PRISM, Data Driven Marketing and Why Transparency Is Essential

Revelations about the American surveillance program called PRISM have been astounding, not so much because we have discovered that the US government has been spying on, well, everyone both within the United States and internationally, but because of the sheer scale of the program. This story initially broke on The Guardian when Glenn Greenwald reported that the US National Security Agency was collecting information on Verizon customers (Verizon is one of the US mobile networks) –

The National Security Agency is currently collecting the telephone records of millions of US customers of Verizon, one of America’s largest telecoms providers, under a top secret court order issued in April.

The order, a copy of which has been obtained by the Guardian, requires Verizon on an “ongoing, daily basis” to give the NSA information on all telephone calls in its systems, both within the US and between the US and other countries.

The document shows for the first time that under the Obama administration the communication records of millions of US citizens are being collected indiscriminately and in bulk – regardless of whether they are suspected of any wrongdoing.

This was followed by a report by the Washington Post about a much broader surveillance and data mining program –

The National Security Agency and the FBI are tapping directly into the central servers of nine leading U.S. Internet companies, extracting audio and video chats, photographs, e-mails, documents, and connection logs that enable analysts to track foreign targets, according to a top-secret document obtained by The Washington Post.

The program, code-named PRISM, has not been made public until now. It may be the first of its kind. The NSA prides itself on stealing secrets and breaking codes, and it is accustomed to corporate partnerships that help it divert data traffic or sidestep barriers. But there has never been a Google or Facebook before, and it is unlikely that there are richer troves of valuable intelligence than the ones in Silicon Valley.

James Allworth, in his article titled “Your Smartphone Works for the Surveillance State” drew a number of parallels between PRISM and the East German Stasi police which used a previously unprecedented network of informers and secret police officers to spy on East German citizens before the Berlin wall fell. One of the more interesting statements from lawmakers defending the program was quoted from the New York Times in Allworth’s article –

The defense of this practice offered by Senator Dianne Feinstein of California, who as chairwoman of the Senate Intelligence Committee is supposed to be preventing this sort of overreaching, was absurd. She said on Thursday that the authorities need this information in case someone might become a terrorist in the future.

Of course this idea goes, in part, to the right to be presumed innocent and to an array of protections that relate to this presumption of innocence and a respect for a citizen’s privacy. President Obama commented in a press conference that the program was not being used to monitor US citizens, only people living outside the United States. This turns out to be false and emphasises the fact that everyone is exposed to this program and our use of social services on the Web only exacerbates the extent to which people’s privacy is being disregarded, seemingly indiscriminately. We are horrified at the extent to which former East German citizens were subjected to intense and pervasive scrutiny and yet the scale at which modern governments do the same thing far exceeds the Stasi’s hopes. As Allworth points out –

And yet, here we are. In terms of the capability to listen to, watch and keep tabs on what its citizens are doing, the East German government could not possibly have dreamed of achieving what the United States government has managed to put in place today.

At the same time, we are complicit. We generate tremendous amounts of data about our lives and publish this data on the social Web where it can be accessed and analysed –

Think about the proportion of our lives that are undertaken online and digitally. Every tweet, every interaction on Facebook, every photo on Instagram. You search for directions with a myriad of online mapping options. You check in your location on Foursquare. You review restaurants you’ve visited on Yelp. You speak to people all over the world using Skype. Every time you have a question, you type it into Google, or perhaps ask it on Quora. An increasing amount of your purchases are conducted on eBay or Amazon. You back up your laptop to the cloud. Almost everything you listen to or read is there too, or in iTunes. And while you might scoff at these as something that only early adopters use, even late adopters of digital technologies leave behind an incredibly detailed trail of their lives. Every minute you spend on the phone; in fact, every minute you carry it around in your pocket; every email you write; every instant message you send. Every transaction that passes through your credit card is recorded.

One perspective on this is probably fairly represented in Owen Swart’s comment on my post to Google+ this morning:

If I were a US citizen, and the NSA had half as much data on me as Google does, they’d be able to use that data to make a conclusive determination that I am not a person of interest… to anyone. Even my friends wouldn’t be interested in reading my emails. Most people’s lives aren’t interesting.

And if I were the sort of person the NSA were interested in, I should probably be locked up before I flew a plane into a building anyway… my privacy be damned.

I agree with him, to a point. As far as we are aware, these programs are intended to identify and track criminals and if we are living relatively honest lives, we probably need not be too concerned about our activities being tracked, stored and analysed. The problem is that these programs are typically opaque to public scrutiny. To quote Allworth again –

Now, if this was an ideological principle — a deep and profound belief in transparency, and the disinfecting power of sunlight — then, again, at least it would be understandable. But it’s not that, either. Simultaneously, while doing everything it can to watch you, the government is taking another page out of the East German playbook — doing everything it can to stop you from watching it.

Bringing this closer to home, we are still debating the Protection of State Information Bill which was recently passed by Parliament and is awaiting the President’s signature. It is likely still unconstitutional despite changes made to the Bill (read Pierre De Vos’ thoughts on this here). Irrespective of whether the so-called Secrecy Bill passes constitutional muster, the real challenge here in South Africa, as it appears to be in the United States, is an underlying culture of “secrecy” and a severe allergy to transparency even though improved transparency would introduce a much needed counter-balance to this increased scrutiny by governments.

On a related point, I read an article by Michael Schrage titled “When Digital Marketing Gets Too Creepy” which highlights a similar trend in the commercial world. This article focuses on how brands are using increasingly detailed collections of personal information about their customers to customise their experiences. This is the value we, as consumers, receive in exchange for disclosing our personal information and preferences but this question Schrage asks, presupposes that this is beneficial. On balance, I think it is but it does come with quite a hefty price: we essentially forgo privacy as a form of secrecy and we move closer to what Jeff Jarvis referred to as “radical transparency” in his book, Public Parts, in which he explores the benefits of greater publicity as opposed to secrecy (a counterpoint to Jarvis’ arguments is Andrew Keen’s book, Digital Vertigo).

The problem we face, whether it be from government programs like PRISM, legislation like the Secrecy Bill or marketing initiatives driven by more and more personal information which we disclose on a daily basis as we share our lives on the social Web is that we have limited control over the personal information we disclose (probably none once it enters national security databases) and we have even less insights into the many ways our personal information is being collected, used and the conclusions that are being drawn about us as a result. Wide ranging programs collecting our data to prevent terrorism, crime or irrelevant ads have their merits but until we are empowered to make informed choices about those programs, we may as well be back in East Germany or Apartheid South Africa and subject to the whims of over-reaching politicians who have forgotten the old adage that “with great power, comes great responsibility”.

Paul

Enthusiast, writer, strategist, web developer, and photographer. Passionate about my wife, Gina and #proudDad.

What do you think?

%d bloggers like this: