Feeds

Snowden speaks: NSA spies create 'databases of ruin' on innocent folks

'Not all spying is bad' but bulk collection has to go, says whistleblower in web chat

Beginner's guide to SSL certificates

Ex-NSA contractor turned whistleblower Edward Snowden used his first public Q&A to call for the US to lead a global initiative to ban mass surveillance of populations. He also wants governments to ensure that intelligence agencies can protect national security while not invading everyday privacy.

"Not all spying is bad. The biggest problem we face right now is the new technique of indiscriminate mass surveillance, where governments are seizing billions and billions and billions of innocents' communication every single day," he said.

"This is done not because it's necessary - after all, these programs are unprecedented in US history, and were begun in response to a threat that kills fewer Americans every year than bathtub falls and police officers - but because new technologies make it easy and cheap."

Snowden said the vast amounts of data being stored about everyone is harmful in two key ways. Firstly, the fear that everything is being recorded will change our personal behavior for the worse, and secondly that the data amounted to "databases of ruin", storing embarrassing or harmful details can be plucked out in retroactive investigations.

As for the decision to go public, Snowden said he had no choice. Contractors are not covered under existing whistleblowing statutes and said that although some NSA analysts were very concerned about the situation, no one was prepared to put their careers on the line.

He cited the experience of Thomas Drake as an example of what the agency does to those that complain. Drake went public with the NSA's decision to spend billions on a bulk data collection system called Trailblazer rather than use a more targeted and cheaply built internally developed scanning tool called ThinThread.

Drake was arrested and charged with breaking the Espionage Act (similar to the charges Snowden himself faces for leaking thousands of top-secret documents) and was offered multiple plea offers involving prison time. Just before the trial the government dropped most charges, and Drake agreed to cop to one misdemeanor count for exceeding authorized use of a computer.

As for press reports in which serving intelligence agents made threats against his life, Snowden said he found them discouraging rather than frightening.

"That current, serving officials of our government are so comfortable in their authorities that they're willing to tell reporters on the record that they think the due process protections of the 5th Amendment of our Constitution are outdated concepts. These are the same officials telling us to trust that they'll honor the 4th and 1st Amendments. This should bother all of us," he said.

Snowden denied stealing coworkers' passwords to get the NSA files, and said that press reports that he had hacked into his colleagues' systems in order to obtain the files were wrong. Great care had been taken to make sure staff were not be compromised by the information that has been released, he said.

"Returning to the US, I think, is the best resolution for the government, the public, and myself, but it's unfortunately not possible in the face of current whistleblower protection laws, which through a failure in law did not cover national security contractors like myself," he said.

"The hundred-year old law under which I've been charged, which was never intended to be used against people working in the public interest, and forbids a public interest defense. This is especially frustrating, because it means there's no chance to have a fair trial, and no way I can come home and make my case to a jury."

In an interview with MSNBC on Thursday, the US attorney general Eric Holder said offering Snowden amnesty was "going too far." He also declined to refer to Snowden as a whistleblower, saying he preferred the term "defendant."

"We've always indicated that the notion of clemency isn't something that we were willing to consider. Instead, were he coming back to the US to enter a plea, we would engage with his lawyers," Holder said. ®

Protecting users from Firesheep and other Sidejacking attacks with SSL

More from The Register

next story
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Jihadi terrorists DIDN'T encrypt their comms 'cos of Snowden leaks
Intel bods' analysis concludes 'no significant change' after whistle was blown
Home Depot: 56 million bank cards pwned by malware in our tills
That's about 50 per cent bigger than the Target tills mega-hack
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
China hacked US Army transport orgs TWENTY TIMES in ONE YEAR
FBI et al knew of nine hacks - but didn't tell TRANSCOM
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.