So Mr. Edward Snowden is sitting somewhere in the transit area of Moscow’s Sheremetyevo airport, and whenever he is not being debriefed by Mr. Putin’s intelligence agents he talks to journalists, releasing bits and pieces of what he knows in a professionally orchestrated sequence.
And scores of citizens who now learn the extent and (some) details of the strategic communication surveillance and data mining to which they have been exposed by the U.S. PRISM and U.K. Tempora programs express anger and dismay, especially in Europe. OhMyGod, everything we uploaded into our Dropboxes, Skydrives, Google and Evernote accounts, we assumed that to be private. But Wail! – the spooks have been looking at it all the time!
The EU political class has so far chosen to react along the established lines of diplomacy, “expressing serious concern” and “demanding explanations.” In actuality, the bugging of European Union offices not only in Washington and New York, but even at EU headquarters in Brussels, is cause for much more than just “concern” to Europe’s political bureaucrats: they have to assume that the NSA has dossiers on pretty much every political decision maker (and influencer) because every single electronic communication is now suspect of having been intercepted — to a good extent with “special relationship” assistance from the U.K., which is still a EU member at least in some ways (pending the official decision to secede).
There is mostly silence from those who probably are a prime target of these Big Data intelligence efforts: the small and medium enterprises. We shouldn’t fool ourselves for a moment: we are not looking at a battle line in any “war on terror” here, not even on issues of real military significance. What we are looking at is a section of the cyber component of a hidden non-shooting, multilateral war that is fought for one single goal, dominance. And what you need to achieve domination in today’s globalized world is, ultimately, not the strongest army but the strongest economy. Economy is driven by innovation; and as we all know the level of innovation contributed by SMEs is disproportionately high in the most dynamic areas — such as the life sciences. At the same time SMEs rarely have the digital defenses that multinational companies deploy as a matter of routine.
So that silence is probably rooted in embarrassment: how could we have not known? How secure are our corporate data in the cloud services we are using? How confidential are our emails?
H.M. Pharma Consultancy has tried for more than a decade to convince our SME clients that encryption should be used in our communications for their own protection. (And, unspoken, also for ours: if critical information is leaked, the first target of fingerpointing is the external consultant.) With few exceptions, we did not succeed because the great majority of our clients perceived online security as a non-issue and refused to introduce another layer of complexity. So thank you Mr. Snowden, perhaps you provided a wakeup call.
In the wholesale surveillance environment which we are now seeing exposed, enmeshed with the carelessness of users who are unaware how they can be traced and patterned, encrypting one’s messages effectively marks you as somebody who has something to hide; which probably is something sinister. And that configuration plainly goes the wrong way down the road. Only by encrypting a significant portion of the most innocuous messages we can collectively claw back our right to digital privacy and confidentiality.
There are relatively hassle-free ways to communicate electronically – from PCs as well as from smartphones – that do not only encrypt the contents of your messages but also hide the metadata (i.e., whom you messaged when and with which type of message). One interesting very new option we are currently evaluating is Bitmessage, a decentralized and fully encrypted peer-to-peer email system with an additional broadcasting feature. Its ideal for asynchronous communication (as opposed to chats, for which there are similar solutions). No attachments possible yet, but that’s only a matter of time. You can learn more and download Bitmessage herefor all operating systems.
A Bitmessage address is a hash, and looks like this:
BM-2DB4Z3ee6C9mbtKx92q56Xt1uT1YNBeiq9
That’s a H.M. Pharma Consultancy address, and if you send us a bitmessage we will respond; but don’t use this for serious business… not yet.