- Table of contents
What @Snowden Teaches Us about Cybersecurity
“Can you hear me now?”
Former NSA contractor, Edward Snowden sent this tweet (his first one ever) on September 29, 2015. When most people join Twitter, they are one of the 307 million accounts in the Twittersphere. But when Snowden entered the fray, many took notice—and not just because the only account he followed was the NSA. Once he leaked confidential files revealing details of U.S. government surveillance programs, he fled the country to seek asylum. He is still living in an undisclosed location in Russia, avoiding arrest for violating the Espionage Act of 1917.
His tweets vary from light-hearted to advocacy for privacy and for a safe Internet. But collectively they can teach us a lot about how we navigate cyberspace and how we think about cybersecurity. His conversations, mentions, retweets, and thoughts shed light on the state of surveillance; How should governments, companies, and average citizens be protecting data? Snowden is profoundly audacious to exist in a place of numerous voices; a digital speaker’s corner that lets him cloak his exact whereabouts. This cements his status as a vigilante dedicated to exposing secrets and to educating the public.
Strengthening Privacy and Protection
Snowden fled his country to reveal the truth; sacrificed himself as the freedom fighter of civil liberties; fled his country to reveal its truth. He risked his freedom to inform the world about what he deemed to be unethical NSA surveillance. He hasn’t changed his mind, and continues to monitor and comment on the subject.
Despite his unknown whereabouts in Russia, he is still highly tuned in to American and world issues at large; the U.S. election, the Safe Harbor Act of current debate in Congress and in Europe; and to his own freedom. His first Twitter exchange with astrophysicist Neil Degrasse Tyson re:seeking asylum on Mars, yet his possible deportation for being an alien, engaged thousands and received profound media attention. Snowden is a token Internet user who enjoys the fruits of sharing secrets and the goodies found in the cybersphere.
CISA is Passed: the Cyber Security Information Act
In December, Snowden voiced his opposition towards a bill passed by U.S. Congress. Albeit superficially good for cyber intelligence groups, the act is a loophole for intelligence and law enforcement bodies to surveil without a search warrant.
Snowden also tweets frequently to encourage citizens to pay attention to their own privacy — he supports government action to strengthen data protection. He recently tweeted about the Take CTRL campaign: where lawmakers from 16 U.S. states propose legislation to protect an increased amount of data and limit police surveillance. The campaign hopes to introduce measures that limit collection, sharing, and storage of certain yet unprotected data.
Snowden’s tweets on the subject suggest his strong opinion on personal digital rights, on how governments address these rights and how corporations, and on how cyber intelligence groups and governments handle sensitive information.
From the Other Side
The main goal of cyber intelligence is data protection. Although Snowden opposes laws that expedite information sharing between organizations and governments, these laws seemingly neglect privacy considerations. Yet Snowden fails to acknowledge that groups who work with this complex subject also value the protection and privacy of personal information.
Cybersecurity strives towards a comprehensive view of all threats — in order to defend against them. The ability to tap every available resource helps to arm companies with knowledge for combating hackers and data theft. Cyber intelligence organizations use all the information they gather in order to find weaknesses and areas for improvement within government, companies, and other network infrastructures.
The myth that using open-source intelligence (OSINT)-based intel is an infringement of privacy isn’t propelled by Snowden on Twitter. All the while, this myth is subtly addressed in his comments on the Safe Harbor act between the E.U. and the U.S. The whole picture does indeed portray OSINT’s objective to discover vulnerabilities in the data exposed to the general public. Contrary to Snowden’s tweets, most cyber intelligence advocates understand the full scope of evidence gathered to protect citizens and companies, and not to take advantage of them.
A Happy Medium
The respective interests of Edward Snowden and cyber intelligence experts appear contradictory but are ultimately complementary. Snowden is an idealist. Companies and governments are pragmatists. Both want ‘world peace’, differ on how to get there. Snowden’s exposure of intelligence, coupled with the cybersecurity industry’s technology — can collectively inform policy and practice of both citizen and network protection.
Cybersecurity organizations do acknowledge some of Snowden’s points re:data protection and privacy rights, yet Snowden doesn’t seem to account for the good that companies are trying to accomplish. For optimum cyber security, Snowden and cybersecurity outfits should combine forces against the true enemy: malicious cyber attackers.
We can hear you now, Snowden. Can you hear us?