Edward Snowden has “done a public service for the entire world”, William Binney, the former United States intelligence officer turned whistleblower, told a privacy and surveillance conference in Lausanne on Monday.
“Everyone's in the line. Everything out there is being collected by the National Security Agency (NSA),” added Binney, who worked for 30 years at the NSA and helped automate its worldwide eavesdropping before resigning in 2001.
Binney was one of seven prominent speakers at the one-day public forum at Lausanne’s Federal Institute of Technology (EPFL), which was organised in the light of state surveillance exposed in June by Edward Snowden, the former NSA analyst.
Snowden revealed top-secret documents which led to revelations about US surveillance on phone and internet communications published in The Guardian, Der Spiegel and New York Times. The NSA, however, says its work is needed to combat terrorism and is overseen and controlled by the US government.
“We are leaving digital footprints wherever we go which is natural, but we are losing control of them,” said security and privacy advocate Bruce Schneier.
He felt the current post-Snowden revelations debate centred on issues of liberty versus control rather than privacy versus security.
“Privacy increases power, so when you have forced openness in government, it increases liberty; when you force it in people, it decreases their liberty,” he commented.
The big problem, Schneier said, is that the legal world is not able to keep up with the technological changes.
Unfortunately, the US lacks the political will to ‘clear up’ the current situation, he noted: “I hope it might take a generation for attitudes to change but I fear it might be much longer.”
In another presentation Caspar Bowden, who was Microsoft’s chief privacy adviser for 40 countries from 2002 to 2011, described the surveillance dangers of cloud computing.
“Potentially all EU data is at risk,” said Bowden. “FISA (The American Foreign Intelligence Surveillance Act) can grab data after it's stored, and decrypted.”
He said he had approached many of the European authorities with his concerns back in 2009, but most just shrugged. “Then we had Edward Snowden and ever since then I've been busy”.
Bowden proposed the creation of an "EU cloud" and said that users should be warned when they log on to services based in the US that might put the users within the surveillance range of a foreign government.
He also said that he had stopped using Microsoft products and exclusively uses free, open source software now.
Privacy lawyer Nikolaus Forgó reminded the audience that in the internet age "although the product is for free, you [the user] are the product".
One major problem, explained the head of the Belgian Center for Data Protection, was that very few people understand internet privacy issues or read the policies of tech firms like Facebook.
"Facebook users remind me of people who smoke - they know it's not healthy, but they do it anyway,” he commented.
The European Parliament is planning to vote on a new, unified data protection law for member states in the next few weeks.
Forgó said he was not particularly hopeful that the new law would be much of an improvement as there would still be 29-plus individual data protection authorities interpreting their own rules and compliance was difficult to monitor.
“It’s a mess,” he bemoaned, pointing to the 3,500-odd proposed changes to the draft under review and the Europeans’ “long track record of declaring abstract rights which they then don't enforce”.
The privacy and surveillance talks at the EPFL were generally well received by the 800-strong audience. Ad interim president Philippe Gillet felt they were an important contribution to the ongoing global debate about privacy in the digital age.
“The EPFL should not hesitate to get involved in the debate how technology is being used. Public confidence has been shaken by media reports. We need to re-establish public trust in how we re-engineer the internet,” he declared.