Surveillance still a concern 10 years after Snowden leaks

Technology's role

The "Snowden effect" rocked the technology industry after it was revealed that the NSA was tapping into information held by some US cloud-based services through the Prism program.

Google, Cisco and AT&T lost international business due to the public outcry over their roles in the NSA spying. Apple and other Silicon Valley tech giants were accused of knowingly taking part in the secret data collection program.

To regain users' trust, Apple pioneered technological change a year after the leaks by encrypting its services in an attempt to prevent law enforcement from accessing users' data.

The company's encryption methods help protect the contents of the device and prevent federal agents, intelligence agencies and even Apple from accessing any users' data. This measure forces the government to go to the owner of the device, rather than Apple.

The Snowden revelations, especially slides showing the NSA was using the unencrypted traffic between the internal data centers of Google and Yahoo as a point of surveillance, triggered the tech industry into wide encryption.

The use of encryption has become more widespread in recent years and many companies now offer it as a standard feature in their products.

But the recent record-breaking fine levied by European Union regulators against social media giant Meta suggests that the days of the US unlawfully accessing users' personal information via the nation's tech giants are not over.

In May, the European Data Protection Board announced the $1.3 billion fine, saying that Meta violated EU privacy laws by transferring the personal data of Facebook users to servers in the US. Meta is the latest company to face a big penalty for privacy violations under the EU's General Data Protection Regulation. The previous record fine of $805.7 million was levied against Amazon in 2021.

Privacy advocates criticize the US Congress for not taking privacy concerns seriously. The EFF report said, "Congress' relationship to privacy comes when it's politically expedient, and disappears as soon as members feel as if they could be too easily painted as being soft on crime or national security."

Despite calls in recent years for federal legislation to reign in big tech companies, the EFF analysts said they have seen nothing significant in limiting a tech company's ability to collect data (then accessed by the NSA via Prism), or regulate biometric surveillance, or close the backdoor that allows the government to buy personal information rather than obtain a warrant.

"It's been 10 years since the Snowden revelations, and Congress needs to wake up and finally pass some legislation that actually protects our privacy from companies as well as from the NSA directly," they said.

Stephen Farrell, research fellow in computer science at Trinity College Dublin, said far more needs to be done to better protect internet users' security and privacy.

"In particular, we (the technical community) haven't done nearly as good a job at countering surveillance capitalism, which has exploded in the last decade," Farrell wrote in a Snowden retrospective published on May 20.

However, the "legal but hugely privacy-invasive activities" of major tech companies have not caused as much "annoyance" as the Snowden revelations, he said.

Bad actors are not limited to governments, Farrell said. "Many advertising industry schemes for collecting data are egregious examples of pervasive monitoring, and hence ought also to be considered an attack on the internet that ought to be mitigated where possible. However, the internet technical community clearly hasn't acted in that way over the last decade," he said.

"While we got a lot right in our reaction to Snowden's revelations, currently, we have a 'worse' internet."

liazhu@chinadailyusa.com