The latest news on the U.S. military’s unconstitutional spying on Americans’ telephone, email, and Internet communications through the Pentagon’s National Security Agency should pierce through any fantasy that people can take reasonable protections to shield their personal information from the NSA. The New York Times reports that the NSA has successfully thwarted encryption protections of Americans’ online and telephone communications. The NSA has been working with corporations, including Google, Facebook, and Yahoo, that promise users encryption of data, but then give spies encryption keys that can dismantle encryption. These corporations have also sometimes given NSA spies ongoing direct access to unencrypted versions of supposedly protected communications, through what are referred to as “backdoors” purposefully engineered into the encryption systems.
The rare corporations that have refused to betray promises of encryption to their customers have been targeted by the NSA anyway, through hacking operations that have stolen encryption keys or found other ways to bust through privacy protections.
The destruction of meaningful encryption protections has taken place through a specific program in the NSA. Its code name: Bullrun.
In reaction to these revelations, Christopher Soghoian of the ACLU comments, “The encryption technologies that the NSA has exploited to enable its secret dragnet surveillance are the same technologies that protect our most sensitive information, including medical records, financial transactions, and commercial secrets. Even as the NSA demands more powers to invade our privacy in the name of cybersecurity, it is making the internet less secure and exposing us to criminal hacking, foreign espionage, and unlawful surveillance. The NSA’s efforts to secretly defeat encryption are recklessly shortsighted and will further erode not only the United States’ reputation as a global champion of civil liberties and privacy but the economic competitiveness of its largest companies.”