Quoted: Google engineers curse NSA spying

“Unfortunately we live in a world where all too often, laws are for the little people. Nobody at GCHQ or the NSA will ever stand before a judge and answer for this industrial-scale subversion of the judicial process. In the absence of working law enforcement, we therefore do what internet engineers have always done – build more secure software.”

Mike Hearn, a Google software engineer based in Switzerland, joins U.S.-based Google engineer Brandon Downey in publicly hurling a profanity (starts with an “F”) at the NSA and its British equivalent, the GCHQ. Both engineers used Google+ to post their thoughts — which include the sentiment that the work they’ve been doing has gone down the drain — after reports by the Washington Post that the surveillance agencies had secretly intercepted Google and Yahoo data, and that the collection happens on British territory. By the way, the first story by the Post contained the following caption the accompanied a drawing of how the government is intercepting the data: “Two engineers with close ties to Google exploded in profanity when they saw the drawing.” It seems like it might be more than two.

In an interview with published this week by the Wall Street Journal, Google Chairman Eric Schmidt was a little more diplomatic — no F-bomb — but he did say: “It’s really outrageous that the National Security Agency was looking between the Google data centers, if that’s true. The steps that the organization was willing to do without good judgment to pursue its mission and potentially violate people’s privacy, it’s not OK.” He told the WSJ that the company has filed complaints with the NSA, President Obama and members of Congress.


Photo: An aerial view of the cooling units at the NSA’s new data center in Bluffdale, Utah. (Asssociated Press)



Tags: , , , , ,


Share this Post

  • Dave Killion

    Pot, meet Kettle. Kettle, this is Pot. You guys have more in common than you might think.

    I find it ironic that Google, who sees every email I send or receive and every search query I make (that admittedly, I consented to) in order to give me a “better online experience”, objects to governments doing the same thing.

    This kind of hypocrisy is along the same lines as Eric Schmidt wanting all UAV/drones taken out of the hands of private citizens because they might violate someone’s privacy… AFTER his fleet of Google Street-View cars have photographed and 3D-scanned every square inch of metro and suburban America.

    It seems to me that the real issue is that Google doesn’t like competition…

    • paulthe

      Although there is a huge difference between Google reading email and the NSA. In the worse case scenario, Google will just attempt to sell me something, with the NSA its a one way ticket to Gitmo.

      • Dave Killion

        While this is true, it’s incomplete.

        With any risk assessment, you must factor both the ramifications of the worst-case-scenario and the likelihood of said worse-case-scenario.

        What are the real odds of you getting black-bagged because of an NSA intercept vs. Google selling your personal information to make money?

        With the US pushing close to 314 million people, how many Gitmos would we need before the odds of you being one would be greater than 0.01%? Lots.

        On the other hand, Google will monetize every single one of its customers data to the fullest, so your odds there are exactly 100%.

        The reality is, NSA monitoring impacts the typical American considerably less than Google’s monitoring, which was my point.

        Google’s influence is less noticeable and more subtle, but much, much more pervasive than anything the government could hope to attempt.

        Anyone who says otherwise is selling you something.

    • Pedro Calmon

      This is complete non-sense. Your logic is fundamentally flawed. No one forces you to use Google. You can opt for another search engine, another email provider, another browser. You opt into Google.
      In the case of the NSA spying, you have no choice. There is no opt-out. There is option to “change providers”. The NSA clandestinely and illegally spied on you. That is a fundamental difference. Comparing Google with the NSA is absurd and shows your ignorance on the matter.

      • Dave Killion

        I like how you do a double-fallacy of circular argument and ad hominem by first declaring that my comparison is “absurd” simply because it is, and then assert that it means I’m therefore ignorant on the matter.

        It’s not complete nonsense, and actually I’m more well-informed than you might assume. Let’s stick to the facts here.

        You can “opt-out” of NSA spying through a variety of different means, most obviously by not using the Internet (either at all, or at least not for for nefarious activities), or barring that, using encryption/tunneling/anonymous proxies. PGP, TOR, OTR, SSL, SSH – all these technologies work.

