Select Page

A little over four months ago former NSA (America’s National Security Agency) contractor Edward Snowden leaked a series of documents that revealed widespread spying on American citizens’ phone, internet and email data. Since then, the involvement and similar practices of many other countriesgovernments has come to light, including that of Australia.

 

NSA Logo

NSA Logo
Credit: Justin Elliott | ProPublica

 

While most people seem to be relatively apathetic about the revelations, others are understandably more concerned. Should you be? Here are some of the questions you may have about the spying and how to protect your data.

 

Q. How do I stop stuff I post online being accessible to others?

A. Don’t post it. If you wouldn’t want it to be public, then don’t post it to Facebook, Google+, Twitter, Youtube, Instragram or any other site. Regardless of any ‘privacy’ settings, all websites should be considered public spaces by default.

 

Q. Is email private/secure?

A. Basically, no. Even with encrypted SSL connections to and from the server, at the very least the email provider themselves can decrypt and read your emails (therefore, so can anyone who can subpoena them). PGP (paid, free) and Truecrypt (free) can both be used to securely encrypt email content (though not metadata), but neither is trivial to use. And have you considered the recipient of your email? How can you ensure they won’t have their email account compromised, their computer stolen or hacked, or even simply forward your email to someone else?

 

Q. Should I be worried about the NSA/GCHQ/[insert government agency here] spying on me?

A. Probably not. If you’re not plotting a terrorist attack, dealing drugs, hacking websites or accessing child porn – which, of course, most of us are not – no government agency is likely to have any reason to bother you.

 

Q. Should I be worried about the NSA/GCHQ/[insert government agency here] spying on me?

A. Probably yes. The government agencies themselves are quick to trot out the ‘If you’re not doing anything wrong you have nothing to fear’ line in defence of their actions. Of course it is isn’t this simple. There is always the potential for misuse of collected data. I also think it would be fair to say that most people have certain expectations of privacy, particularly when it comes to phone calls and emails. Perhaps the best analogy I have heard is: Would you be happy to have a camera filming in your bathroom, or in public toilets? After all, you’re not doing anything wrong in there, right?

 

Conclusion

How much you choose to worry about your online privacy and the potential to be spied on will depend on a number of things – what you are communicating, who you are communicating with and your own personal privacy expectations. End-to-end encryption for which only you hold the key is currently the only way to ensure totally private communication (and even then you still rely on the receiving party to maintain their privacy).

 

Otherwise, as someone recently wisely suggested: if you wouldn’t want it on a billboard in the city square with your face next to it (or in the hands of the NSA) – don’t post it on the internet.

 

More information

For a detailed analysis and guide to using PGP encryption for email, see episode 418 of Security Now! with Leo Laporte and Steve Gibson:

http://twit.tv/show/security-now/418

 

Ars Technica has covered the Snowden leaks since they were first published:

http://arstechnica.com/series/nsa-leaks/

 

And of course, Glenn Greenwald at the UK’s The Guardian newspaper was the journalist who first received the leaked documents and broke the NSA spying story:

http://www.theguardian.com/world/the-nsa-files

 

Featured image by pumpkinmook on flickr