Skip to Content

NSA Leaks Could Inspire a Global Boom in Intrusive Surveillance

Governments already dabbling with authoritarian control of the Internet could be spurred on by learning of NSA surveillance.
November 12, 2013

Reports of the National Security agency’s surveillance programs based on documents leaked by Edward Snowden have been embarrassing for some, enraging to others. But to governments and security services in developing economies they will prove inspirational, according to a report (PDF) from the University of Toronto’s Citizen Lab, which studies online security and privacy.

The report warns that governments that already impose authoritarian controls on the Internet, such as China, India, and Saudi Arabia, may now seek to boost those efforts with NSA-style bulk collection programs that trample on civil liberties.

Ron Deibert, director of Citizen Lab, writes in the report that:

“No doubt one implication of Snowden’s revelations will be the spurring on of numerous national efforts to regain control of information infrastructures through national competitors to Google, Verizon, and other companies implicated, not to mention the development of national signals intelligence programs that attempt to duplicate the US model.”

Deibert says that many companies already face “complex” and “frustrating” requests from “newly emerging markets” for data on their users. He believes that the NSA revelations will cause those to become even more common, with unwelcome results.

“Many countries of the global South lack even basic safeguards and accountability mechanisms around the operations of security services, and their demands on the private sector could contribute to serious human rights violations and other forms of repression.”

India, the United Arab Emirates, and Saudi Arabia, for example, have already demanded that BlackBerry add interception technology to its services, notes Deibert. He says that insisting that companies add such “backdoors” to their services introduces serious security risks, because they could be discovered and abused by others.

Citizen Lab has evidence to back up that argument. In 2008, researchers in the group that the Chinese version of Skype, Tom-Skype, had been modified to help the Chinese government’s surveillance efforts. The program sent chat logs to a government server if certain keywords were typed, but that server was not password protected. Anyone could download millions of personal conversations collected by the authorities, which included credit-card numbers and other sensitive information.

Deibert doesn’t argue that security services should never access data held by Internet companies. But he maintains that can be done without hard-wiring backdoors into communications services. Rather he would prefer agencies to be restricted to requesting specific, limited information about certain accounts on a case-by-case basis, rather than harvesting bulk data for later processing as we have learned the NSA does.

Keep Reading

Most Popular

DeepMind’s cofounder: Generative AI is just a phase. What’s next is interactive AI.

“This is a profound moment in the history of technology,” says Mustafa Suleyman.

What to know about this autumn’s covid vaccines

New variants will pose a challenge, but early signs suggest the shots will still boost antibody responses.

Human-plus-AI solutions mitigate security threats

With the right human oversight, emerging technologies like artificial intelligence can help keep business and customer data secure

Next slide, please: A brief history of the corporate presentation

From million-dollar slide shows to Steve Jobs’s introduction of the iPhone, a bit of show business never hurt plain old business.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.