Operations // Identity & Access Management
5/29/2014
08:30 AM
Tim Wilson
Tim Wilson
Quick Hits
Connect Directly
RSS
E-Mail
100%
0%

A Year Later, Most Americans Think Snowden Did The Right Thing

On anniversary of whistleblowing, 55 percent of Americans say Snowden was right to expose NSA's surveillance program; 82 percent believe they are still being watched.

A year ago this week, contractor Edward Snowden published documents exposing the National Security Agency's PRISM program, which included online surveillance of US citizens. Was he justified in doing so? More than half of Americans believe he was.

According to a survey scheduled to be published this week by research firm YouGov and commissioned by security firm Tresorit, 55 percent of employed Americans believe Snowden was right to expose PRISM. Eighty-two percent believe their personal information is still being analyzed by the US government, and 81 percent believe their personal information is being analyzed by corporations for business purposes.

Nearly one in two employed Americans name constitutional rights as the reason for their support of Snowden’s exposure of PRISM: 44 percent of employed Americans cite their civil rights as key reasons that they support Snowden’s cause. Snowden supporters tend to be younger: Just 20 percent of young adults aged 16-34 believe Snowden’s actions were wrong, compared to 41 percent of adults aged 55 or older.

More than half of those surveyed (51 percent) don’t know if their employers have taken measures to ensure that corporate files are secure. Only 32 percent of respondents report that their employer has taken such steps.

Thirty-seven percent of employed Americans say they have not taken any steps in the last year to ensure personal digital security, according to the survey. Forty percent of employed Americans say they have created stronger passwords, while one in four (26%) have created different passwords for different online accounts.

Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Page 1 / 3   >   >>
screwbird
50%
50%
screwbird,
User Rank: Apprentice
6/10/2014 | 12:20:54 AM
Re: Definitely the right thing!
how does the ole saw go? if you can't argue the facts argue the law?

you are trying to argue that the outcome of Snowden's actions...which you happen to approve...mitigate the transgressions. not going to fly. he signed an oath. he violated that oath and a multitude of security commitments with KNOWN penalties he agreed to IN ADVANCE of receiving access.

- his actions were pre-meditated

- the "weighting" seems to conveniently miss the fact that he exploited not only his employer/customer....but his teammates as well. the notion that he, in this instance, acted as a beacon of virtue is patently false. 

- what NSA, any other organization or person has done is irrelevant to Snowden's culpability.

we can save for another time discussing the laughable circumstances of where he fled to and ensuing actions. yup...pure as a new-born baby's bottom!!

in the end...what you're really arguing is an ancient meme: the ends justify the means. I'd be careful with that one...it is, perhaps, too flexible a rule to live by.

 

 

 

 

 
PacoCW3
0%
100%
PacoCW3,
User Rank: Guru
5/30/2014 | 10:48:23 PM
Re: Definitely the right thing!
First and last, alpha and omega, he knowingly and willingly broke laws.  We citizens elect officials to write laws.  If you don't like the laws written, change the politicians.  I simply suggested people take responsibility for our government, by entering public service.  Change from the inside is generally more permanent than that caused by outside forces.  This is how our country has always worked best, individuals working to better their society, legally.

Attempting to equate government monitoring of communications with the Nazi murder of Jews shows an illogical mind.  Or even impugning I support the Nazi methods, illogical.

Based on this, I doubt your mental clarity and capability, and so your ability to be an effective security professional.  Unfounded knee-jerk statements by anyone working in IA is a liability.  As a IA professional, my primary responsibility to my employer is to minimize their risk exposure, legally.  Interesting, our Constitution allows for all Americans to voice their opinions, you are exercising your voice.  I do not agree with you, Snowden broke the law, he knew what he was doing.  He did commit a crime. 

I think your comment for me to grow a pair, is obnoxious, and ego-centric.  Sir, I grew a pair a while ago.  I've been in uniform for 30+ years, and have put my life on the line in more unpleasant corners of this earth than you've dreamed.  I have walked the walk, and talked the talk.

