PRISM: Possibility in the privacy pitfalls?

Since the outing of PRISM, plenty of high-calibre spokespeople from the world that governs have spoken out regarding the high-level backlash of the reports. However, what has been fairly limited is information which is useful to Internet and phone users in other parts of the world, particularly surrounding local regulations.

Legal questions?

Snowden claimed in an interview that his motive was driven by the fact that this programme posed an "existential threat to democracy". When working in the industry, Snowden revealed that he had the "authorities to wiretap anyone, from you or your accountant, to a federal judge, to even the president," if he had a personal email.

But once the investigation had become more intense, the initial uproar regarding legality was placed into question. Had the US government, and, subsequently, the nine technology companies named, actually participated in anything illegal at all? And was this as outrageous as first thought?

Former NSA employees believed so, one of which, Thomas Drake, was reported as saying, "Leaks by former NSA contractor Edward Snowden published early this month give more evidence of widespread privacy violations at the NSA. We need to confront the reality that we have a secret government that's not operating in our best interests.

Drake reportedly added at the Computers, Freedom and Privacy Conference in Washington, D.C., "What's at stake is the very essence of what it not only means to be an American, but also what it means to be a citizen."

Drake claimed that since 9/11, the government had revoked the Constitution's Fourth Amendment, "Giving US residents freedom from unreasonable searches," and had "violated the legal regime" against domestic spying that the NSA had operated under since the late 1970s.

Home truths?

But for residents in the Middle East, this activity isn't actually anything new at all, and that's no secret. The lack of transparency surrounding the US surveillance programme may have been the main cause of unrest following the leak, not so much the information itself, due to the privacy laws which were amended by the Bush administration. However, in the UAE, according to Norton Rose Fulbright, there isn't actually any specific federal law covering this topic. The website quotes: "The UAE does not have any specific federal laws on data privacy, but various pieces of legislation may have an impact on businesses that engage in data processing activities." It continues, "The UAEConstitution of 1971 guarantees the right to secrecy of communications."

And historically, some countries in the Middle East have openly attempted to block some communications services because they could not monitor the engagements. In 2010, Saudi Arabia and the UAE both announced they wished to ban BlackBerry's iconic device-to-device BBM service, and for a short time, Saudi did. More recently, in March this year, the BBC reported that Saudi Arabia was threatening to ban Skype and WhatsApp for the same reasons. A news report on the website quoted: "It is demanding a means to monitor such applications, but Saudis say that would seriously inhibit their communications."

In this vain, monitoring communications in the Middle East could cause more concerns than other regions. In the same report, it was claimed that a Saudi user told the local media that "she would feel uncomfortable talking to her relative on Skype without her hijab if she believed someone might be monitoring her." Moreover, expatriates have reportedly messaged newspapers pleading with the Saudis "not to stop their only affordable means of communication to their families back home".

It appears to be more than apparent, then, that regulatory bodies in the Middle East have been actively seeking the means to monitor internal communications for some time. The major difference here may be that, in these cases, there has been far more transparency during the ordeal, as opposed to the US, where users have claimed to be unaware of such surveillance. This is not to mention the major technology companies involved, many of whom have failed to comment, regionally.

Much ado about nothing?

But regional experts take another standpoint, claiming that government data collection is nothing new. This information is the result of what happens when a society chooses to digitise its common processes, and, in fact, this finally shakes the shackles of unanswered questions from our shoulders, allowing us to properly focus on our online persona. Florian Malecki, Product Marketing Director,Dell Software, believes that this highlights the choices that Internet users have when communicating online.

"When you choose to go online, then you must accept that your data isn't ever going to go away. It's always going to be stored and at some point accessible. Using the Internet is like walking in snow or sand -- you leave footprints. It's difficult not to be invisible. But if you're not doing anything dodgy then what's the problem?" he said.

"What's important for the public to know is that it is machines doing the listening, not people. So you've not got a man sitting there listening to your conversations. You know now that your actions are being traced, what you decide to do online is your choice."

Internet users in the Middle East may benefit from these revelations; there are 3,370,780 Facebook users in the UAE alone, which is the world's 48th highest Facebook user population. Ipsos claims that Internet penetration in the Middle East and Africa is 39 percent, which sits above the world average. And recently, Ipsos claimed that over 25 percent of daily news was consumed online in the UAE. Moreover, the UAE has the highest ecommerce penetration in the Middle East with 46 percent of its Internet population, generating the highest amount of financial details online in the region. Awareness of this data being collected and monitored could be seen as a healthy heads-up to users.

Nicolai Solling, Director of Technology Services at help AG, adds that we've always been aware that some kind of government surveillance has been going on. "We've known for decades that telephones can be tapped -- we didn't stop using the telephone. What this does is free us from the question, are we being tracked and watched? And allows us to say, okay, I know that what I'm doing is being watched, so now I can make better decisions around what I post online -- that's a positive from this. I've never been naïve enough to think what I do online is private."

However, he does believe that there are some major risks in terms of hacking. Not so much that government agencies have information on us all -- that's no surprise, he claimed -- but that major technology companies, such as Google and Facebook, have been collecting data and allowing an entity to access it through back-door channels. This could become a prime target for hackers.

Join the CSO newsletter!

Error: Please check your email address.

Tags securityUS National Security Agencygovernmentprivacy

More about BBC Worldwide AustralasiaBlackBerryBushDellDrakeFacebookGoogleNortonNSARoseSkypeTechnology

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Joe Lipscombe

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place