This New NSA Leak Could Spell the End For Privacy On the Internet

Impact

The assault on privacy by the NSA continues, and the consequences are grave. According to documents leaked by Edward Snowden, the National Security Agency (NSA) and its British counterpart the Government Communications Headquarters (GCHQ) have cracked much of the encryption used to protect the privacy of online information. This includes the encryption that "guards global commerce and banking systems, protects sensitive data like trade secrets and medical records, and automatically secures the e-mails, Web searches, Internet chats and phone calls of Americans and others."

The documents reveal that in 2010 the NSA developed a breakthrough which enables it to "monitor 'large amounts' of data flowing through the world's fibre-optic cables and break its encryption, despite assurances from internet company executives that this data was beyond the reach of government." The NSA developed this as the result of Sigint Enabling Project, a ten year program which costs $250 million a year. The most shocking revelation about this program is that it involves working with American and foreign technology companies in order to get these companies to insert secret vulnerabilities — "back doors" — into software. The NSA's work with technology companies has included encouraging voluntary collaboration, forcing cooperation with court orders, and "surreptitiously stealing their encryption keys or altering their software or hardware." In addition, the NSA has worked to introduce weaknesses into encryption standards used around the world.

The NSA calls these efforts the "price of admission for the U.S. to maintain unrestricted access to and use of cyberspace."  In contrast, the American Civil Liberties Union (ACLU) claims that the NSA is "making the internet less secure and exposing us to criminal hacking, foreign espionage, and unlawful surveillance."

It is unacceptable that the NSA is collaborating with internet companies while also committing acts of espionage against these companies to steal or sabotage their encryption software and hardware. It is as if the federal government is not sure which form of totalitarianism it wishes to espouse — fascism or communism. Introducing "back doors" into encryption software will create security vulnerabilities that hackers will also be able to expose. This creates grave dangers for all individuals and businesses that use the internet.

A far more serious problem is what these new revelations will mean for the expectation of privacy under the Fourth Amendment. In the 1979 case Smith v. Maryland, the Supreme Court adopted the Katz Test to determine the reasonable expectation of privacy. This test contains two parts. First, "a person [must] have exhibited an actual (subjective) expectation of privacy," and second, that "expectation [must] be one that society is prepared to recognize as 'reasonable'." The fact that it is now widely known that the NSA has such powerful capabilities for decrypting electronic information means that in the future the Supreme Court may decide that there is no reasonable expectation of privacy on the internet. As a result, the Court may eventually rule that government interception and decryption of electronic information is reasonable even without a search warrant.