Last week, following the terrorist attacks in Paris, British Prime Minister David Cameron said—surprise!—that his government needed more power to monitor online communications. He went so far as to imply that encryption itself was a problem, and later said that American tech firms “have a social responsibility to fight the battle against terrorism.”
There was an immediate backlash from tech commentators, who pointed out that Cameron’s “snoopers’ charter” makes little sense in light of recent high-profile data breaches. But the tech industry itself was noticeably quiet. Silicon Valley appears to be at a kind of crossroads: will it continue to be a silent (and occasionally paid-up) partner in government dragnet surveillance? Or will some of the people helping to facilitate this surveillance finally speak up?
To date, only one person employed in the tech or telecoms industries has blown the whistle on his company’s cooperation with government surveillance. Mark Klein worked for more than twenty-two years as an AT&T technician before discovering in 2003 that AT&T was mirroring all Internet traffic coming into its Folsom Street facility and passing it on to the National Security Agency.
When Klein decided to speak out, letters and calls to media outlets, senators, and civil liberties groups went unanswered for years. Only when the New York Times and ABC spoke with him was the secret purpose of AT&T’s “room 641A” revealed. Klein was then officially a whistleblower, and his story demonstrated both the perils of government surveillance and the dangerous cooperation of the telecoms industry.
In the wake of the Snowden disclosures, some tech industry figures came out in support of the government, while others offered more mealy-mouthed responses. Sounding like a public relations executive, Mark Zuckerberg said that the government “blew it” in failing to communicate its policies to the public (it would take another six months before he would call government surveillance a “threat to the Internet”).
But practically no tech elites have stated outright that the U.S. government’s dragnet surveillance is not just a threat to their business, but also unconstitutional, and morally wrong.
Some companies have played a double game, speaking out against surveillance while privately lobbying against measures that would help curtail it or continuing to scoop up lucrative government contracts. After all, they’re in much the same business—bulk data collection—as the NSA. Brad Smith, Microsoft’s general counsel, has described the U.S. intelligence community as an “advanced persistent threat”; then again, Microsoft developed the NYPD’s Domain Awareness System, which sifts real-time data from CCTV cameras and license-plate scanners. Redmond and Gotham’s police are also in business together: the NYPD receives a 30 percent cut every time Microsoft licenses DAS to another city.
When Mark Klein was a technician at AT&T, the secret room at Folsom Street was accessible by only one man, who presumably had security clearance granted to him by the NSA. Klein himself was not a part of the surveillance operation, so he didn’t have the reams of hard evidence that Snowden later would. But this also offered Klein a measure of safety, because he didn’t have to worry about facing prosecution for violating a secrecy agreement. While he was fearful of some sort of reprisal—AT&T threatened to sue him for bringing home company documents, Klein told me in a recent interview—he also knew that he was in a good position to go public.
There must be other people like the lone technician who had access to room 641A, and not just those employed as defense contractors through tech giants like (Snowden’s old employer) Dell. There are potentially hundreds or thousands of technicians, lawyers, executives, engineers, and others who support the intelligence community in their vast collection and data-mining operations. Some may have more to lose than others. But someone at computer security company RSA is cashing the $10 million check the NSA gave them to push a weakened encryption product. When will one of these industry insiders find the moral courage to speak out?
Klein doesn’t think that much will change until the American people begin to protest en masse, as they were doing during the Vietnam War when Daniel Ellsberg leaked the Pentagon Papers.
“The tech industry goes with the wind,” Klein said. “The issue’s not settled, but the political atmosphere today is very bad. There’s even more fear now with the attacks in France. People have to be motivated to take the risk of sacrificing their careers and/or going up against possible government prosecution. People feel emboldened to do that if they feel that there are people marching in the streets.”
Recently, President Obama proposed “targeted liability protection” for companies sharing cybersecurity threat information with the Department of Homeland Security, which may prove a valuable new intelligence source for the various three-letter agencies that have put far more effort into cracking American technologies than protecting them of late. The proposal also recalls the telecoms’ own sordid relationship with the Bush administration. As Klein said, he caught AT&T “red-handed”; the telecoms’ participation in the warrantless wiretapping program was illegal, after all.But then he watched, shocked, as the Bush administration gave the telecoms retroactive immunity.
The larger message is all too clear: those who cooperate get privileged information, access to power, and legal protection. With those kinds of benefits on offer, who would say no?