Posted by Kalyani M. on Sep 20, 2013
It wasn’t that long ago that Edward Snowden blew the lid off the NSA’s now notorious PRISM program. This digital spying program has caused a fierce backlash against participating companies and may even result in lost revenue for many U.S. cloud companies. Recently, the New York Times revealed that AT&T has partnered with the DEA in offering law enforcement officials access to a massive database of phone records. Civil liberties groups are enraged and promise to battle this encroachment of citizen privacy in the courts. In the meantime, mobile users should be wary of information they disclose through their phones. And any sensitive data hosted online should be exclusively stored through a secure cloud that offers data privacy and user anonymity.
The DEA program is called The Hemisphere Project and is enabled through a close partnership with AT&T. According to the NYT release, the U.S. government pays AT&T to merge some of their employees with drug enforcement units around America. Officials are aided by AT&T employees in accessing phone data from 1987 until today. According to the American Civil Liberties Union’s deputy legal director Jameel Jaffer, “the integration of government agents into the process means there are serious Fourth Amendment concerns.” The program has remained secret until relatively recently and Jaffer wonders if “one reason for the secrecy of the program is that it would be very hard to justify it to the public or the courts”.
The Hemisphere project uses a complex algorithm to track users across different phone devices so that investigations remain fluid even if someone gets a new phone. Law enforcement officials, the DEA, and detectives can tap the project to find the exact location of phones as well as call logs from as old as one hour. The ACLU’s Jameel Jaffer claims that “The government appears to have had a significant role in developing the program, and apparently it’s even paying the salaries of some AT&T employees…To the extent that this is a government program, it’s subject to the Fourth Amendment. In any event, the fact that AT&T is playing such a big role here should be alarming, not reassuring. AT&T is looking out for its shareholders, not ordinary citizens, and its conduct isn’t governed by the Constitution.”
Digital privacy groups, consumer advocates, and 4th Amendment defenders echo Jaffer’s concerns. The government claims that the outrage is unwarranted and that this program isn’t simply a telecommunications version of PRISM. According to Justice Department spokesman Brian Fallon, “Subpoenaing drug dealers’ phone records is a bread-and-butter tactic in the course of criminal investigations…The records are maintained at all times by the phone company, not the government. This program simply streamlines the process of serving the subpoena to the phone company so law enforcement can quickly keep up with drug dealers when they switch phone numbers to try to avoid detection.” But consumers are wary of such data collection and monitoring programs, especially as the PRISM leak shows that the government isn’t always honest when asked about the extent of their privacy breaches.
Marc Rotenberg is the Electronic Privacy Information Center’s executive director voiced concern over the high potential for abuse in the program. According to Rotenberg, “One of the points that occurred to me immediately is the very strong suspicion that there’s been very little judicial oversight of this program,” Rotenberg said. “The obvious question is: Who is determining whether these authorities have been properly used?” When it comes to any data you want to keep safe, be careful of what you disclose over unsecured telecommunication servers. And for any online data you need to store or sync, be sure to exclusively upload to a secure cloud provider.
Securing Data Online With SpiderOak
For most users, finding a truly protected third party cloud service can be a challenge as many “secure” services on the market have security gaps that leave data and private company info wide open to third party attacks, leaks, or hacking. One cloud storage and sync service that sets itself apart from the rest of the market is SpiderOak. This service provides users with fully private cloud storage and syncing, featuring all of the benefits of the cloud along with 100% data privacy. SpiderOak is available with onsite deployment and private servers or outsourced deployment through a private and secured public cloud server, so that users can tailor the service to fit their needs.
SpiderOak protects sensitive user data with 256-bit AES encryption so that data, files, and passwords stay private. Authorized accounts and network devices can store and sync sensitive data with complete privacy, because this cloud service has absolutely “zero-knowledge” of user passwords or data. And all plaintext encryption keys are exclusively stored on approved devices because SpiderOak never hosts any plaintext data. This way, even if programs like NSA’s PRISM continue to stand unchallenged, users can rest easy knowing that their data is truly protected. SpiderOak’s cross-platform private cloud services are available for users on Windows, Mac, and Linux platforms, along with Android and iOS mobile devices, allowing for full flexibility and enabling safe mobile access.