This month marks five years since the revelation that the NSA and other security agencies were engaging in mass surveillance rocked the world. Currently living in exile in Russia, Edward Snowden is now a household name after igniting the debate on the balance between national security and data privacy. However, in the wake of the Cambridge Analytica scandal, how much has changed in those five years?
In 2013, National Security Agency (NSA) contractor Edward Snowden leaked classified NSA data revealing that the agency, along with others including British intelligence and security organisation GCHQ, was conducting numerous global surveillance programmes.
The Guardian and The Washington Post reported that the US Government was routinely collecting the telephone records of millions of US customers of telecommunication provider Verizon under a top secret court order.
This was followed by revelations that the NSA had tapped into the servers of companies including Facebook, Yahoo and Google, and was collecting records of online communications such as emails, photos and videos under its PRISM programme.
It was later reported that GCHQ had access to such information and was also tapping fibre-optic cables to gain access to phone calls and internet traffic.
The aftermath of the scandal
After the leaks became public, changes to surveillance laws looked likely. Both the US and UK government faced legal action, with a federal appeals court ruling that the NSA’s mass surveillance programme and the collection of metadata and phone records was illegal under the Patriot Act in 2015. In the same year, the UK Investigatory Powers Tribunal ruled that the data collection obtained by GCHQ through the NSA’s PRISM and UPSTREAM programmes breached articles in the European Convention on Human Rights.
However, some argue that the repercussions of the revelations were short-lived, and have done little to change surveillance practices. Although the US Freedom Act now prevents the NSA from collecting telephone records, this year the Trump Administration reauthorised the Foreign Intelligence Surveillance Act which allows the government to spy on the electronic communications of non-US citizens.
Similarly, in 2016 the UK Government introduced the Investigatory Powers Bill, dubbed the ‘snoopers charter’, which expands the electronic surveillance powers of the UK Intelligence Community.
An increase in public awareness
Although legislative change has been negligible, perhaps the biggest change has been a shift in the level of public awareness on the collection of online data. In the wake of the scandal, there is now a greater awareness of what online data is, what it can be used for and how vulnerable it is.
According to research conducted by the Pew Research Center, the Snowden leaks have had an impact on how the public views government surveillance. According to a 2016 survey, 49% of Americans said their personal data were less secure compared with five years prior, and 49% said that they were not confident in the federal government’s ability to protect their data.
In a recent interview with The Guardian, Snowden said that the public’s awareness of how their data is used has increased in the five years since the scandal:
“The government and corporate sector preyed on our ignorance. But now we know. People are aware now. People are still powerless to stop it but we are trying. The revelations made the fight more even.
“People say nothing has changed: that there is still mass surveillance. That is not how you measure change. Look back before 2013 and look at what has happened since. Everything changed.”
Speaking at FutureFest in 2015, Snowden expressed that now the information is out there, it is up to the public to decide how to move forward:
“We have to at least say that this is happening. We can’t wish it away, we can’t say that it’s something that it’s not. We have to confront the reality of our world, and make the hard decisions about which way we want to move forward.”
Did the leaks help bring about GDPR?
Tech giants were quick to react to government surveillance, with the likes of WhatsApp, Gmail encryption, which scrambles messages in transit leaving them functionally impossible to intercept.
Snowden’s leaks may have started a new conversation about data privacy, but only recently has the scale of the problem has revealed itself. Concerns over online privacy were magnified after the revelations that social media platforms were themselves guilty of misusing data, with Facebook found to be sharing data relating to 87 million Facebook users.
Snowden, a long-term critic of Facebook, spoke out against the social media platform, tweeting:
“Facebook makes their money by exploiting and selling intimate details about the private lives of millions, far beyond the scant details you voluntarily post. They are not victims. They are accomplices. Businesses that make money by collecting and selling detailed records of private lives were once plainly described as ‘surveillance companies’.”
The recently introduced changes to General Data Protection Regulations (GDPR) in the EU have been linked, in part, to Snowden. With the first draft of the GDPR regulations released back in 2012, the increased focus on online privacy may have helped speed up its introduction, with the Washington Post describing how the Snowden scandal “catapulted the GDPR into the public spotlight”, transforming it into an issue that “members of the EU and their national publics paid attention to”.
Whether Snowden is regarded as a hero or a traitor, his leaks undoubtedly shed more light on the vulnerability of online data than had ever been done previously. Such awareness has only increased in the wake of the recent Cambridge Analyica scandal.
In a statement marking the five year anniversary of the leaks, Privacy International said:
“Until Snowden, the idea that Western governments would routinely collect, store and analyse our personal data sounded like a conspiracy theory to many people. Because surely, mass surveillance isn’t something good, benevolent Western democracies would ever undertake? Snowden blew that idea wide open.”