One databit that arose out of Edward Snowden’s NSA snooping revelations is one most of us missed. It’s another that comes in the category of tiny, fascinating, but completely unsurprising. To wit (according to The Guardian):
Fisa court-approved policies allow the NSA to …. Retain and make use of “inadvertently acquired” domestic communications if they contain usable intelligence, information on criminal activity, threat of harm to people or property, are encrypted [emphasis mine], or are believed to contain any information relevant to cybersecurity;
Never mind the “inadventently acquired” bit. That and James Clapper’s “not wittingly” whopper are just cover for the fact that these totalitarians aren’t ready to admit that they’re already grabbing everything that’s within their reach. They’ll make the admission of omni-surveillance later, after they’ve “made it legal” via memo, executive order, or secret-court ruling. And after, of course, some future leaker forces them to reveal it.
The interestingly unsurprising tidbit in the above is that when they accidentally (wink-wink-nod-nod) gather our encrypted communications, they’re “legally” allowed to hang on to them. And presumably to try to decrypt and make use of them, though that isn’t specified.
Once upon a time, say 20 years ago, such illicitly gathered stuff would have been considered “the fruit of the poisonous tree” and beyond rightful government use. But that was when we still pretended to be a nation of laws. That was when we actually dealt with real evidence coming out in court — not secret surveillance resulting in secret evidence and secret busting up of secret terr’ist plots that we’d really be grateful to know were stopped, but if they told us they’d have to then send a Predator drone to our house.
Sadly, I can already hear some freedomistas muttering, “Well, thank heaven I never encrypt” or “See, I told you; encryption only calls attention to you.”
But that misses the point. First of all, you probably do encrypt, whether you know it or not, as a fair bit of modern communication travels under encryption even when we’re not aware of the fact. (Think online banking or shopping.) But an even bigger issue is that, since we’re all criminal suspects in the government’s eyes, anyhow, we might as well
enjoy our Outlaw status do even more things to secure our communications.
Because face it, those bastards are scanning your cookie recipes if you send them in the open, and you might as well force them into the extra work of code-breaking if they want to learn whether you use butter or shortening with your chocolate chips.
Still, most people aren’t going to encrypt their emails or phone calls. Even most freedomistas aren’t going to take many steps to protect their communications against snoops. To whatever extent anybody actually notices it, this revelation that encrypted exchanges are right up there with the “threat of harm to people or property” for villainousness will sadly add justification for whatever do-nothingness we’re already inclined to do … er, not do.
The real reasons we don’t do a better job of securing our communications are many and varied. We’re sometimes lazy. We’re ofttimes busy. Secure communication is confusing and time-consuming to set up. Most of us have no way of knowing whether our security measures are actually effective. An awful lot of so-called “security” relies on unproven claims and trust. And once we’ve made a decision to use better security, we find ourselves in a maze of choices and terminology that would stump anyone shy of Linus Torvalds.
The one good thing in the wake of the NSA revelations is that some of that is changing.
(Tip o hat to S for the heads up about “inadvertently acquired” encrypted communications.)