Posted by Kalyani M. on Jul 11, 2013
Whistleblowers and the NSA PRISM scandal have monopolized headlines throughout the 24-hour news cycle for weeks now. But the problem of protecting whistleblowers is nothing new. In 2005, a former intelligence analyst, Russ Tice blew the whistle on an allegedly unconstitutional NSA spying program that targeted U.S. citizens. On a radio show, the whistleblower even claimed that President Obama was once a target of the program. According to Tice, “in summer of 2004, one of the papers that I held in my hand was to wiretap a bunch of numbers associated with a 40-something-year-old wannabe senator for Illinois. You wouldn’t happen to know where that guy lives right now would you? It’s a big white house in Washington, D.C. That’s who they went after, and that’s the president of the United States now.”
From future presidents to everyday citizens, whistleblowers have leaked information to the public on once-secret programs that have impacted everyone. The most buzzed about instance of recent whistleblowing is the case of Edward Snowden and the NSA PRISM program. According to Snowden, PRISM amounts to the biggest collection of private citizen user data achieved through the cooperation of tech giants like Apple, Microsoft, Google, and Facebook. The government has actively sought to detain Edward Snowden, following a pattern of aggression against whistleblowers and even journalists.
According to court documents, the Obama administration secretly monitored a Fox News journalist, James Rosen, and now the FBI names him a co-conspirator. According to Jan Crawford of CBS News, this is the first time in U.S. history that a presidential administration has treated reporting the news as a crime, while branding a reporter as a criminal suspect. Rosen claimed that he could keep his source private for his 2009 scoop of classified information on North Korea’s nuclear tests. Government agents kept tabs on Rosen’s location, ransacked his emails, and checked his phone records, under the guise of national security. In his defense, President Obama said, “I don’t think the American people would expect me as commander-in-chief not to be concerned about information that might compromise their missions or might get them killed.”
But Jan Crawford, along with many transparency and privacy advocates, are not buying it. On CBS This Morning, Crawford recently gave a scathing critique of the practice of attacking whistleblowers and targeting journalists, “Now, of course, media critics (including) the American Civil Liberties Union say no presidential administration — not even the Nixon administration — went after reporters with search warrants and secret surveillance, and journalists I’m talking to in Washington … are saying they are seeing the impact of this, that their sources and whistleblowers — those people who can be so important in bringing out information to the public that the government may obviously want to keep secret — that they’re afraid to talk, that they’re staying silent. And that, they say, could be the real impact of this. If the administration kind of intimidates people into not coming forward, people stay silent and the administration gets to control the information and the story.”
The argument the Obama administration has set forth echoes the same arguments put forth against NSA whistleblower Tomas Drake and Pentagon Papers leaker Daniel Ellsberg. According to Jesselyn Radack, National Security & Human Rights Director for the Government Accountability Project (the biggest whistleblower protection advocacy group in the country), “If the government wants whistleblowers to stop exposing its illegal conduct, the government should stop breaking the law. At the very least, the government should protect – not prosecute – whistleblowers. In a surveillance state, whistleblowers are the new enemy, but a surveillance state is where the public most needs to hear from whistleblowers.”
Protecting whistleblowers has garnered widespread bi-partisan support. And the Human Rights Watch has even spoken out on this topic as a human rights issue. In a recent statement on whistleblowing, the human rights group said, “In light of these specific facts, Human Rights Watch urges the Obama administration not to prosecute Edward Snowden or other national security whistleblowers until it is prepared to explain to the public, in as much detail as possible, what the concrete and specific harms to national security his disclosures have caused, and why they outweigh the public’s right to know. If the administration truly welcomes a debate on issues of privacy, rights, and security, as President Obama has said it does, then prosecuting the man who sparked the debate is not the way to show it.” The organization went further, speaking on the Espionage Act and noting “penalties for disclosures under the Espionage Act, whose charges carry 10-year prison terms, are significantly heavier than what many other democracies impose on government agents who expose secrets.”
Keeping Secrets Safe in the Private Cloud
To keep sensitive secrets private while ensuring anonymity, whistleblowers and reporters should adhere to the suggestions in the Journalist Security Guide. After this first step, be sure to keep any secrets safe through a private third party cloud service. Many cloud services on the market have security gaps that leave sensitive information vulnerable to NSA snooping. But with SpiderOak, journalists and whistleblowers can enjoy 100% data privacy.
As for just how SpiderOak protects sensitive data, the service offers two-factor password authentication and 256-bit AES encryption so that files and passwords stay private. Two-factor authentication is just like the process used by some banking services that require a PIN as an extra precaution along with a password. Through SpiderOak, users that select two-factor authentication must submit their private code through SMS as well as an individual encrypted password. Whistleblowers can store and sync sensitive information with complete privacy, because this cloud service has absolutely “zero-knowledge” of user data. Plaintext encryption keys are only stored on the user’s chosen devices. SpiderOak’s private cloud services are available on Windows, Mac, and Linux platforms, along with Android and iOS mobile devices.