After the Snow
Two years after Edward Snowden’s first revelations about NSA and GCHQ intelligence-gathering operations were published, John Chisholm what effect his actions have had on our security and moral standing
Since June 2013, Edward Snowden has remained an ambiguous figure. Still in an “undisclosed location” in Russia, even the circumstances of his being there are unclear. Depending who you talk to, Snowden can be portrayed as a campaigner for individual liberty through to being a reckless traitor to his country. Two years after his revelations were made public, what has been the impact of his actions? And what about Snowden himself?
On 6 June 2013, in joint pieces, The Guardian and Washington Post reported the US National Security Agency (NSA) was collecting the telephone records of millions of Verizon customers under a top secret court order granting the US government unlimited authority to obtain communications data for a three-month period. Furthermore, another programme dating back to 2007, codenamed PRISM, allowed the NSA to extract the details of customer activities including “audio and video chats, photographs, e-mails, documents” and other materials from computers at Microsoft, Google, Apple and other Internet companies. After that it got worse. Soon, Snowden’s information revealed the US was spying on its allies as well as its own citizens, implicated numerous private companies in conniving with this and exposed various allies of the US as assisting the NSA’s international data gathering efforts.
Snowden was not an internet conspiracy theorist. Although in 2008 he had been very critical of whistle-blowers through a pseudonym he was using on a blog, by 2012 his position had dramatically shifted. He later claimed that he worked to get himself into a position where he had access to, and had the ability to download, huge quantities of material. When retired NSA director Keith Alexander was asked in a May 2014 interview to quantify the number of documents Snowden stole, Alexander answered: “I don’t think anybody really knows what he actually took with him, because the way he did it, we don’t have an accurate way of counting. What we do have an accurate way of counting is what he touched, what he may have downloaded, and that was more than a million documents.” This is troubling in itself, in that the intelligence services Snowden took documents from had no idea how much he had taken, and could only base their investigations on what he could have taken. What we are aware of, given the revelations made, is the scope of the documents is huge, and hugely embarrassing. Many operational areas of surveillance that were suspected are now proven to be true. This is backed up by Snowden’s avalanche of documentation, and is impossible for the authorities to deny.
Instead, measures were taken to try and undermine Snowden. This was not easy, as he had not done this for money, or a recognisable dislike of the US or the West. Indeed, Snowden has claimed he did what he did because he was appalled at the illegality and surveillance over-reach that took place, way beyond what he and many others, considered justifiable in operations against terrorism. And, it has to be argued, that Snowden had a point. Spying on the head of the EU, or the German Chancellor, could not by any stretch of the imagination be considered justifiable. Indeed, so odd were these allegations that the US authorities did not even bother to justify or explain them. Instead, they confined their attacks on Snowden to issues around security of personnel, techniques of surveillance and the fact that his self-justification did not seem to hold water.
Meanwhile, Snowden himself had found himself marooned in Moscow. He later claimed his destination had been Cuba and then on to other parts of South America. But the revocation of his passport by the US authorities prevented this. Snowden also claimed that the US “leant on” Cuba, which Fidel Castro himself forcefully denied. However it happened, Snowden had two choices: return to the US and face the music or stay in Russia and request asylum. He chose the latter. It is quite possible that, in light of the Bradley Manning affair, he felt the US would not be able to provide a fair trial. But by remaining in Russia, a country becoming increasingly authoritarian, he severely undermined his stated claim to be an aggrieved supported of liberty and internet freedom. This made life a little easier for his critics, who had previously lacked real traction to attack Snowden – who lacked a motive based on money or ideology – and had been focussing on his naiveté and the damage he had done to operations abroad, putting lives at risk. As none of this could be proven, whereas Snowden’s allegations could, the effect had been limited. Now he could be portrayed as “anti-American” by the simple metric of having decided to stay in Russia.
Snowden’s actions divided the US, with around a quarter of the population considering he had done the right thing, half the reverse and the rest not giving an opinion. Younger respondents were generally more supportive of Snowden than older ones. In Europe, Snowden’s approval was far higher, and he won a series of awards relating to free speech and internet freedom. In many ways Snowden’s revelations had confirmed to many what they had already suspected: that the US was using its vast intelligence resources, and roping in close allies through the Five Eyes grouping to spy on pretty much anyone or anything that took their fancy. The evidence provided a solid basis for what had previously been a general feeling of mistrust. This was significant. Snowden’s documentation not only gave form to their fears, but in many cases showed that the situation was worse than they had originally suspected.
Two years on, what has Snowden achieved? Beyond making himself an exile, a hero and a villain in one fell swoop, his actions have had a series of effects on the way intelligence works, the reputation of the US and the willingness of private companies to co-operate with intelligence agencies. There were also significant impacts on intelligence services outside of the US.
One of the most immediate and telling effects has been an upswing in distrust in the US, for intelligence officials generally, and for the ability of the administration to manage them. The Director of National Intelligence, James Clapper, had to admit he lied to Congress and the President was forced to admit that some of these actions took place in a disorderly and unlawful way – serious admissions by any measure. President Obama openly admitted the national debate about the security of private citizens would not have taken place without Snowden’s revelations, clearly marking his impact.
