Exactly one year ago today, The Guardian released the first of a series of stories based on secret NSA documents leaked by former contractor Edward Snowden. The news that the U.S. government was collecting the phone records of millions of Verizon customers on an “ongoing, daily basis” set off a media firestorm. In the following days, weeks, and months, we learned that not only was the NSA collecting call records, it had several secret, invasive surveillance programs, including one that collected billions of records of internet communications from individuals around the world. We came to find out that it’s not just the NSA that is reported to engage in mass surveillance, but intelligence agencies around the world, including the British, German, Australian and French spy services.
Access and other civil society groups called for an immediate halt to the government mass surveillance programs, reform of overbroad and ambiguous legal provisions, and for greater transparency about the government’s spying activities as well as for those responsible for such egregious violations of our rights to be held accountable. As the revelations continued, the concern about the impact of government surveillance on our fundamental freedoms increased, and calls for immediate restoration of human rights principles to surveillance programs grew louder.
The surveillance programs detailed in the first leaks were just the tip of a very large iceberg. This past year has been full of revelations about mass surveillance programs, each more dystopian than the last. In honor of the anniversary of the initial Snowden revelations, Access has compiled a brief overview of what we know now:
Surveillance agencies are watching almost everyone…
- The NSA and GCHQ have spied on global leaders, gamers, and Google data centers alike. The NSA alone collects billions of call records each day to track cell phone users around the world and millions of online photos as part of a facial recognition project.
- The NSA also collects browsing information from millions of internet users and stores these records for up to a year, even if the records aren’t about persons “of interest” to the NSA. The NSA’s surveillance network covers about seventy-five percent of all U.S. internet traffic, and at one time, the NSA was collecting close to one hundred percent of U.S. persons’ call records. (Now they are “only” collecting about thirty percent.)
- The GCHQ and the NSA are tapping into fiber optic cables to monitor online communications, and telecommunications giants Vodafone and BT each gave Britain’s GCHQ unlimited access to undersea cables.
- In France, DGSE is also engaging in large scale surveillance of communications, and has had unrestricted access to the networks of Orange, one of the largest telecommunications companies in the world.
- The NSA shares raw intelligence data with Israel’s signals intelligence agency. The US also pools signals intelligence with the other members of the “Five Eyes”: Australia, Canada, New Zealand, and the UK.
…but practically no one has been watching the watchers.
- Elected leaders in the White House and on congressional intelligence committees claimed they did not know the extent of NSA surveillance. There has yet to be legislative reform of the NSA’s mass surveillance programs, and the most recent reform legislation, the USA FREEDOM Act, was severely watered down in the House of Representatives.
- The court tasked with making sure that NSA surveillance follows the law approved NSA’s use of “inadvertently acquired” records—as in records completely unrelated to NSA investigations.
- The Mexican government has proposed a new law called Ley Telecom that would impose broad censorship on the internet and allow for “competent authorities” to request content be blocked. The law will also allow authorities to request personal communications information with no need for prior judicial approval.
Mass surveillance probably violates domestic and international law and the U.S. Constitution…
- Leading legal scholars and former NSA overseers have expressed grave doubts that the bulk metadata collection program meets the standard set out by law.
- A federal judge has found that NSA bulk surveillance likely violates the U.S. Constitution. Just this week, another court reluctantly upheld mass surveillance programs, but called on the Supreme Court to overturn the case law used to justify these programs.
- International law experts believe that NSA dragnet surveillance violates U.S. obligations under international conventions, while the UN Human Rights Committee has criticized the NSA’s programs for failing to protect the rights of non-U.S. persons.
- There have been a number of investigations into the NSA and GCHQ mass surveillance programs, including one by the European Parliament.
…and NSA analysts have definitely violated privacy laws.
- There are thousands of documented incidents of NSA analysts breaking U.S. privacy laws.
- NSA analysts even had a name for their illegal practice of spying on love interests (LOVEINT).
The NSA has made the internet, and all its users, less secure…
- With the help of tech companies and service providers, the NSA inserted secret backdoor access to commercial encryption software—programs relied on to keep data private.
- The NSA likely used its influence at the National Institute of Standards and Technology (NIST) to weaken online security standards that are widely used around the world.
…but mass surveillance programs are not making us safer.
- Although the U.S. government claims that its draconian surveillance measures are necessary to prevent terrorism, the NSA collected audio from every call made in the Bahamas, a country that poses “little to no” terrorism threat to the U.S.
- In any case, mass surveillance does not work to prevent terrorism.
The more light that is shed on surveillance programs, the less the public approves. A majority of Americans now disapprove of the NSA’s programs and think that Snowden’s revelations were the right thing to do. Given that the NSA has misrepresented the scope and efficacy of its programs to even the government officials involved in surveillance oversight, we have every reason to think that the state of affairs is worse than what we now “know” it to be.
What’s more, it seems that revelations about the NSA and GCHQ have caused a surveillance “space race,” compelling the German BND to ask for 300 million Euros to extend its surveillance program. The Swiss government is currently attempting to give itself an expanded legal mandate to surveil online communications and to increase mandatory data retention, even though this technique is not effective at combating serious crime.
The time for surveillance reform was yesterday. That’s why Access has long pushed for the adoption of the International Principles on the Application of Human Rights to Communications Surveillance, which explicitly state that mass surveillance violates fundamental freedoms, and outlines how human rights obligations apply when conducting communications surveillance. Access has also condemned the NSA’s weakening of online security and supported legislation that would keep the NSA out of cryptography standards. While legislative restraints are still lacking, Encrypt All the Things, Access’ campaign to promote the Digital Security Action Plan (which features seven security-enhancing steps to help raise the floor on how data is protected) is encouraging companies to take tangible steps to secure their users, making it harder for governments to spy on us.
The past year has, at times, seemed like an ever-worsening parade of Orwellian revelations. The bright side is that conversations about digital freedoms and national security are no longer being held in back rooms, but in open chambers. One example of this is that the UN General Assembly passed a resolution affirming that member states have the obligation to respect and protect the right to privacy in the context of digital communications.
The Snowden revelations have turned an intense spotlight on the future of human rights in a world where mass surveillance is only a few clicks away. What we know now illustrates that our digital rights will continue to be eroded unless we fight back. We may not have the NSA’s endless resources, but we do have you, our global community. With your generous support we can do what it takes to defend and extend the digital rights of users at risk around the world.