Speaking to an audience at South by Southwest via Google Hangout yesterday, Edward Snowden stressed the need for consumers to start encrypting the information they send online and demand that tech companies make that easier:
To protect against secret surveillance, Snowden said, we need to make encryption a part of everything we do. “The bottom line is that encryption does work,” he said. “We need to not think of encryption as an arcane, dark art, but as basic protection for the digital world.”
He offered a personal example, which got laughs from the crowd. The NSA has a massive investigation team looking into Snowden, and “they still have no idea what documents” what documents he’s leaked to journalists “because encryption worked.” He did say that one can break into a computer and steal encryption keys, which “happens every day,” but cracking modern encryption would require an unfeasible amount of resources—and we should continue to develop crypto for the future.
John Cassidy summarizes Snowden’s argument:
The non-techies in the audience may have found some of what Snowden said a bit obscure, but it wasn’t, really. The sort of encryption he was recommending is so-called end-to-end encryption, in which data is readable only by the receiving—not by intermediaries, such as Internet-service providers and the intelligence services that intercept their traffic. Some tools of this nature are already available, but they can be complicated to use or costly to implement; commercial services like Gmail and Facebook don’t provide them. The key to progress, Snowden said, is developing cheaper and easier to use encryption methods, which could be incorporated into big e-mail and messaging systems. “It has to be out there,” he said. “It has to happen automatically. It has to happen seamlessly.”
Snowden’s co-panelist, ACLU principal technologist Chris Soghoian, explains the big picture:
We, the everyday consumers, must make privacy and security profitable. If we want these companies to put our interests first, we must pay for the services that they provide us. We must demand that those products preserve privacy – again, by default. Until this business model changes, the services that are made for the mass market will remain insecure, vulnerable and optimized for data collection.
By making it harder for the NSA to engage in mass surveillance, we force the agency to target the communications and devices of people genuinely suspected of wrongdoing without compromising the privacy rights of everyone else. I cannot stress enough what I said yesterday: the goal here isn’t to blind the NSA. The goal here is to make sure they cannot spy on innocent people, in bulk. Starting right now.
Mimi Dwyer is disappointed that Snowden didn’t address his critics:
From such a public venue as SXSW—more than 40,000 were watching the livestream at peak viewership—it makes sense for Snowden to address the criticisms levied towards him, like that he’s advocating for free speech from Russia, or that he’s done more harm to public security than good. These criticisms, common in public discussion of Snowden, barely came up in the interview. That’s not doing anyone any good.