In the Age of the Embarrassing Leak, Can We All Admit That Encryption Is a Good Thing?
Government officials arguing against privacy protections are learning their importance in the most embarrassing ways possible.
Even the likes of surveillance-friendly presidential candidates might be thinking fond thoughts about the benefits of privacy and encryption after the events of recent days. It's one thing to have your friends in business found out for turning people's personal communications over to your friends in government. It's quite more troubling when you're Hillary Clinton and your own missives are hacked and reveal your strong belief in the value of telling the voting public one thing while firmly planning on doing another.
And it's little consolation that America's drunk uncle, Donald Trump, staggered through the headlines in the form of old recordings of his grope-y locker room shenanigans to briefly distract some public attention from such cynical musings. Those leaks are out there, and opposing candidates can't always be counted on to provide such clickbait-y counterprogramming.
But will the embarrassed powers-that-be extend their concern to the rest of us? It's entirely too easy to imagine America's political class responding to the summer, and fall (and preceding years) of inconvenient leaks with special dispensations only for the anointed. As for the rest of us… we'll always have Yahoo.
Yahoo, of course, is the aging Internet giant that apparently still offers email services—though probably not for long. Demand for its offerings is likely to shrivel in the wake of revelations that Yahoo's senior management succumbed to government demands that it search all of its customers' incoming messages for anything that might interest the sort of people who sit in Beltway-area offices, eavesdropping on the world. The company did so without challenge and it bypassed its own security department, the head of which resigned in protest.
In a post-Snowden world, many people want to know what the hell Yahoo's leadership was thinking by complying with the sort of snooping that Apple gained public kudos by defying. Yahoo may even have increased the risk of hacking by creating a backdoor for the government. Hacking of the sort that was revealed right before we found out about the snooping, that is.
It's almost as if punching holes in privacy protections weakens them across the board.
Sen. Ron Wyden (D-Ore.) demanded to know the government's rationale for the Yahoo surveillance and warned that "federal law is being interpreted in ways that many Americans would find surprising and troubling."
But it's not clear that laws and even their most reasonable interpretations are much of a bar to such intrusions into people's private communications.
The NSA's bulk telephone metadata collection was found to be thoroughly illegal once revealed to the public by whistleblower Edward Snowden and brought to the courts. "We hold that the text of section 215 cannot bear the weight the government asks us to assign to it, and that it does not authorize the telephone metadata program," concluded a three-judge panel of the Second Circuit Court of Appeals.
And Germany's BND spy agency, which self-righteously reduced contacts with the NSA out of a professed respect for privacy, was later shown to be quietly, and quite illegally, engaged in mass surveillance of its own against the German population. "These infringements of constitutional rights are conducted without any legal basis and thus harm the constitutional right of informational self-determination of [innocent] people," announced the country's Federal Data Protection Commission.
Both incursions into people's private lives survived for years behind the scenes, succumbing more (to the extent they actually go away, rather than continuing behind the scenes) to public exposure than to legal barriers. Totally illegal the snooping may have been, but it would have certainly continued if it hadn't been publicized.
Despite public uproars over indiscriminate surveillance efforts, Yahoo is only one company trying to win that public's business that hasn't learned that many people value their privacy and don't want it compromised by the services with which they deal. Neither, apparently, has Facebook. The social media giant recently rolled out "secret conversations" for its Messenger app, but they're not necessarily as secret as promised. The company assures users, "If you think a message you've received in a secret conversation goes against our Community Standards, you can report it. When you report a secret conversation, recent messages from that conversation will be decrypted and sent securely from your device to our Help Team for review."
Presumably, they could decrypt it by government order, too. Or hackers might just get access to the back door and help themselves.
There's no such thing as absolutely assured privacy, unfortunately. But that doesn't mean we have to choose communications techniques that are deliberately compromised from the get-go. Services like the messaging app Signal at least try to keep personal information secure from snoops. ProtonMail makes the same effort for email, though some potential vulnerabilities have been found. They and other efforts start from the premise that it should at least be difficult for personal data to be intercepted—even if it's by government agencies.
Government officials (and would-be officeholders) push back on that idea. FBI Director James Comey can't shut up about how much he hates anything that makes it hard for him to steam open the nation's envelopes. Presidential hopeful and national embarrassment Donald Trump called for a boycott of Apple for refusing to help the FBI crack its phones' security. Our horrifyingly likely next president, Hillary Clinton, famously called for a "Manhattan-like project" to crack encryption.
Who knows whether Comey will ever change his tune? But both presidential candidates probably have a stronger appreciation for privacy these days. Clinton, in particular, may have had second thoughts about encryption after so much of her own correspondence spilled out across the internet.
If so, maybe we'll find out by digging through the next batch of her email to get swiped and released to the public.