Blog

Today marks the seventh annual Data Privacy and Protection Day worldwide and this past Friday I had the opportunity to attend a symposium on privacy at Harvard University. The symposium titled Privacy in a Networked World asked participants to address the notion that society needs new conceptions of privacy. The question is important, but the real draw for the event was having both Edward Snowden and a representative of the NSA participate in the discussion (not directly – Edward Snowden opened the day in a conversation with Bruce Schneier).

Since his release of classified materials outlining the NSA’s intelligence gathering programs in 2013, Edward Snowden has transformed the debate on privacy and surveillance in the digital age. Snowden has been characterized as both a patriot and a traitor, but his ability to talk openly about NSA surveillance practices enables him to provide a unique perspective on the current state of privacy.

For the most part, the discussion between Schneier and Snowden focused on the methods used by the NSA in its surveillance efforts, with the big revelation that very little the NSA does is groundbreaking. According to Snowden, the NSA largely uses a combination of coercion, compulsion and intrusion to get around encryption. The reason the NSA needs to go around encryption, despite having some of the most talented computer scientists and mathematicians in the world, is because the math underlying encryption is actually quite secure. It’s much easier to use backdoors, collection of encryption keys, and attacks in transit than break the math (though Snowden points out that hasn’t stopped the NSA – and China – from spending huge sums of money identifying ways around the complex algorithms underlying common encryption methods).

Immediately following Snowden’s conversation with Bruce Schneier was a talk by NSA Director of Commercial Solutions (and former Director of Compliance) John DeLong. In contrast to Snowden, DeLong was visible uncomfortable and focused on talking points. The fact that DeLong was speaking at all is evidence of the impact Snowden has had on the intelligence community. Gone are the days of the NSA flying under the radar. Following a talk peppered with myriad ways to state that the NSA never broke any laws, the most interesting exchange of Mr. DeLong’s talk came during the Q&A session when an audience member pointed out that he felt far more trust in the NSA prior to June of 2013 when he didn’t know about the PRISM program and other surveillance programs snooping on digital traffic across the web. DeLong’s response most certainly was not scripted when he replied that “More information doesn’t necessarily mean more confidence.” The statement produced what can only be explained as a mix of audible gasp and nervous chuckle by the audience, but revealed what many critics of the NSA say is evidence that they have no intention of stopping domestic surveillance techniques revealed by Snowden.

The remainder of the day featured a plea by Sage Bionetworks Chief Commons Officer John Willbanks to open up additional personal information in the name of medical research and efficiency, a deeply technical talk by Microsoft Data Scientist Cynthia Dwork that went over the head of all but the most deeply technical in the audience, and an odd talk by Google Senior Manager of Public Policy that seemed overly defensive and dismissive of the amount of data collected by the tech giant. The final speaker was more of a data presentation by the apolitical Pew Research Center on current attitudes about privacy – revealing only that millennials and younger Americans are far better versed in maintaining their privacy online.

The complete video of the Schneier-Snowden conversation is available below and via the Harvard Institute for Applied Computational Science YouTube channel.