Don’t Trust the NSA? How to Protect Your Privacy

Posted by on Aug 29, 2013

After the NSA’s PRISM program was leaked by Edward Snowden public backlash has been rapidly building. In an attempt to qualm concerns over lost online privacy rights, governmental officials have claimed that the NSA’s PRISM program has operated with clear privacy standards. Unfortunately, that’s far from the case, as recent news reveals that the NSA violated its own privacy standards without proper congressional oversight. Instead of waiting for governmental transparency and a universal standard for online security, small businesses and everyday users can protect their privacy through secure cloud storage and sync services.


Image courtesy of nytimes.com

A recent audit of the NSA shows that the agency consistently broke their established privacy rules. According to journalist Barton Gellman on The Washington Post, “The National Security Agency has broken privacy rules or overstepped its legal authority thousands of times each year since Congress granted the agency broad new powers in 2008…Most of the infractions involve unauthorized surveillance of Americans or foreign intelligence targets in the United States, both of which are restricted by law and executive order. They range from significant violations of law to typographical errors that resulted in unintended interception of U.S. e-mails and telephone calls.” The journalist goes on to claim that these breaches also involve unauthorized access to private content and unwarranted surveillance on the general populace, adding fuel to paranoia raised from the PRISM leaks. As Jameel Jaffer, Deputy Legal Director at the ACLU, says, “The rules around government surveillance are so permissive that it is difficult to comprehend how the intelligence community could possibly have managed to violate them so often.”

NSA Violations

Image courtesy of washingtonpost.com

Privacy advocates turning to the White House have been frustrated in trying to establish some sort of transparency around the program. Deputy Attorney General James Cole testified before congress with information on the PRISM program’s compliance record saying, “Every now and then, there may be a mistake.” Just how many? According to the NSA audit, 2,776 separate incidents from the previous year. Such breaches of the organization’s privacy policy range from the collection of legally protected communications to the illegal distribution of such private data. A senior NSA official recently spoke out on the breaches, “We’re a human-run agency operating in a complex environment with a number of different regulatory regimes, so at times we find ourselves on the wrong side of the line.” But for Senator Dianne Feinstein (D-Calif.), Chairman of the Senate Intelligence Committee, such audits haven’t gone far enough. In a statement the senator claimed that the committee “should do more to independently verify that NSA’s operations are appropriate, and its reports of compliance incidents are accurate.”

As for President Obama, new proposals to increase transparency have stopped at mere political rhetoric. Shahid Buttar, executive director of the Bill of Rights Defense Committee, recently criticized the federal government, “It was great to hear [President Obama] acknowledge the need for an adversarial process at the FISA court — that was the one meaningful thing that he said — everything else was either papering over, or outright misrepresenting the truth. The idea of an orderly process, and a Congress that’s been fully briefed — that’s total BS, and I was disappointed to hear the President make so factually and demonstrably untrue a claim as to say that Congress has been engaged in oversight of the NSA, because the executive branch as been impeding oversight at every turn.” Given these developments, SMBs and average users shouldn’t rely on the government to be a source of security standards. Instead, be sure to keep any sensitive information exclusively uploaded to a secure cloud provider. Otherwise small businesses and users would be vulnerable to legal snooping.

Keeping PRISM Out of Your Cloud

Users sometimes find that selecting a truly protected third party cloud service can be a challenge as most “secure” services on the market have glaring security gaps that leave their sensitive data wide open to third party attacks, leaks, and hacking. One rapidly expanding cloud storage and sync service that sets itself apart from the rest of the market is SpiderOak. This service provides users with fully private cloud storage and syncing, featuring all of the benefits of the cloud along with 100% data privacy. SpiderOak is available with onsite deployment and private servers or outsourced deployment through a private and secured public cloud server, so that users and small businesses of all sorts and sizes can tailor the service to fit their needs.

SpiderOak protects sensitive user data with 256-bit AES encryption so that files and passwords stay private. Authorized accounts and network devices can store and sync sensitive data with complete privacy, because this cloud service has absolutely “zero-knowledge” of user passwords or data. And all plaintext encryption keys are exclusively stored on approved devices because SpiderOak never hosts any plaintext data. This way, even if programs like NSA’s PRISM continue to stand unchallenged, users can rest easy knowing that their data is truly protected. SpiderOak’s cross-platform private cloud services are available for users on Windows, Mac, and Linux platforms, along with Android and iOS mobile devices, allowing for full flexibility and syncing on the go.

Leave a Reply