        And more specifically this “collection” that everyone is getting so upset about has been going on for more than 25 years and actually pre-dates the Internet (65+ years if you count telegraph/teletype), and isn’t even really “spying”. It’s also not illegal, even without a FISA warrant. The details of this activity are also public knowledge if you know where to look (See Wikipedia for: Project Shamrock, Project Ivy Bells, Echelon, Carnivore, PRISM, etc).

        It becomes spying (requiring a FISA warrant) when a human operator specifies a specific search the collected datastore for details like email addresses, topics or keywords.

        There have been (illegal) abuses of this search system, aided tremendously by the PATRIOT Act and its extensions, and we need to highlight and prosecute those abuses to the fullest extent the law allows.

        But the collection and storage of the data is not illegal – in fact, it’s necessary, as you can’t search for something that isn’t there.

        And the US isn’t the only government doing this – Russia, China, Germany, France, even Switzerland all have their own collection infrastructures. Where’s your outrage over their actions?

        Google, on the other hand, systematically and automatically uses every bit of data you provide it in any way it can figure out how to make money from without creating a public backlash. Exactly how your personal data is used or how much money is made from it is completely opaque – Google will never tell.

        And the fact of the matter is, whether its Google, Bing, or some other search engine – you’re going to be tracked and your behavior sold regardless of which service you ‘Opt In’ to.

        The sooner people understand the full ramifications of that, the better.

        Truly, the only options to completely ‘Opt Out’ of the kind of monetization of your private data that Google, Bing, et al. engage in are EXACTLY the same options that you would use to avoid NSA monitoring – don’t use the Internet, or encrypt/anonymize your stuff.

        So explain to me how NSA and Google are different again?

        Finally, the fact you work for Google, specifically in the department responsible for getting the most money out of our data, means you might be just a bit biased, don’t you think?

        • Pedro Calmon

          Let’s start with the fact that I DO NOT speak for Google. I am here as an individual reader and the opinions expressed here are mine and not of my employer.

          In regards of me being biased, well, and you worked for the US Military/government on Electronic Surveillance, so aren’t you “biased” too? So, let’s stick to the facts:

          1) There is no “opt-out” from the NSA, as it is now known that they collect the meta-data from phone calls, monitor your snail mail, your credit card transaction, your flights, maybe via drones and pretty much anything else.

          2) Unlike Google, there is no End User Agreement. Google is very transparent about how it makes money. It is all right here (http://www.google.com/policies/privacy/) Don’t like it? Don’t use it. That simple. Unlike Google, the NSA never told me that it was going to collect metadata from my phone calls. It never told me that was recording my searches queries or recording my hangout sessions. Quite the contrary, they repeatedly DENIED it. While testifying in Congress, no less! It actually took a whistle blower for us to find out what they were doing.

          So no, those are two very different scenarios.

          • Dave Killion

            Likewise, I’m not speaking for the US Government. I do have some experience with the system, however, and understand how the information collected is used, just as you have experience with how Google uses their information.

            As for an equivalent “End User Agreement” for the government, I’d like to direct your attention to the Bank Secrecy Act (BSA) of 1970, the Foreign Intelligence Surveillance Act of 1978 (FISA), the Electronic Communications Privacy Act of 1986 (ECPA), the Money Laundering Control Act (MLCA) of 1986, and the PATRIOT Act of 2001. These are all public documents, available on a variety of media to anyone with the interest to look.

            The PATRIOT Act spells out quite clearly (in general terms, not specific collection techniques) the goals the NSA must achieve. If you take a close look at Title II and really think about what they’re saying, you’ll realize that all this stuff that Snowden “exposed” was already directed to NSA to perform for the last 12 years.

            Of course they’re not going to be very forthcoming as to precisely what they collect and how – this is espionage here, not show-and-tell.

            But my point all along has always been this:

            It is a fact that both Google and the NSA collect information on your telecommunication usage. You have a choice what they collect based upon how you use (or do not use) those telecommunication systems.

            There is difference is how they utilize that information – one monitors for indications of attack (spies), and other makes money for itself (monetizes).

