, Snowden enlarged the way the US government thinks about privacy. The Snowden documents outraged friendly governments and embarrassed US technology companies in the global marketplace.

In response, Obama issued new rules requiring the NSA to consider the privacy not only of Americans, but of everyone in the world. Despite President Donald Trump’s nationalist rhetoric, the new administration is sticking with these rules. Director of National Intelligence Dan Coats agrees that the rules protecting foreigners’ privacy in intelligence collection have helped to reassure European allies.

In fact, one of the biggest beneficiaries of the post-Snowden reforms has been the NSA itself.

The system that Congress created to end the NSA’s bulk collection of telephone records from American companies has actually given the agency’s analysts access to data from more companies than before.

The old bulk collection program was limited for reasons of secrecy, trust, and logistics to a few large providers. According the NSA’s top lawyer, this has given the agency access to “a greater volume of call records” than it had before, without the responsibility of storing the billions of irrelevant records it used to collect each day under the old program.

It turns out that transparency and privacy protection go hand in hand with good intelligence.

Last year, former Attorney General Eric Holder offered qualified praise for Snowden. “We can certainly argue about the way in which Snowden did what he did, but I think he actually performed a public service by raising the debate that we engaged in and by the changes that we made,” he said. (He said in the same interview that what Snowden did was “inappropriate and illegal.”) Despite the dislike my old colleagues in the intelligence community have for Snowden, I have heard many of them privately express similar views.

Trump has inherited the most powerful apparatus for mass surveillance the world has ever seen. While the post-Snowden reforms are a good first step, we delude ourselves if we think they have made the NSA tyrant-proof.

In Snowden’s first interview from Hong Kong, he warned against “turnkey tyranny.” One day, he said, “a new leader will be elected” and “they’ll flip the switch.”

It is important that this warning not be proved prophetic. This year, Congress will review the Foreign Intelligence Surveillance Act (FISA), in which Section 702 allows warrantless NSA surveillance of foreign targets who may be in contact with Americans.

While the law has produced valuable intelligence, it requires additional reforms to protect privacy. Now more than ever, protecting civil liberties is a cause worth fighting for, not only for the surveillance state’s discontents but for the surveillance state itself.

Fortune

You Might Also Read:

Snowden: NSA Should Have Prevented WannaCry Attacks:

US Intelligence Agencies Fear Insiders As Much As Spies:

 

« N.Korea Will Target UK Financial Services
Russian Cyber Campaign Aims To Splinter US Voters »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

SecureNow Insurance Broker

SecureNow Insurance Broker

SecureNow is a commercial insurance broker based in India. Services offered include Cyber Risk insurance.

Cambridge Intelligence

Cambridge Intelligence

Cambridge Intelligence are experts in network visualization and finding hidden trends in complex connected data. Applications include cybersecurity.

AFCON Control & Automation

AFCON Control & Automation

AFCON is a leading global provider of software solutions and services for the smart management of Control & Automation systems in the age of Digital Transformation.

Blake, Cassels & Graydon (Blakes)

Blake, Cassels & Graydon (Blakes)

Blakes is one of Canada’s top business law firms serving national and international clients in specialist areas including cyber security.

Cybersecurity & Infrastructure Security Agency (CISA) - USA

Cybersecurity & Infrastructure Security Agency (CISA) - USA

CISA leads the national effort to defend critical infrastructure against the threats of today and to secure against the evolving risks of tomorrow.

APERIO

APERIO

APERIO, the global leader in industrial data integrity, helps its customers drive profitability and sustainability while mitigating risk in their industrial operations.

CyberInsureOne

CyberInsureOne

At CyberInsureOne, we break down the complex world of cyber insurance, and connect you with providers that can give you and your company peace of mind.

Braintrace

Braintrace

Braintrace’s services include Managed Detection and Response (MDR), Managed SIEM, SIEM-as-a-Service, SOC-as-a-Service, Advisory Services, and Incident Response.

RISE

RISE

RISE is an independent, State-owned research institute, which offers unique expertise and over 100 testbeds and demonstration environments for future-proof technologies, products and services.

MSPAlliance

MSPAlliance

MSPAlliance is the world’s largest industry association and certification body for cloud computing and managed service professionals.

InfoSec Conferences

InfoSec Conferences

InfoSec Conferences is an online directory of infosec conferences. We list every single Information Security conference, event and seminar within every niche in Cybersecurity.

Moss Adams

Moss Adams

Moss Adams is a fully integrated professional services firm dedicated to assisting clients with growing, managing, and protecting prosperity.

Solvere One

Solvere One

Solvere One is a managed service provider (MSP) focused on corporate consulting and partnership.

Topsec Cloud Solutions

Topsec Cloud Solutions

The Topsec Managed Email Security Platform eliminates Spam, Viruses, Malware, and Phishing.

Silent Push

Silent Push

Silent Push maps all internet-facing infrastructure with searchable, advanced attributes, generating early indicators of potential threats that are tailored to your environment.

HaystackID

HaystackID

HaystackID provides industry-leading computer forensics, eDiscovery, and attorney document review experts to help with complex, data-intensive investigations and litigation.