Big brother really is watching us

As featured on TM Forum's the Insider blog

While we ponder how best to extricate and extrapolate customer information for marketing purposes from our infinite reserves of Big Data, it seems government has beaten us to the punch, but for different reasons.

‘Shocking’ headlines surfaced this week that the US National Security Agency and the FBI are tapping directly into the central servers of nine leading US internet companies, extracting audio and video chats, photographs, emails, documents, and connection logs that enable analysts to track foreign targets, according to a top-secret document obtained by The Washington Post

The article stated: “The program, code-named PRISM, has not been made public until now. It may be the first of its kind. The NSA prides itself on stealing secrets and breaking codes, and it is accustomed to corporate partnerships that help it divert data traffic or sidestep barriers. But there has never been a Google or Facebook before, and it is unlikely that there are richer troves of valuable intelligence than the ones in Silicon Valley.”

No one could argue that, but the scary part is that the information is supposedly being extracted directly from the servers of the ‘participating’ ISP/CSPs. The article also gives a detailed background to how this state of affairs was arrived at but it can be summarized by saying that a slew of anti-terrorist legislation, including the Patriot Act, was pushed through the Congress by the Bush Administration during the post 9/11 period.

It is estimated in the report that one in seven intelligence reports for the NSA emanate from PRISM related activities. What is perplexing is that the NSA’s primary purpose is dealing in foreign intelligence but is accessing information primarily from American companies hosting American customers on American soil. Sure, these dominant global players - such as Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube and Apple - deal with millions of foreigners as well, but how is PRISM distinguishing data belonging to either?

In another story, The Guardian in the UK said it had obtained a copy of a court order requiring US telco Verizon to provide the NSA, on an “ongoing, daily basis,” data on all phone calls in its network within the US and between the US and other countries. Reuters reported that the data Verizon is required to provide includes the numbers of both sides of a call along with location data, call duration and the time of the call but the contents of the conversation are not covered.

It also stated that the NSA had previously been criticised for its domestic surveillance. “In 2006, it was revealed that the agency had assembled the world's largest database of telephone records, tracking the calls of millions of customers of U.S. telcos AT&T, Verizon and BellSouth. It was reported at the time that the secret program was launched shortly after the September 11 attacks in 2001, in an effort to detect terrorist activity.

Alarm bells have started ringing internationally as a result of the Washington Post, Reuters and Guardian reports. The Sydney Morning Herald in Australia reports that under Australian law state, territory and federal law enforcement authorities can access a variety of “non-content” data from internet-related companies, like Telstra, Optus and Google, without a warrant. Data access is authorized by senior police officers or government officials, rather than by a judicial warrant.

Peter Lee, chief executive of the Australia Internet Industry Association, http://www.iia.net.au/ said: “News of this type of activity ... can only negatively impact on the willingness of people to use and embrace technology.”

Peter Black, a senior lecturer at the Queensland University of Technology, said that if the reported details of the NSA program were correct "there would be nothing stopping the US government from conducting in-depth surveillance on live communications and stored information of Australians who use those US internet firms.” The only way individuals could be sure their data was not being monitored would be to stop relying on US firms and entrusting their personal data to them, Mr Black said.

At a time when the telecommunications and IT industries are espousing the benefits of cloud computing, social networking and online remote data storage the news that governments, and not hackers, have access to it all may will send shivers down many spines.