Encrypted email: 'Indicator for NSA to collect that information’
RT:As we know, the US Senate failed to vote for an extension of certain provisions of the Patriot Act. However some are joking that although the Patriot Act has expired, the NSA still has Facebook. Are social networks really that susceptible to snooping?
Sascha Meinrath: Absolutely. It’s established fact at this point in time that the NSA has conspired with a number of the largest providers of social networking to extract information for use in on-going investigations. The real question is we don’t know the extent to which that is happening. What we do know, however, is that buried in this US Freedom Act are several clauses - one of which will pay private companies to collect information about its users, and a second that provides liability protection even if sharing that information is found by a court to have been illegal. So one of the reasons why a lot of companies are right now pushing for the passage of the US Freedom Act is that they get money and they get liability protection if what they are doing actually breaks the law.
RT:Should social-network users be worried?
SM: Everyone should be worried of course because it’s not just what you are putting up there, but it’s what other people are putting up there. So if you are in the background of somebody else’s photograph, you really have very little meaningful control over that media. Now the reality is we are living in an era where we haven’t updated our consumer protections, our privacy protections and that is desperately needed. You can’t have surveillance without some sort of check and balance and right now we don’t have any rights or civil liberties-based protection for all the users of social media.
RT:Facebook today introduced a new feature: Encrypting its messages to users about posts they're tagged in. Is the timing of the release of this update significant?
SM: Obviously many of the largest companies are also reeling from a loss of trust by their users… and they are looking for ways that can ameliorate the damage. And so Facebook has introduced – or will be soon introducing – the ability to encrypt e-mail and send it along. The question is, “How is it encrypted?” Is it encrypted from your end device, in which case it’s relatively secure, or is it encrypted only once it gets to Facebook, in which case Facebook would have access to your unencrypted file. And again, if Facebook was then sharing that information with the NSA or other intelligence agencies they would still have access to your unencrypted text messages.
RT:Can the NSA dig deeper than what's in principle available to ordinary Facebook users?Can it have the information which is not even supposed to be public?
SM: Exactly. In fact it will be great if the NSA had to log into Facebook to get your information because then it would at least have to abide by privacy protections and preferences that you set. Unfortunately there are accesses on this information from the backend and what that means is they can completely disregard your privacy protections. In fact, it’s possible – it’s likely – that when you put things into a more private setting that that attracts the attention of intelligence agencies. We’ve already seen them admit that when you encrypt your email that that for them is an indicator to collect that information.
The statements, views and opinions expressed in this column are solely those of the author and do not necessarily represent those of RT.