The massive scope of the National Security Agency’s global data collection activities has prompted outrage from privacy advocates and concern from citizens all over the world, but it ultimately exposes how the digital bits given up by people can be put together to uncover intimate details about their lives, according to a security industry luminary.
The amount of data being collected, shared and sold by data brokers is happening on a huge scale and the protection of the information may require regulation, said Bruce Schneier, chief technology officer at Cambridge, Mass.-based Co3 Systems. Everyone's daily lives produce transaction records, and that data is a byproduct of computers, said Schneier, a noted cryptographer who reviewed many technical documents leaked by former NSA contractor Edward Snowden.
"We are all leaving digital footprints everywhere in our lives. We are all leaving digital exhaust everywhere we go," Schneier said. "This data is fundamentally surveillance data."
Schneier told attendees at the 2014 SOURCE Boston security conference Wednesday that data collection and big data analytics is the fundamental issue of the information age. The tension between the value of the information to the group and its personal nature to the individual needs to be addressed now, Schneier said. People will have to determine to what extent the data is secured and shared and what privacy protections are in place to address personal information, he added.
"I think this is the issue by which we will be judged when our grandchildren read the history of the early years of the Internet," Schneier said. "The NSA [issues are] coming to a head right now in the press, but it is way bigger than the NSA. ... How is it that we ignored all of these data issues?"
Big data analytics, the process of bringing together the silos of data being collected on people, can be used to potentially solve massive issues such as cancer and other health-care issues as well as smaller-scale problems such as city planning, say data scientists, who are researching the complex privacy, security and ethical issues prompted by the activity. At the Engaging Data summit at the Massachusetts Institute of Technology in November, American linguist, philosopher and activist Noam Chomsky called for increased transparency over data collection practices. Data scientists want access to the data, but privacy advocates are promoting tight oversight of data collection and analysis.
At the information security conference Wednesday, Schneier called data a byproduct of an information society’s socialization. As more of our human interactions are mediated by networks, those interactions produce data, phone call records and texts. Many of those instant messages, emails, photos, calendar items and other documents are on remote servers owned by tech companies, giving Google and Microsoft, for example, a lot of control over what happens to that information.
People are giving away personal information that exposes intimate details about their life as the cost of getting free services and for the sake of convenience, Schneier said. The public is happy to share data but unhappy with the inferences made with all the data that they are sharing, Schneier said.
The amount of data being given up by individuals has increased significantly in recent years, fostered by the cheaper cost of data retention, according to Schneier. Data that was thrown away 10 years ago is now being saved, he said. There was a point where many people stopped sorting email and began just saving it all, Schneier said. Now search has become cheaper than sort, he said.
“It’s not like the NSA woke up one day and said, 'Let's conduct surveillance.' The NSA woke up one day and said, 'Corporations are collecting it, let’s get ourselves a copy,' " Schneier said.
PUBLISHED APRIL 9, 2014