Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operations //

Identity & Access Management

A Year Later, Most Americans Think Snowden Did The Right Thing

On anniversary of whistleblowing, 55 percent of Americans say Snowden was right to expose NSA's surveillance program; 82 percent believe they are still being watched.

A year ago this week, contractor Edward Snowden published documents exposing the National Security Agency's PRISM program, which included online surveillance of US citizens. Was he justified in doing so? More than half of Americans believe he was.

According to a survey scheduled to be published this week by research firm YouGov and commissioned by security firm Tresorit, 55 percent of employed Americans believe Snowden was right to expose PRISM. Eighty-two percent believe their personal information is still being analyzed by the US government, and 81 percent believe their personal information is being analyzed by corporations for business purposes.

Nearly one in two employed Americans name constitutional rights as the reason for their support of Snowden’s exposure of PRISM: 44 percent of employed Americans cite their civil rights as key reasons that they support Snowden’s cause. Snowden supporters tend to be younger: Just 20 percent of young adults aged 16-34 believe Snowden’s actions were wrong, compared to 41 percent of adults aged 55 or older.

More than half of those surveyed (51 percent) don’t know if their employers have taken measures to ensure that corporate files are secure. Only 32 percent of respondents report that their employer has taken such steps.

Thirty-seven percent of employed Americans say they have not taken any steps in the last year to ensure personal digital security, according to the survey. Forty percent of employed Americans say they have created stronger passwords, while one in four (26%) have created different passwords for different online accounts.

Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
<<   <   Page 2 / 3   >   >>
Robert McDougal
100%
0%
Robert McDougal,
User Rank: Ninja
5/29/2014 | 3:08:09 PM
Re: Not a Whistleblower...
Obviously you are extremely passionate on this subject, so I have a few questions for you.

In your view, what laws did Snowden break to make him as you so elegantly state a "rat bastard criminal"?

What proof do you have that proves he is aiding and abetting the Russians?

Could you please ellaborate on the extensive oversight, audit and checking process conducted at the NSA?  

Lastly, I appreciate your article yet I don't see how an interview with a former NSA chief is a non-biased source of information.  Could you please clarify why you believe this to be an objective source of information?
Robert McDougal
50%
50%
Robert McDougal,
User Rank: Ninja
5/29/2014 | 3:42:34 PM
Re: Definitely the right thing!
You mention that Snowden should have made the revelations in a responsible manner.  Unfortunately, that was tried before by three different men.  Those men had their careers ruined and had criminal investigations launched against them.  To me it is no wonder that Snowden choose this route. Former NSA whistleblowers 

I would like to point out as well that the US Constitution is the highest form of law in the land.  The US Constitution is the fundamental law of the land for the United States so I don't understand your comment about this being a rule of law issue not a constitutional issue.

Just so I am clear, do you think one man breaking a contract and stealing company data is a greater crime than the willful violation of the US constitution and a multitude of federal laws?

 
Lorna Garey
0%
100%
Lorna Garey,
User Rank: Ninja
5/29/2014 | 3:50:12 PM
Re: Definitely the right thing!
Look, I know Snowden and his apologists love to wrap themselves in the constitution. But you have no expectation of privacy in data you turn over to someone else. SCOTUS has clearly said we don't have the same expectation of privacy in, say, our cars that we do at home. So when the NSA comes and kicks down your door and confiscates your metadata, come talk to me.
Robert McDougal
100%
0%
Robert McDougal,
User Rank: Ninja
5/29/2014 | 4:36:11 PM
Re: Definitely the right thing!
Since you do not provide an references yourself I am assuming you are making reference to Smith v. Maryland in regards to the data you willfully hand over to third parties.  This case focused on the phone numbers an individual dialed with the argument being that an individual has no expectation of privacy because they knowingly hand over the phone numbers they dial to the phone company.  I would like to point out that this was a case against an individual who was suspected of a crime, not the public at large.  Therefore, this is not a blank check to view everyone's call records at all times but rather if you are the subject of a crime investigation.

Secondly, other than the phone number I dialed, there are no SCOTUS decisions pertaining to the categorization of other meta data.  For example, I do not willfully hand over my GPS information to my carrier, that information is sent without my interaction and I cannot disable it in many cases.  So I ask you, if I don't willfully hand that data over how is it legal for the NSA to collect it?  What about emails and private chat?  What about encrypted communications?  If I encrypted it wouldn't you think I would expect privacy?

If you have other case law you are referencing in your response I would appreciate links so that I can better understand your side of the debate.

In case you are interested, this article outlines in detail why the NSA data collection program is illegal.
Lorna Garey
33%
67%
Lorna Garey,
User Rank: Ninja
5/29/2014 | 5:00:47 PM
Re: Definitely the right thing!
I'm not a constitutional law expert. However, the gist is that I have standing to challenge a physical search of my person, property, or papers under the Fourth Amendment. I do NOT have standing to challenge a carrier turning over to the government data that I willingly gave the carrier.

When I send a text or make a phone call on my cell, I voluntarily give AT&T metadata -- on when and what number I dialed, from what number, where the devices were located, etc. What the carrier is allowed to do with that data is a matter for Congress, maybe the FCC. I don't get to scream about my constitutional rights if the company does something I don't like with that data. I can stop using my cell phone and switch to a landline, get a burner, or lobby congress to change the law.  

