The whistleblower rightly trusted Hong Kong

When I first heard that Edward Snowden was in Hong Kong, I was skeptical. The young cybersecurity guru who uncovered the NSA's extensive surveillance surely would have headed for Iceland or some other haven (Sweden's off the map, as Julian Assange has learned).

Knowing Snowden's background, I thought he might have said he was in Hong Kong as a ruse--either having been here and gone, or never having been here in the first place. I was wrong. Snowden placed his trust in our judicial system, and Hong Kong should be proud.

"We need whistleblowers"

In an editorial, Bruce Schneier wrote eloquently about the phenomenon and concluded that "we need whistleblowers."

Schneier's right. Transparency in government is a good thing--provided it doesn't compromise essential security. And there's nothing essential about the NSA tapping into massive streams of metadata from unsuspecting and unsuspected citizens. There's even an amendment to the US Constitution (the Fourth Amendment, part of a series of amendment known as the Bill of Rights) forbidding "unreasonable search and seizure." Can it be that the NSA simply overlooked this?

There are other opinions on Snowden. One former official from the administration of George "Dubya" Bush excoriated the whistleblower, saying "the Chinese would welcome the opportunity and probably willing to provide immunity for him or sanctuary for him, if you will, in exchange for what he presumably knows or doesn't know." This difficult-to-follow sentence is especially absurd given that Snowden is now in Russia.

This is nonsense, but it plays well with many US voters, some of whom couldn't find China (let alone Hong Kong) on a map. Clearly, the revelation that US agencies conducted large-scale surveillance operations while the US president chided China's leaders about "cyberspying" is an embarrassment to Washington.

"We need whistleblower protection law in HK," said Charles Mok, Hong Kong's Legislative Councillor (Information Technology). "Time and time again we let them down--while they act in the public interest, the lack of protection for them effectively gags them."

"Snowden's case is a wake-up call," said Mok. "One does not need to agree with what and how he is doing, but a fair and open society must provide the protection a whistleblower needs, in order for society to continue to be transparent."

We DO need whistleblowers

Schneier and Mok are right. The USA needs whistleblowers to expose misfeasance or malfeasance on the part of US government agencies, and Hong Kong needs to provide protection for such watchdogs provided, of course, they abide by the laws of the HKSAR.

While some urged Snowden to leave Hong Kong, and he has now done so, the fact that he came here in the first place and was able to exit safely sits well with many in tech and government. A fascinating op-ed piece by Simon Tisdall, assistant editor and foreign affairs columnist for UK newspaper the Guardian explicates: "Like too many American politicians, Kerry seems to believe 'the law' is what the White House counsel and U.S. Justice Department deem it to be on any given day, and that this made-in-America 'law' applies inexorably to every country and every corner of the world," wrote Tisdall. "Wrong, John. It's like invading somebody else's country without a U.N. Security Council resolution, or entering a home without a warrant. Not advisable, unless you relish hand-to-hand combat and endless sarcasm."

"Obama and Kerry can talk about security until they lose signal. Right now, the rest of the world is talking sovereignty, privacy and individual rights."


Join the CSO newsletter!

Error: Please check your email address.

Tags business issuespersonnelsecurityU.S. National Security Agencygovernmentdata protectionprivacy

More about BillBushNSATechnology

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Stefan Hammond

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place