The United States government is a vast compilation of different organizations deployed across one of the most beautiful countries on our globe, not a single entity with a single point of success or failure.  The bottom line is we do not engage in systematically executing people based on their religion, color, country of origin or sexual preferences.  That was done by the Nazi.  Is still being done by other countries, and you likely buy their products at your local department store.  In effect you are likely supporting their continued pogrom.  Truthfully, as a nation we do try to help the down trodden, and liberate the oppressed.  It is because of this truth, that many, many good men and women, stand guard every night.  So that others like you and me can sleep peacefully.
Lorna Garey
67%
33%
Lorna Garey,
User Rank: Ninja
5/30/2014 | 10:04:39 AM
Re: Definitely the right thing! --- ?
With the caveat that I held a TS clearance for many years, a fact that likely colors my opinion, I consider Edward Snowden a traitor. He seems to have some delusional thinking going on as well ("a real spy"? Seriously?)

We can debate the legal minutia of PRISM all day. We can debate metadata and what level of intrusion happened to US citizens as opposed to foreign nationals. We can debate what amount of privacy we're willing to give up to avoid another 9/11. And certainly that's a conversation worth having. But let's also ackowledge that plenty of people are going to automatically assume that anything the NSA says it its defense, or about what damage Snowden did, is a lie. That's no more realistic than declaring the man a hero. 

To me, the fundamental facts are that he unilaterally decided to steal huge amounts of sensitive data, flee, and then trickle out data in a way that seems mostly concerned with keeping his name in the media spotlight.  
Christian Bryant
0%
100%
Christian Bryant,
User Rank: Ninja
5/30/2014 | 9:47:04 AM
Re: Definitely the right thing!
@DarkReadingTim I'm pretty much aligned with your assessment, although I'm cautious about discussing matters like this in the context of polls, as many others also seem to be.

I believe in right and wrong, in our laws, in defending your country, and doing what is the honorable thing to do. It's tough when that honorable thing may be having to do something that is illegal to defend your country in a way that may not have been perceived once as necessary.

This one is going to take time, and introspection. It's not poll material, for that reason.
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
5/30/2014 | 8:03:29 AM
Re: Definitely the right thing! --- ?
After watching the Snowden interview last night and some of the follow up reports on what he did (or did not do) to qualify as a whistleblower, I'm on the fence. Yes, the public is better off knowing the extent of heretofore secret and questionable NSA surveillance programs. But the jury (literally) is still out on whether Snowden's tactics were the best way to force the disclosure. He should come home and offer a full-throated defense that is his right within our legal system.
DarkReadingTim
100%
0%
DarkReadingTim,
User Rank: Strategist
5/30/2014 | 7:29:45 AM
Re: Definitely the right thing!
I think that as security professionals, we look at Snowden from two angles: one is our right to privacy as individuals; the other is as stewards of secure data that we know is unique and critical for our organizations.

As an individual, I'm not thrilled about the notion of government agencies monitoring my online activity -- or for that matter, corporations tracking my online habits to present me with more personalized advertising. I should have ways to protect myself from that sort of analysis, and there are some tools for encrypting and/or anonymizing my activity to make it harder for my personal activity to be analyzed.

As someone who has been part of the security professional community for some years, however, I think what worries me most about Snowden is the precedent he sets. He decided, all by himself as a contractor, that certain confidential data about his client should be exposed to the world. His motives may have been noble or moral, but if I'm a security professional, the idea that my organization's most sensitive data might be randomly published by a contractor scares the heck out of me.
JonNLakeland
100%
0%
JonNLakeland,
User Rank: Strategist
5/29/2014 | 10:11:29 PM
Re: Definitely the right thing!
@Robert, your arguments are far more compelling than most. Are you a lawyer in fact or merely well versed in this topic?

To all: I tend towards a belief that it was useful, and bordering on necessary, for Snowden to make PRISM known. I always simply assumed that the gov't could spy on anything we did digitally, especially post-Patriot Act, but having it confirmed moved it definitively out of the realm of conspiracy nuts and into the public eye.

Certainly there have been negative consequences - international faith in our tech companies has plummeted. I can wish that particular circumstance was different, but have to suppose that were the situation *not* this bad, we may well have never ended up having this conversation.
Robert McDougal
100%
0%
Robert McDougal,
User Rank: Ninja
5/29/2014 | 5:35:55 PM
Re: Definitely the right thing!
Actually, you and everyone in the United States do have the legal standing to challenge a carrier handing your data over to the government.  The ECPA (Electronic Communications Privacy Act) sections 2702 and 2703 prohibit prohibit telephone companies from sharing customer records with the government except in response to specific enumerated circumstances.

