It looks like those who have been giving the benefit of the doubt to big Internet corporations like Facebook, Google, Yahoo and others, have no reason to doubt it anymore: recent leak from Edward Snowden, a system administrator who worked for National Security Agency (N.S.A.) to The Guardian and The Washington Post, seems to be capable of convincing those who could not be convinced before – Internet companies have been providing access to their users personal data for U.S. government.
There is still uncertainty as to the extent of the cooperation between the IT companies involved and the intelligence services. After The Guardian publication Google made a statement saying that it disclosed user data in compliance with U.S. law and after carefully reviewing each and every request, and has not granted direct access to their systems. Microsoft, Apple, Yahoo and others made similar statements. As for now those statements cannot be confirmed or refuted but given the circumstances one simply cannot be sure, to say the least of it. There is practically no chance of any legal actions against the companies as according to section 404 of Protect America Act they have immunity from prosecutions and lawsuits.
The foreign intelligence law which authorizes and regulates this data collection is a classified document and it is hardly possible it will be officially released for public scrutiny in foreseeable future if ever. The surveillance program (code name PRISM) that was launched back in 2007 and renewed under President Obama was devised to target foreign citizens (who are not on the U.S. territory). According to a top-secret document leaked to The Post, the Internet companies that store personal data were letting N.S.A. collect the information which includes emails, chats logs, photos, videos, social networking details, directly from their servers. The gathered materials are said to be among the most important and valuable intelligence information collected by U.S. government.
While the approach that American government takes to address the constant threats of terrorist actions may repel a great number of people in the U.S. and abroad, we have got to admit that since 2001 there was no terroristic attack on American soil even remotely comparable to what took place on 9/11. Not everyone agrees that America is safer now than twelve years ago but the figures and the facts speak for themselves. However the security has its price and it is paid not by American people only.
9/11 and the following security measures have given rise to many controversial and thought-provoking questions, one of which is whether the information obtained by means of bulk personal data analysis should be used only for informational purposes and be excluded as evidence in lawsuits. The Fourth Amendment to the U.S. Constitution declares the right of the people “to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures”. The majority of other countries have similar rights declared in their constitutional documents. Scanning random or semi-random emails (even for keywords), recording and analyzing arbitrarily selected phone calls and snooping around through other forms of private correspondence cannot be possibly recognized as constitutional provided that the courts are ready to take the constitutional rights literally and to enforce them even at the expense of security considerations.
In fact, that’s what the separation of powers is all about. Documents are not stored only in desks or safe deposit boxes anymore. That means the search can be carried out without person’s knowledge, without asking for consent and that usual procedure which involves getting the search warrant, knocking on the suspect’s door and summoning witnesses can be dispensed with. Digital era made it extremely easy for governments to get access to personal information but should it be considered as an extenuating factor? If yes, then maybe hackers who break into other people’s computers or steal money from credit cards should not be held responsible either? Theft of privacy and theft of money both mean larceny and it is government’s and courts’ job to make sure larceny does not remain unaccounted for.
There is no secret that personal information from the Internet has been used by the IT corporations for a long time, maybe even before it occurred to governmental agencies to make any use of it (highly controversial assumption but we don’t know the facts anyway). The difference is, this data has been used not for the purpose of war on terror, – it has been used for target advertising and making money. “Liking” a rock band on Facebook seems to be enough to make an ad banner with either guitars, concert tickets or fan t-shirts appear at the side of the page. Ordering airplane tickets online is usually followed by pop-up adds on every second website one visits, offering the best hotel deals in and around the destination city. This has all been discussed, commented on and complained about. However, no significant changes ensued. Will anything change after PRISM controversy? Let’s make our own predictions and wait.
The final point. Personal data that is stored on public servers of IT companies in question has been uploaded there voluntarily by users themselves. Some of the users trusted the privacy policies, some of them didn’t want to read them; some of them did not care (and still don’t), some decided to take the risk and hope they’d be luckier than others and their data would remain confidential. Well, this news should get all of us thinking.