You may have heard the term PRISM in the news. PRISM is a government program that basically directly scans the servers of common services such as Skype and Google. And you agreed to every single bit of it. Here’s what’s going on, and how to get out.
Can they just do this to any US citizen?
Nope, they need at least 51% confidence that the person doing the communicating is a foreign national. Of course, since there doesn’t appear to be any real oversight, that’s not a terribly effective method of screening communications.
So how is it my fault that a secret government program is monitoring my every move online?
Easy: It wasn’t a secret. PRISM has never been a secret, not really. PRISM is just a fancy name for what the government has been doing for quite literally decades: Buying privately assembled databases from corporations. Really the only possible difference is the extent.
Yep. What, you thought wiretaps were free? The government pays a pretty penny to people like — Surprise! — Verizon for wiretaps, data collection, and other services. The same is true of web services.
But I never agreed to this! I told them not to sell my information!
Oooooooh yes you did. Go back and read your end user license agreement, or the Terms of Service you agreed to when you got, say, a Gmail account:
We will share personal information with companies, organizations or individuals outside of Google if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to:
- meet any applicable law, regulation, legal process or enforceable governmental request.
- enforce applicable Terms of Service, including investigation of potential violations.
- detect, prevent, or otherwise address fraud, security or technical issues.
- protect against harm to the rights, property or safety of Google, our users or the public as required or permitted by law.
In other words, the government asks, Google answers. The same is true of every single service cited in PRISM. To be fair, not all of them are happy about it, but they all do it, and they all take the check. Remember, they’re not “selling” your information. They’re complying with a government order, that happens to give them money.
And this is just the stuff behind a paywall or a password screen. If you’re constantly posting photos, publicly, on Facebook, multiple governments are probably downloading them because, really, why the hell not? You’re the one who put them out as public information. As far as they’re concerned, if you didn’t want them to look at it, you never should have posted it.
So basically I’m screwed?
No, basically you were taken advantage of because you didn’t pay attention. Now you are paying attention.
How do I fix this?
First, you need to understand that what is true of naked pictures is true of everything else: If you don’t want everyone to see it, don’t post it or talk about it online. Honestly, most of what you say and do is so incredibly innocuous that the government has never looked at it and never will. Keep in mind these are the people who run jails: They know that 97% of Americans will never commit a crime they’ll give a crap about.
Secondly, switch to services that don’t do this, or stop using the ones that do. For example, Tormail is about as anonymous as email gets. You can also just encrypt your email, if switching providers is too complicated. Don’t want your call data collected? Ironically, the NSA has laid out a whole bunch of protocols to keep that from happening, although you’ll have to dig to find private solutions using them.
Keep in mind, however, that if there is a way into the system, this means that system can be breached. Don’t assume everything isn’t monitored.
Finally, be aware that this is not new. It never has been new. And it will never stop. You should always assume that when you’re online, you are in public, and act accordingly. And from now on? Read the EULA.