Additionally, the PCLOB (Privacy and Civil Liberties Oversight Board) found the NSA bulk data collection program in direct violation of federal law.  I have broken out their conclusion below.
First, the telephone records acquired under the program have no connection to any specific FBI investigation at the time of their collection. Second, because the records are collected in bulk — potentially encompassing all telephone calling records across the nation — they cannot be regarded as "relevant" to any FBI investigation as required by the statute without redefining the word relevant in a manner that is circular, unlimited in scope, and out of step with the case law from analogous legal contexts involving the production of records. Third, the program operates by putting telephone companies under an obligation to furnish new calling records on a daily basis as they are generated (instead of turning over records already in their possession) — an approach lacking foundation in the statute and one that is inconsistent with FISA as a whole. Fourth, the statute permits only the FBI to obtain items for use in its investigations; it does not authorize the NSA to collect anything.

I concede that this information gives the enemies of the United States useful information.  However, when our government treats the average citizen as the enemy as well, the playing field has changed.
Lorna Garey
33%
67%
Lorna Garey,
User Rank: Ninja
5/29/2014 | 5:00:47 PM
Re: Definitely the right thing!
I'm not a constitutional law expert. However, the gist is that I have standing to challenge a physical search of my person, property, or papers under the Fourth Amendment. I do NOT have standing to challenge a carrier turning over to the government data that I willingly gave the carrier.

When I send a text or make a phone call on my cell, I voluntarily give AT&T metadata -- on when and what number I dialed, from what number, where the devices were located, etc. What the carrier is allowed to do with that data is a matter for Congress, maybe the FCC. I don't get to scream about my constitutional rights if the company does something I don't like with that data. I can stop using my cell phone and switch to a landline, get a burner, or lobby congress to change the law.  

It's common sense that Snowden has helped our enemies. Saying we don't "know for a fact" is either disingenuous or just looking for an argument.
Robert McDougal
100%
0%
Robert McDougal,
User Rank: Ninja
5/29/2014 | 4:36:11 PM
Re: Definitely the right thing!
Since you do not provide an references yourself I am assuming you are making reference to Smith v. Maryland in regards to the data you willfully hand over to third parties.  This case focused on the phone numbers an individual dialed with the argument being that an individual has no expectation of privacy because they knowingly hand over the phone numbers they dial to the phone company.  I would like to point out that this was a case against an individual who was suspected of a crime, not the public at large.  Therefore, this is not a blank check to view everyone's call records at all times but rather if you are the subject of a crime investigation.

Secondly, other than the phone number I dialed, there are no SCOTUS decisions pertaining to the categorization of other meta data.  For example, I do not willfully hand over my GPS information to my carrier, that information is sent without my interaction and I cannot disable it in many cases.  So I ask you, if I don't willfully hand that data over how is it legal for the NSA to collect it?  What about emails and private chat?  What about encrypted communications?  If I encrypted it wouldn't you think I would expect privacy?

If you have other case law you are referencing in your response I would appreciate links so that I can better understand your side of the debate.

In case you are interested, this article outlines in detail why the NSA data collection program is illegal.
Page 1 / 3   >   >>
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-4262
Published: 2014-07-28
svnwcsub.py in Subversion 1.8.0 before 1.8.3, when using the --pidfile option and running in foreground mode, allows local users to gain privileges via a symlink attack on the pid file. NOTE: this issue was SPLIT due to different affected versions (ADT3). The irkerbridge.py issue is covered by CVE-...

CVE-2013-4840
Published: 2014-07-28
Unspecified vulnerability in HP and H3C VPN Firewall Module products SECPATH1000FE before 5.20.R3177 and SECBLADEFW before 5.20.R3177 allows remote attackers to cause a denial of service via unknown vectors.

CVE-2013-7393
Published: 2014-07-28
The daemonize.py module in Subversion 1.8.0 before 1.8.2 allows local users to gain privileges via a symlink attack on the pid file created for (1) svnwcsub.py or (2) irkerbridge.py when the --pidfile option is used. NOTE: this issue was SPLIT from CVE-2013-4262 based on different affected versions...

CVE-2014-2974
Published: 2014-07-28
Cross-site request forgery (CSRF) vulnerability in php/user_account.php in Silver Peak VX through 6.2.4 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts.

CVE-2014-2975
Published: 2014-07-28
Cross-site scripting (XSS) vulnerability in php/user_account.php in Silver Peak VX before 6.2.4 allows remote attackers to inject arbitrary web script or HTML via the user_id parameter.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Sara Peters hosts a conversation on Botnets and those who fight them.