Fallout from the Snowden storm continues, with continued flurries of disclosures forecast for the next several weeks. Some of the fallout may be positive; some is definitely not.
Thanks to the revelations about PRISM, most of which seem based largely on speculation and excerpts from a PowerPoint presentation, the reputation of tech companies like Google and Facebook have taken a severe blow that may not be at all deserved. Likewise, any cloud storage provider in the United States is now (forgive me) under a cloud of suspicion. European regulators are now far less likely to compromise on new privacy rules, making it harder for U.S. companies to share data beyond our borders. It's a mess.
[ Also on InfoWorld: Facts and fiction, secrets and sci-fi: Breaking down the NSA | For a humorous take on the tech industry's shenanigans, subscribe to Robert X. Cringely's Notes from the Underground newsletter. | Get the latest insight on the tech news that matters from InfoWorld's Tech Watch blog. ]
But this damage wasn't caused by the leaks. It's caused by the total lack of transparency about what information the NSA collects and what happens to it. Toward that end, Microsoft, Google, and Facebook have all asked the U.S. government to allow them to publicize the number of requests for information they receive each year from our nation's spies via the FISA court. Google chief legal eagle Dave Drummond wrote:
Assertions in the press that our compliance with these requests gives the U.S. government unfettered access to our users' data are simply untrue. However, government nondisclosure obligations regarding the number of FISA national security requests that Google receives, as well as the number of accounts covered by those requests, fuel that speculation.
We therefore ask you to help make it possible for Google to publish in our Transparency Report aggregate numbers of national security requests, including FISA disclosures -- in terms of both the number we receive and their scope. Google's numbers would clearly show that our compliance with these requests falls far short of the claims being made. Google has nothing to hide.
You'd think that wouldn't be such a big deal. It's just a number, after all. But sorry, that's classified information. The fact that it's classified is also classified.
Past the point of no return?
Here's the bottom line for me. Regardless of what's true and what isn't true about what the NSA is doing, what's been exaggerated and what's still being hidden from us, or even whether you think Snowden is a hero or a traitor or something in between, here's what's important: This is the conversation we should have been having a long time ago.
We should have been talking about this back when the NSA decided to bypass the flimsy safeguards established to keep it in check and installed secret surveillance equipment at telecoms and network access points. We should have been discussing it back when Congress was writing law enforcement a blank check to gut the Fourth Amendment, otherwise known as the Patriot Act. We certainly should have been having a big public debate over these things when it came time to renew the Patriot Act and retroactively make warrantless wiretaps legal.