Edward Snowden had a message for some two dozen technology leaders at the SXSW Interactive festival today: “Tech can be a champion of privacy.”
In an hour-long meeting conducted through Google Hangout, the whistleblower and tech leaders discussed the role of the tech community in curtailing mass surveillance and protecting the Internet from forces seeking to weaken it. The participants represented a range of interests and industries, and included former White House technology officers, startup CEOs, policy experts, engineers, and venture capitalists. All of them are concerned about the future of privacy, the confidence of their customers, and governments chipping away at the security of their products and the net as a whole.
The meeting was something of a sequel to Snowden’s bigger address to SXSW last year, his first live appearance since his disclosures began in June 2013. As the ACLU’s Ben Wizner, who represents Snowden, noted in his introduction today, the tech community has, in many ways, heeded Snowden’s call from last year to develop tools to protect users where government has stalled. Indeed, the most significant privacy developments of late have originated from tech companies who have recognized their role in combating the government’s exploitation of their tools and its staggering violations of citizens’ trust and privacy.
In the last year and a half, different forms of encryption have been implemented on countless websites and tools, spreading to companies as mainstream as Apple, Google and Whatsapp. That raises the cost of mass surveillance, forces the NSA to focus on actual targets where there’s evidence of espionage or terrorism, and helps expand the market for privacy. As a result, web security is no longer the province of techies alone.
This cultural shift was palpable in the room today, where participants expressed overwhelming gratitude for Snowden’s disclosures and their impact, discussed today’s biggest threats to tech companies, and asked how they could better defend their users from a government seeking to weaken the Internet in the name of surveillance.
Unsurprisingly, the tech community is making no friends in the intelligence community by promoting and implementing encryption across a range of platforms.
In response, the government is threatening to compel companies to give it backdoor access to their products, even though foreign governments and criminal hackers will find and exploit these vulnerabilities too. “It’s not that we’re trying to lock law enforcement out,” Snowden said. “But to make a secure system it has to be secure against everyone.”
Snowden proposed mechanisms to support the technologists seeking vulnerabilities in online systems, so that the people who discover them don’t sell them to the government, which pays big bucks to use them and make sure they go unfixed. What we need, he said, is a strong community working in the public interest to identify vulnerabilities and fix them.
The discussion also covered the use of surveillance tactics by local law enforcement agencies, which benefit from privacy law advancing at a snail’s pace while technology zooms ahead. As we’ve seen in the case of Stingray technology, Snowden noted, surveillance tools once considered extreme can trickle down and become commonplace among local police before Congress or the courts finally act to regulate them.
Tech executives also had questions for the whistleblower. Barclaycard CIO Boe Hartman asked about the ethics of predictive analysis, and Swiftkey co-founder Ben Medlock about the obligations of tech companies to disclose to users how they use their data. Snowden’s answer: transparency and the opt-in principle, always. It’s critical that people achieve a measure of control over the data that is collected about them and how it’s used. If companies never offer an opportunity to opt-in, they risk outrage when their policies are ultimately exposed.
Danny Weitzer, former White House deputy chief technology officer for Internet policy, said to Snowden, “I hope you know that the revelations you have made have changed the balance inside the U.S. government. What you’ve done has empowered people who were trying to speak toward a more open view of the Internet, a more civil rights and human rights view of the Internet.”
We hope he’s right. With multiple challenges in federal court and another opportunity for congressional reform coming up, it’s time for our public institutions of power to finally catch up.