            Both systems have a built-in capacity for abuse, and built-in safeguards to check that abuse, but neither are perfect.

            It seems very ironic to me that one would object to one agency collecting your information and not the other.

            All of what you said, which has been quite interesting and I’m sure quite truthful, doesn’t really change that point.

          • JonaD

            I agree with you, not Pedro… he is a dreamer. The single sticking point I have with your descriptions is the use of the term ‘spying’, where you said, “It becomes spying (requiring a FISA warrant) when a human operator specifies a specific search the collected datastore for details like email addresses, topics or keywords.”

            I think the more accurate representation is, effective usage. WHEN the data collected is USED to provide a solid basis for the prosecution of action against a person or group, then it should be called ‘spying’. In other words, IF collected data goes to say the FBI and they arrest someone for saying or doing something illegal, then that would be inappropriate use of simple hearsay evidence, as Prima facie to a case. But simply listening more closely to specific instances of interest, is not spying in my mind. For instance, if someone is sitting in another booth at a restaurant and hears you mention a FORD and so listens more intently to your voice because they have an interest in FORDs, then is that spying, or is that subjected voyeurism? Is the person in the next booth listening in, guilty of a violation of privacy and of sufficing illegal search and seizure? I say no. But when that person runs to the police and reports that you probably stole a FORD and the police come and arrest you for theft, that crosses the line, and law enforcement knows that, which is why they protect their snitches. The NSA can tell the FBI that so-and-so is talking about crack cocaine and THEN if the FBI is interested, they must get a search warrant to discover enough information, to try and bring in a criminal charge, they cannot present NSA documentation of previous collection as first person testimony evidence, it will be tossed out.

            SO again to me… this means that unless the collection of specific search data shows up in court as hearsay that has been authenticated enough, to charge someone with a crime, that the NSA is doing nothing wrong. Yes, I realize I’ve just cut out all the details, but in a nutshell, that path from NSA to ‘action’, is what I think will prevail at the Supreme Court level… has the NSA collections, specifically searched or not, short circuited across the protocols of law enforcement, thereby cutting out the middle man, and directly caused courts to issue warrants for arrest… so far, I’d say no.

      • JonaD

        That makes no sense Pedro, the NSA buys the access, it does not steal it, it uses networks set up by others, and those networks are in place and used under permissions, there is no opt out from using AT&T lines, or Google and Yahoo servers… if you want to find something online, you MUST use their services. So to be online, IS to give permissions… the only real OPT OUT, is NOT to be online.

    • JonaD

      No, the real issue is that Google is forced to sell data to the NSA on a set price schedule which is a discount of the fair market value. And until people rise up and overturn those contracts, they won’t be able to continue to steal and yes even with permissions *TO STEAL*, our data, and sell it back to us!, for a much higher price,… via the NSA.

  • JonaD

    IF and WHEN Google STOPS collecting and selling all the data it can get its hands on… then maybe what they say here, will matter.

  • JonaD

    The belief that people can opt out of Google is fantasy… one cannot opt out of Google and one cannot opt out of AT&T, one cannot opt out of telecommunications utilities or satellites or cups and string… IF they are using the system.

    What all this hype about the NSA surveillance program is providing, is a basis to completely disintegrate any rational claim that there is any real expectation for privacy, if a case comes to the courts. In other words, with all this media hysteria, how can ANYONE claim that they believe some agency or commercial group is NOT listening to their communications? I think that gives a tacit approval for any and all surveillance of information transported using the internet. A TOS does not have to be a written document… so I think Americans have pretty much given an implicit acceptance of a virtual TOS that allows the NSA to collect what it can, how it must… just as in the same way, I use the Google search engine, but I never signed any agreement granting Google the right to sell my usage data to Walmart… did I?! No.

  • alrui

    Yeah Google doesnt like the competition!

  • Bill

    So Google is relentlessly pushing to associate everything we do online with our real names and publish it for the whole world to see, but it’s bad for the NSA to get our private information surreptitiously? If Google had their way, there’d be no private information to protect!

    “If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place.”

    Great flaming bags of hypocrisy.