By Graham K. Rogers

There has been a lot of information - and some misinformation - flying about in the last week or so concerning a program called PRISM, with a lot of that information being damage-limitation by the very people highlighted as a result of the publicity: particularly the NSA and other security agencies. It now appears the the whistleblower, Edward Snowden, was right: these US agencies are spying on US citizens (and the rest of us of course).

Some will have to pay the consequences: and I do not just mean Snowden, who like Bradley Manning is being set up as some kind of patsy to protect the wrongdoings of those who are supposed to protect.

That there has been surveillance was no surprise to me. In the 1990s, when contributing to the Bangkok Post, Database, I wrote a series of three articles on Echelon: a spy system set up by the authorities of Australia, Canada, New Zealand the UK and the USA that monitored telephone (voice, fax, data): mainly wire-based transmissions.

• Part 1 - How Secure are your Business Communications?
• Part 2 - How the Centre Spies on the Periphery
• Part 3 - The Expansion of Digital Control

At that time it was clear that, although the UK and US were theoretically barred from monitoring any signals from their own citizens, if the UK (for example) trapped a juicy item of information about someone from the USA, that would be passed on. It would be naive to assume that other Echelon countries did not join that data-sharing party; and other countries outside Echelon may also have shared similar data.

The events of 9/11 changed everything. Apart from the horror of the disgraceful attacks, it was clear that international terrorism was the new pornography: the useful excuse that made opposition to surveillance questionable, when the programs themselves should have been more closely examined. Authorities in many countries, particularly the USA worked hard to make sure they had the tools that (they said) would provide the answers, even though - despite having the tools - they still sometimes fail when it comes to their stated task of protecting the country.

The problems with spooks is that they live and operate in a closed environment. Their jobs revolve around security, terrorists, criminals, lying and deception; although as with the deployment of Stuxnet, "our" methods are acceptable, theirs are not.

Any closed organisation develops its own protective view of the world. When I was a UK policeman in the 1970s, canteen conversation (work-related, social and political) would not match ideas of the world outside; and when I was a student in the 1980s, with the Falklands War, the Miners' Strike and rising unemployment, the debates on campus would not match the views expressed in (say) The Daily Express or The Sun.

The job of the NSA is security of the USA. Within the Agency (and other related agencies) there will be ideas and theories about how that protection may best be done (actively and otherwise). It is perhaps no coincidence that the governments of the UK, Canada, Australia and New Zealand, as well as the USA, have all at some time in recent years been pushing for legislation that will allow law enforcement agencies greater access to internet traffic. In the UK, this has been dubbed, "The Snooper's Charter" and there is staunch opposition to it.

The current (Tory) government opposed the idea when it was first put forward by the previous Labour government, but once in power, their advisers (who had earlier advised Labour) must have provided irresistible arguments and the Home Secretary (Interior Minister), Teresa May, crumbled. After another public outcry, the Liberal-Democrat coalition partners of the Tories flexed their muscles for once and the Bill was apparently dead. But not for long. Governments and their bureaucrats really want this control.

In the meantime, the chorus from the Echelon group has continued in the background, with one or other of the member countries (supported by noises from the USA) wringing their hands and wailing about protection from terrorism, pornography and international organised crime (a new one added to the list).

The problem with Presidents, particularly weak ones, is that they are all too willing to act on what their advisers say. In the aftermath of 9/11, Bush (with Cheney particularly and Rumsfeld), along with a submissive Congress allowed many changes to buttress the security services, but without the necessary protections to personal freedom, which saw far too much erosion. The Press likewise rolled over, failing to check the facts on too many occasions.

Obama, despite his promises at the time of his election, and the increased strength he should have in his second term, has disappointed many by his failures here, listening to his advisers, but not listening to himself. The sticky hands of his Attorney General, Eric Holder, are particularly evident in a number of the (perhaps illegal) programs.

The Foreign Intelligence Surveillance Act (FISA) court set up was a rubber stamp to provide a legal framework by providing warrants (sometimes after the event) at the behest of the security services. To expect that the surveillance if US citizens would not occur when the framework was used to check and store data from signals coming into or leaving the country was perhaps wilful blindness on the part of the lawmakers. So few asked about spying on US citizens. Those who did were apparently lied to (Declan McCullagh). Several politicians and commentators think that violating the Fourth Amendment to implement warrantless government surveillance is acceptable.

As part of the information released about the program called PRISM, it appears a number of high profile companies are implicated in the sharing of data with the NSA. There have been careful denials: one or two strong ones as well. Along the way the NSA stated that the companies were not allowed to even mention if they had or had not been asked.

It is interesting therefore to look at the companies that are alleged to be providing the NSA with information (Oliver Wainright): Microsoft, Yahoo!, Google, Facebook, PalTalk, YouTube, Skype, AOL and Apple (last on the list and added October 2012, a year after Steve Jobs died). The slides are not very good and I would criticise any student that produced anything like this, which detracts from their value.

Significantly absent from that list is Adobe, which seems odd considering the number of PDFs that government agencies produce each day and the amount of Adobe software in use at the NSA.

See also Part Two: The Devices We Use

Graham K. Rogers teaches at the Faculty of Engineering, Mahidol University in Thailand where he is also Assistant Dean. He wrote in the Bangkok Post, Database supplement on IT subjects. For the last seven years of Database he wrote a column on Apple and Macs.