A former federal judge who granted government surveillance requests broke ranks to criticise the system of secret courts as unfit for purpose in the wake of more recent revelations by Snowden, to be followed by many others in the legal profession who called into question the legality and the overall framework of what the US administration was doing in conducting surveillance on its own citizens. That these officials, elected or appointed, started falling over themselves to say, in effect, that this was a positive thing that needed to happen smacks of hypocrisy. The Director of National Intelligence – the same one who lied to Congress – came out with this: “It’s clear that some of the conversations this has generated, some of the debate, actually needed to happen”. Meanwhile the President – the man with whom the buck famously stops, ruefully acknowledged that the roiling, year-long debate over surveillance would not have happened without him. So, while wanting Snowden to return to the US to face charges of treason, key figures were racing to acknowledge his contribution to opening a debate about surveillance.
Private companies, themselves heavily implicated in the whole affair, raced to shore up their reputation with their customers. In a rare legal move, Yahoo asked a secretive US surveillance court to let the public see its arguments in a 2008 case that played an important role in persuading tech companies to co-operate with a controversial government data-gathering effort, hoping they would be released and prove that Yahoo had acted on the instructions of the government. The documents stayed secret. The ability of the PRISM programme to access data on their servers, of which they seemed to be fully aware, has now blown up in their face. Foreign companies pay around $35bn to store data in the US, which has now been proven to be subject to surveillance. Companies have subsequently been falling over each other to encrypt this information in order to save their business.
Outside of the US there has also been a considerable impact. In France, days after President Francois Hollande sternly told the United States to stop spying on its allies, the newspaper Le Monde disclosed that France has its own large programme of data collection, which sweeps up nearly all the data transmissions, including telephone calls, emails and social media activity, that come in and out of France. As if this was not a big enough “oops” moment, over the English Channel, directly stimulated by Snowden, MI5 and GCHQ faced their first open, public hearing before MPs. Admittedly this was a gentle affair, but the fact that it happened at all is significant and sets a precedent for organisations that were not even admitted to exist a generation ago.
Meanwhile, further revelations not only illustrated how the UK contributed information but also had asked for “unsupervised access” to the entire NSA data pool. Of course, not all European countries were culpable – some were victims, and none more high profile than the German Chancellor, Angela Merkel, who found out that her mobile phone was being monitored by the NSA. Comparing the NSA’s actions to the Stasi, she was clearly more than a little irritated, while a German judge set in train an investigation.
And it was not just European leaders who discovered they were under surveillance. Brazilian President Dilma Roussef proceeded to excoriate the US’ actions from the podium of the UN General Assembly, while her government awarded a fighter contract to Saab rather than Boeing, with one official commenting to Reuters that Snowden’s leaks had “ruined it for the Americans”.
Many ordinary people have changed their behaviour as well. According to the CIGI-Ipsos Global Survey on Internet Security and Trust, around 39 per cent of people surveyed had changed their internet behaviour as a result of Snowden’s revelations. According to security commentator Bruce Schneier: “It’s probably true that most of those people took steps that didn’t make any appreciable difference against an NSA-level of surveillance, and probably not even against the even more pervasive corporate variety of surveillance. It’s probably even true that some of those people didn’t take steps at all, and just wish they did or wish they knew what to do. But it is absolutely extraordinary that 750 million people are disturbed enough about their online privacy that they will represent to a survey taker that they did something about it.” So, what they did was probably ineffective, but if there was something they could have done that was effective then they would have done it.
But has Snowden made the West a less safe place? The egregious Clapper, never seemingly short of something to say, complained that Snowden’s leaks created a “perfect storm”, degrading the intelligence community’s capabilities. Snowden’s leaks, said Clapper, damaged relationships with foreign and corporate stakeholders, restrained budget resources, and caused the US to discontinue collecting intelligence on certain targets, putting the United States at greater risk. Presumably the damage caused by being caught spying on allies was the fault of those finding out, rather than doing it in the first place. He was joined by the Director of the National Counter Terrorism Center, who claimed terrorists had changed the way they encrypted messages and that many contacts had subsequently been lost as a direct response to Snowden.
There were more claims along a similar vein. But the Seattle-based Flashpoint Global Partners noted there is very little open source information available via jihadi online social media: “indicating that Snowden’s leaks impelled al-Qaeda to develop more secure digital communications. The underlying public encryption methods employed by online jihadists,” the report concluded, “do not appear to have significantly changed since the emergence of Edward Snowden. Major recent technological advancements have focused primarily on expanding the use of encryption to instant messenger and mobile communications mediums.” In other words, Snowden may have had no effect on these changes at all, and the best that can be said is that his influence here is difficult to quantify.
Perhaps, in terms of his legacy, Snowden said it best: “The biggest change has been in awareness. Before 2013, if you said the NSA was making records of everybody’s phonecalls and the GCHQ was monitoring lawyers and journalists, people raised eyebrows and called you a conspiracy theorist. Those days are over.”
John Chisholm is intersec’s International Security and Counter Terrorism Correspondent