Democracy Gone Astray

Democracy, being a human construct, needs to be thought of as directionality rather than an object. As such, to understand it requires not so much a description of existing structures and/or other related phenomena but a declaration of intentionality.
This blog aims at creating labeled lists of published infringements of such intentionality, of points in time where democracy strays from its intended directionality. In addition to outright infringements, this blog also collects important contemporary information and/or discussions that impact our socio-political landscape.

All the posts here were published in the electronic media – main-stream as well as fringe, and maintain links to the original texts.

[NOTE: Due to changes I haven't caught on time in the blogging software, all of the 'Original Article' links were nullified between September 11, 2012 and December 11, 2012. My apologies.]

Saturday, May 30, 2015

Latest Privacy Revelations Show It's Up to Canadians to Protect Themselves

Another week, another revelation originating from the seemingly unlimited trove of Edward Snowden documents. Last week, the CBC reported that Canada was among several countries whose surveillance agencies actively exploited security vulnerabilities in a popular mobile web browser used by hundreds of millions of people. Rather than alerting the company and the public that the software was leaking personal information, they viewed the security gaps as a surveillance opportunity.

In the days before Snowden, these reports would have sparked a huge uproar. More than half a billion people around the world use UC Browser, the mobile browser in question, suggesting that this represents a massive security leak. At stake was information related to users' identity, communication activities, and location data -- all accessible to telecom companies, network providers, and surveillance agencies.

Yet coming on the heels of global revelations of surveillance of network exchange points and internet giants along with Canadian disclosures of daily mass surveillance of millions of internet downloads and airport wireless networks, nothing surprises anymore. Instead, there is a resigned belief that privacy on the network has been lost to surveillance agencies who use every measure at their disposal to monitor or gather virtually all communications.

While the surveillance stories become blurred over time, there is an important distinction with the latest reports. The public has long been told that sacrificing some privacy may be part of a necessary trade-off to provide effective security. However, by failing to safeguard the security of more than 500 million mobile users, the Five Eyes surveillance agencies -- Canada, the U.S., U.K., Australia, and New Zealand -- have sent the message that the public must perversely sacrifice their personal security as well.

Agencies charged with identifying potential security threats believe protecting individual security is not part of their mandate. According to Christian Leuprecht, a Royal Military College professor, "the fact that certain channels and devices are vulnerable is not ultimately the problem of signals intelligence."

In other words, you're on your own.

Some self-help steps

With internet providers such as Bell refusing to issue transparency reports about when they disclose subscriber information, and major telecom equipment companies such as Samsung the target of surveillance agencies (the revelations also disclosed that the agencies explored hacking into Samsung and Google app stores), the corporate community is at best powerless and at worst complicit in the surveillance activities.

Meanwhile, government agencies have abdicated responsibility for safeguarding user security and the government itself has steadfastly opposed any improved oversight of Canadian surveillance agencies, leaving Canada with one of the weakest oversight regimes in the developed world.

What to do in the face of a wide array of surveillance initiatives in which almost anything is viewed as fair game?

The most important self-help step for Canadians is to make encryption a standard part of their communications practices. Encryption is not perfect, but it creates a significant barrier against mass surveillance. The result provides privacy and security for users, while forcing agencies to consider whether to deploy additional tools to crack the communications. In other words, mundane messages are protected, while those associated with a reasonable suspicion of a threat may still be targeted.

Individual encryption is a good start, but more is needed. Many websites and web-based email services still do not offer encryption and therefore leave their users vulnerable to snooping agencies. Pressuring the internet giants to adopt encryption -- or at least offer the option of encryption -- is a necessity.

Furthermore, political and policy solutions cannot be abandoned. Bill C-51 generated significant public concern, though most of the focus was on new surveillance agency powers. Even without the changes, there remains a clear need for better oversight and rules based on the principle that Canadians cannot possibly feel secure if their own government views security vulnerabilities as creating an opportunity to exploit rather than an obligation to safeguard.

Original Article
Source: thetyee.ca/
Author: Michael Geist

No comments:

Post a Comment