Interview with Cyrus Farivar

“Better Ways of Thinking
About Data Protection”

.

Das Interview habe ich via E-Mail mit Cyrus geführt. Eine deutschsprachige, etwas kürzere Fassung erscheint auf fudder.de.

Martin Jost: How is the fact that security agencies collect and evaluate metadata from practically all electronic communication channels perceived in the US?

Cyrus Farivar: I think most (non tech-savvy) people are either unaware or don’t care. I think the prevailing attitude is: „I have nothing to hide, so what’s the big deal?“ This makes me sad, as I don’t think most people realize what the implications of this are, and how this is such a huge departure from what’s been done/has been possible in the past. That being said, Congress recently aggressively questioned Department of Justice officials this past week, so maybe at least they can change the government’s behavior.

Why is there not more of a reaction/a scandal/opposition?
→ I thought (via pop culture: X-Files; Enemy of the State; Conspiracy Theory) there was a general distrust in the US towards secret government agencies. Why doesn’t that translate into opposition?

“Cyrus [suh-ROOS] is the Senior Business Editor at Ars Technica, and is also an author and radio producer. His book, «The Internet of Elsewhere» – about the history and effects of the Internet on different countries around the world, including Senegal, Iran, Estonia and South Korea – was published by Rutgers University Press in April 2011. He previously was the Sci-Tech Editor, and host of „Spectrum“ at Deutsche Welle English, Germany’s international broadcaster. He has also reported for the Canadian Broadcasting Corporation, National Public Radio, Public Radio International, The Economist, Wired, The New York Times and many others.” (source: Cyrus’s bio on arstechnica) • Foto: David Sasaki cc: by-nc-sa

You’re right, we have distrust of the government generally speaking—that’s why we don’t have a national ID card, for example—but I think in this case, most people don’t really understand what massive surveillance looks like, or even for that matter, what „metadata“ is. There is opposition in the tech/legal communities, particularly with groups like the American Civil Liberties Union (ACLU) and the Electronic Frontier Foundation (EFF) that have brought lawsuits that would not have been possible prior to Snowden’s disclosures. That being said, I’m hopeful that as this case builds that things will change.

Do you/do people feel the loss of privacy is a fair tradeoff for alleged higher security?

No, I do not. I think that conducting massive, blanket surveillance of 300+ million Americans to catch a tiny handful of bad guys is not worth it. I mean, consider the program for license plate readers (http://ars.to/12yDEVh): „Marin County—the county just across the Golden Gate Bridge from San Francisco—told me that from June through December of 2012, the county scanned more than 617,000 license plates. What had it achieved by recording all that data? The county sheriff recovered 27 stolen cars.“

That’s a ratio of 22,851 to 1! That’s insane. This is the same argument made for the metadata surveillance program, that the head of the NSA, Gen. Keith Alexander makes: „You can find the needle if you don’t have the haystack.“

I think there is also compelling evidence that the FBI has been stopping more fake terrorist plots than actual terrorist plots. (See: http://bit.ly/1dMiA2x)

Were you surprised at all by what Edward Snowdon uncovered?

I was, yes. I think I knew that the government was conducting surveillance, but I (naively?) assumed that it was much more targeted than collecting phone records on every single American. That is worth knowing, and is worth having a public discussion about. I really hope that this program gets curtailed.

How did you change your online behavior after you heard of the extent of surveillance undertaken by NSA?

I try to shield my online activities for the most part anyway. I use a commercial VPN from time to time (with rotating IP addresses), but I don’t use Tor for everything. The reality is that crypto (Tor, PGP, etc) is still far too difficult to use for most normal people. If we could get something that’s as good as Gmail and have it be end-to-end encrypted (which would defeat Google’s ad regime) that would be ideal, but I doubt that’s going to happen anytime soon.

From your experience/research on the “internet of elsewhere”: Do you consider the US to be a country whose citizens’ freedom and privacy are relatively secure compared to other countries, still?

I think that the American Internet is pretty free, in terms of nothing is blocked, and people don’t necessarily realize how much is being done in terms of surveillance. I think that my experience in Germany taught me that there are different (and I would argue, better) ways of thinking about data protection. I love the idea that is used in Germany (and in Europe, too) that citizens have the right to question companies and government agencies about their data, examine it, modify it, or delete it.

As I wrote recently for Ars (http://ars.to/1dMjhZX):

„In short, the government is relying on a well-established (but increasingly challenged) part of American case law known as the “third-party doctrine.” This notion says that when a person has voluntarily disclosed information to a third party—in this case, the telco—the customer no longer has a reasonable expectation of privacy over the numbers dialed nor their duration. Therefore, this doctrine argues, such metadata can be accessed by law enforcement with essentially no problem.“

This idea would never fly in Europe—and I hope that we manage to overturn it here.

---

Auch noch:

• Interview von 2011: „Nicht das Internet verändert die Gesellschaft, sondern die Kultur formt das Netz“
• fudder: Papst-Ticker: Der Papst und soziale Netzwerke
• fudder: Social TV – Nie wieder alleine fernsehen

37.804364 -122.271114