NSA Spurs Secrecy

Privacy protections


Reacting to revelations about the National Security Agency's interception and storage of online data, Twitter announced in November that it is joining other tech companies in implementing "perfect forward secrecy."

While many Internet services already encrypt user communications and other information, this form of encryption separately encodes each session to ensure that snoops who break a code get access to only a snippet of data, not everything belonging to a user. Even when the government obtains a warrant for information, perfect forward secrecy has the potential to limit intrusions rather than providing a skeleton key.

Facebook also plans to implement perfect forward secrecy, and Google has had it in place since 2011. In its announcement, Google pointed out that "not even the server operator will be able to retroactively decrypt HTTPS sessions," meaning companies that implement the security cannot turn users' lives into open books, no matter the pressure they face.

Encryption technology does not shield companies from the obligation to respond to official government demands. But it can force surveillance into official channels, and it can reduce the amount of information collected.