It's common sense that Snowden has helped our enemies. Saying we don't "know for a fact" is either disingenuous or just looking for an argument.
Robert McDougal
100%
0%
Robert McDougal,
User Rank: Ninja
5/29/2014 | 5:35:55 PM
Re: Definitely the right thing!
Actually, you and everyone in the United States do have the legal standing to challenge a carrier handing your data over to the government.  The ECPA (Electronic Communications Privacy Act) sections 2702 and 2703 prohibit prohibit telephone companies from sharing customer records with the government except in response to specific enumerated circumstances.

Additionally, the PCLOB (Privacy and Civil Liberties Oversight Board) found the NSA bulk data collection program in direct violation of federal law.  I have broken out their conclusion below.
First, the telephone records acquired under the program have no connection to any specific FBI investigation at the time of their collection. Second, because the records are collected in bulk — potentially encompassing all telephone calling records across the nation — they cannot be regarded as "relevant" to any FBI investigation as required by the statute without redefining the word relevant in a manner that is circular, unlimited in scope, and out of step with the case law from analogous legal contexts involving the production of records. Third, the program operates by putting telephone companies under an obligation to furnish new calling records on a daily basis as they are generated (instead of turning over records already in their possession) — an approach lacking foundation in the statute and one that is inconsistent with FISA as a whole. Fourth, the statute permits only the FBI to obtain items for use in its investigations; it does not authorize the NSA to collect anything.

I concede that this information gives the enemies of the United States useful information.  However, when our government treats the average citizen as the enemy as well, the playing field has changed.
JonNLakeland
100%
0%
JonNLakeland,
User Rank: Strategist
5/29/2014 | 10:11:29 PM
Re: Definitely the right thing!
@Robert, your arguments are far more compelling than most. Are you a lawyer in fact or merely well versed in this topic?

To all: I tend towards a belief that it was useful, and bordering on necessary, for Snowden to make PRISM known. I always simply assumed that the gov't could spy on anything we did digitally, especially post-Patriot Act, but having it confirmed moved it definitively out of the realm of conspiracy nuts and into the public eye.

Certainly there have been negative consequences - international faith in our tech companies has plummeted. I can wish that particular circumstance was different, but have to suppose that were the situation *not* this bad, we may well have never ended up having this conversation.
DarkReadingTim
100%
0%
DarkReadingTim,
User Rank: Strategist
5/30/2014 | 7:29:45 AM
Re: Definitely the right thing!
I think that as security professionals, we look at Snowden from two angles: one is our right to privacy as individuals; the other is as stewards of secure data that we know is unique and critical for our organizations.

As an individual, I'm not thrilled about the notion of government agencies monitoring my online activity -- or for that matter, corporations tracking my online habits to present me with more personalized advertising. I should have ways to protect myself from that sort of analysis, and there are some tools for encrypting and/or anonymizing my activity to make it harder for my personal activity to be analyzed.

As someone who has been part of the security professional community for some years, however, I think what worries me most about Snowden is the precedent he sets. He decided, all by himself as a contractor, that certain confidential data about his client should be exposed to the world. His motives may have been noble or moral, but if I'm a security professional, the idea that my organization's most sensitive data might be randomly published by a contractor scares the heck out of me.
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
5/30/2014 | 8:03:29 AM
Re: Definitely the right thing! --- ?
After watching the Snowden interview last night and some of the follow up reports on what he did (or did not do) to qualify as a whistleblower, I'm on the fence. Yes, the public is better off knowing the extent of heretofore secret and questionable NSA surveillance programs. But the jury (literally) is still out on whether Snowden's tactics were the best way to force the disclosure. He should come home and offer a full-throated defense that is his right within our legal system.
RetiredUser
0%
100%
RetiredUser,
User Rank: Ninja
5/30/2014 | 9:47:04 AM
Re: Definitely the right thing!
@DarkReadingTim I'm pretty much aligned with your assessment, although I'm cautious about discussing matters like this in the context of polls, as many others also seem to be.

I believe in right and wrong, in our laws, in defending your country, and doing what is the honorable thing to do. It's tough when that honorable thing may be having to do something that is illegal to defend your country in a way that may not have been perceived once as necessary.

This one is going to take time, and introspection. It's not poll material, for that reason.
<<   <   Page 2 / 3   >   >>
COVID-19: Latest Security News & Commentary
Dark Reading Staff 10/27/2020
Chinese Attackers' Favorite Flaws Prove Global Threats, Research Shows
Kelly Sheridan, Staff Editor, Dark Reading,  10/27/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-27981
PUBLISHED: 2020-10-28
An XSS vulnerability in the auto-complete function of the description field (for new or edited transactions) in Firefly III before 5.4.5 allows the user to execute JavaScript via suggested transaction titles. NOTE: this is exploitable only in a non-default configuration where Content Security Policy...
CVE-2020-24707
PUBLISHED: 2020-10-28
Gophish before 0.11.0 allows the creation of CSV sheets that contain malicious content.
CVE-2020-24708
PUBLISHED: 2020-10-28
Cross Site Scripting (XSS) vulnerability in Gophish before 0.11.0 via the Host field on the send profile form.
CVE-2020-24709
PUBLISHED: 2020-10-28
Cross Site Scripting (XSS) vulnerability in Gophish through 0.10.1 via a crafted landing page or email template.
CVE-2020-24710
PUBLISHED: 2020-10-28
Gophish before 0.11.0 allows SSRF attacks.