This weekend Der Spiegel reported that each month more than 500 million phone conversations, email and text-messages are being intercepted by the NSA. Sadly enough Germany, the Netherlands and other nations play an active part in passing telecommunications-data to the US, bound by information-sharing treaties from the Cold War era.
The scope and impact of the NSA spy scandal seems to be growing by the week. There is now no doubt anymore that the NSA is listening in on virtually every phone and email conversation in Europe. Citizens, diplomats, politicians, activists, dissidents and even the EC itself are transparent to the US government. Windows, Apple, Google and Facebook surrender our email-messages, chats, photo albums, calendars, contacts and location data. Telephone communications are continuously being recorded and stored.
European governments are standing at a crucial crossroads in history. We need to face the fact that there is no realistic way to influence the NSA on this matter. Our priority ought to be to minimise the damages and prevent further damage, as well as to educate citizens and business alike and to build European substitutes for critical US technology.
It is about time that we acknowledge that this mass spying is causing serious damage all through society. Try to imagine how many lucrative deals European business have failed to get because their sensitive correspondence was open to their US competitors.
In politics, the US has been aware of the viewpoints of all political parties; how can we guarantee that our political process hasn't been unduly influenced by US interests? If US negotiators could freely access their European counterparts' private correspondence, the question can be asked if we haven't been severely short-changed in many international treaties that have been negotiated recently.
We mainly have ourselves to blame, we have allowed the US corporations to become the omnipresent giants they are today. If everybody would cancel their gmail tomorrow, where would they go? A large part of our communications infrastructure is owned and operated by the US and until we have developed equivalent alternatives, this situation will remain for a while. If not forever.
Our politicians ought to consider very carefully where their loyalties lie. Are they loyal to their citizens and businesses, or to the US-government?
Governments must accept some realities:
- • The NSA wants to know everything about everybody. There are no exceptions.
- • Non US-citizens are explicitly considered fair game.
- • No US company, nor any European company with offices in the US will be able to give any meaningful guarantee with regard to data-protection. These companies are bound by the Foreign Intelligence Surveillance Act (FISA), therefore they are subject to secret orders from a secret court and can be forced to hand over any and all data at any given time, without informing anyone. The Foreign Intelligence Surveillance Court has so far only declined 11 out of 34.000 spying requests filed by the NSA.
- • The only countermeasures that might give some protection are strong encryption and total control over your cloud.
Governments need to act now:
Stop the war on Privacy immediately. Our ministers should invade the talkshows and explain the virtues of cryptography. Explain that encrypting an email message is the modern day equivalent of sealing an envelope. Promote that citizens and companies start encrypting sensitive information and stop linking cryptography to terrorism and child pornography.
Kill the 'nothing to hide, nothing to fear' meme. Then kill it again, just to be sure.
Immediately assess crucial ICT-infrastructure for FISA-exploits. Electronic Patient Records and internal government databases should not be running on US based services.
The transition to Open Source and Open Standards should be given extra priority. Not only does Windows contain NSA-backdoors, newly discovered zero-day exploits are disclosed to the NSA long before the patches are pushed to the general public. The longer government and business allows itself to be locked into proprietary systems, the more they open themselves up to being compromised by the NSA.
As long as there is the FISA, we can only trust ourselves. There is no amount of diplomatic pressure, no treaty or solemn promise by a president which can be relied upon to break the stranglehold of the NSA. Government, citizens and businesses can only try to protect themselves from their spying Atlantic neighbour.
All data-sharing treaties with the US must be suspended pending a broad public discussion about the costs and benefits of these programmes. Society must have a say in the extent of spying it is willing to endure in exchange for the coveted higher 'trust-level'. The fact that the current trust-level is obviously useless to us ought to be weighed in that discussion.
National security agencies must reaffirm that their citizens are not the enemy. Their blind loyalty and subservience to the NSA is a direct threat to European economics, politics and civil rights.
The US has waged a strong and effective lobby to weaken the European Data Protection Directive. This directive should be revised back to the original version at all points where US-lobbying was successful.
Translated from Dutch.