NSA spying will ultimately benefit us all

The relentless migration to the cloud requires strong encryption. Customers will demand it -- and snooping will be deterred

Most of us would agree that the NSA has spread its nets too far and cut deeply into our personal privacy. Ultimately, and perhaps ironically, I am hopeful this transgression will leave us with better protection for our personal communication than ever before.

I predict that more and more communications service providers will provide strongly encrypted communications by default. They'll also do so in such a way that outside, unauthorized parties (the NSA, law enforcement, and so on) will not be able to get the plaintext access to data they currently enjoy -- at least not as easily as they do today.

[ Build and deploy an effective defense against corporate intruders with InfoWorld's Encryption Deep Dive PDF expert guide. Download it today! | Stay up to date on the latest security developments with InfoWorld's Security Central newsletter. ]

Let me be clear: I'm speaking about my own beliefs about what will happen without a single shred of insider knowledge or intimation of a single company's intent. No one has shared their plans or with me. You know as much as I know.

But the world is going cloud in a big way. More and more of our data and communication is going to end up in the cloud via one avenue or another. There are economies of scale that simply can't be achieved any other way. The cloud movement can't continue if customers constantly worry about how easily third parties can access their data.

How might cloud providers protect customer data? For example, a public cloud provider might turn on default encryption in such a way that no one except the customer has access to the private keys. The data might be stored in a public cloud but appear as gobbledygook to anyone but the client. The NSA or other law enforcement agents would have no incentive to ask for the data, warranted or unwarranted (in the legal sense) because all they'd get is encrypted data. Several of these services already exist, and it's my strong personal belief that this model will become the norm.

I think the end result of the NSA being caught with so many prying eyes is that the public world is going to become, well, less public. What used to be commonplace (unencrypted datastreams) will become rarer and rarer as the reminder of this decade. InfoWorld's Galen Gruman even shared with me that W3C was reworking the HTTP protocol to require encryption for v2 compatibility -- and that's a good thing.

Of course, law enforcement will still be able to compromise people's privacy -- grabbing data off the Internet isn't the only way to capture people's private messages. The NSA and other law enforcement agencies are quite adept at breaking directly into people's computers or performing other hacks to get what they want. But it won't be nearly as easy.

My best guess is that the era of easy digital spying is coming to an end. Most people don't want it. No private company wants it. Cloud providers don't want it. In the computer security world I'm known as a curmudgeon, but here, I see hope.

This story, "NSA spying will ultimately benefit us all," was originally published at InfoWorld.com. Keep up on the latest developments in network security and read more of Roger Grimes' Security Adviser blog at InfoWorld.com. For the latest business technology news, follow InfoWorld.com on Twitter.

Recommended
Join the discussion
Be the first to comment on this article. Our Commenting Policies