Why the NSA has landed us all in another nice mess

by John Naughton

The Observer

Fans of Stan Laurel and Oliver Hardy will fondly remember Oliver’s complaint to Stanley: “Well, here’s another nice mess you’ve gotten me into!” In a future remake, Hardy will be played by Barack Obama, suitably enhanced with a toothbrush moustache, while Keith Alexander, currently head of the U.S. National Security Agency, will star as Laurel. The scene in which this particular bit of dialogue occurs is the Oval Office, which for the purposes of the scene is littered with flip charts summarizing the various unintended consequences of the NSA’s recent activities, as relayed by Edward Snowden.

One chart, supplied by the Department of Commerce, lists the collateral damage inflicted by the revelations on major U.S. Internet companies. Until the Snowden story broke last June, it was a racing certainty that they would dominate the world market for cloud-computing services. Maybe they still will, but the odds have lengthened.

Another chart comes from the State Department and contains a long list of woes. It starts with how the NSA’s activities have comprehensively undermined U.S. foreign policy in relation to the Internet. Quotations from Hillary Clinton’s lofty speech of Jan. 21, 2010, about Internet freedom will be highlighted, but now annotated with exclamation marks.

For example, this passage: “Governments and citizens must have confidence that the networks at the core of their national security and economic prosperity are safe and resilient. Now this is about more than petty hackers who deface websites. Our ability to bank online, use electronic commerce, and safeguard billions of dollars in intellectual property are all at stake if we cannot rely on the security of our information networks.”

These are the same networks where the encryption used to protect online financial transactions has been compromised by the NSA’s back doors.

Then there’s the bit of U.S. foreign policy that aimed to ensure governance of the Internet stayed with organizations that are heavily influenced, if not controled by, the U.S. government.

Again, there will be an annotated excerpt from Clinton’s celebrated speech: “We stand for a single Internet where all of humanity has equal access to knowledge and ideas. And we recognize that the world’s information infrastructure will become what we and others make of it.”

The ideal of a single, global Internet — one network under God and Uncle Sam — was already under threat as China, Russia, India and other major powers rushed into cyberspace. Now the Balkanization of the Net has become another racing certainty because no major government (except perhaps the benighted U.K. administration) will any longer accept that the Internet is safe in American hands.

For me, the most interesting flip chart in the hypothetical scene will be one provided by the president’s council of advisers on science and technology. It summarizes the response of the Internet-engineering community to the NSA’s attempt to “commandeer” the Net. The charts will include reports of the most recent meeting of the Internet-engineering task force in Vancouver at which the consensus was that all Web communications should be encrypted by default; the decision by Google and other major Internet companies to implement an encryption system known as “perfect forward secrecy”; and the emergence of new, heavily encrypted email services.

Because of the resources allocated to the NSA, and the “legal” umbrella under which it operates, these developments will not in themselves end online surveillance, but they will make the effortless superiority that oozes from the Snowden documents look like boasts from a golden age. The spooks are going to find themselves wading through a lot of electronic treacle.

Given their technical virtuosity, many of them will relish this new technical challenge. But before we wade too deep into that mire, we need to stand back. The “mess” that the NSA (and Britain’s own GCHQ) has landed us in is a symptom of a major failure of our political systems. All democracies are impaled on the horns of the same dilemma: They need openness, because the consent of the governed requires that people know what is being done in their name; but sometimes openness undermines the efficacy of the secret (and perhaps necessary) things that are done in their name. The choice is then between sacrificing accountability or sacrificing secrecy.

What we have learned recently is the extent to which our rulers dodged that choice: They lifted the veil just a bit to give a semblance of accountability. What Snowden has shown us is that it was just a semblance. We urgently need something better and if we don’t get it then we could be, as one spook put it, “a keystroke away from totalitarianism”. And that would be a different kind of mess altogether.