Open source software can be one answer to combating the global surveillance of innocent citizens, said security expert Mikko Hypponen in his keynote last week at LinuxCon and CloudOpen Europe in Edinburgh.
Advances in computing and the rise of global networks have made the storage and transmission of data cheap and easy. This has created unparalleled connectivity, progress and innovation, Hypponen said. But it’s also enabled large-scale access to that data as demonstrated by the NSA’s PRISM program, made public this year in a series of top-secret document leaks by former U.S. government contractor Edward Snowden.
“In the last few years we've realized data is cheap. We never have to delete anything anymore, ever,” said Hypponen, chief research officer at F-Secure in Finland. “This has enabled lots of great things but also global wholesale blanket surveillance.”
Such access to our personal data, including cell phone records, geolocation, email and search engine queries, may be warranted in some cases, Hypponen said.
“I do believe some surveillance is OK,” he said. “If there's an investigation into finding a school shooter or drug lord or member of a terrorist cell… we should have the technical means of doing that. But we must first have the suspicion.”
But collecting the communications and personal data of “everyone” is not only a violation of privacy, but a threat to democracy, Hypponen said.
“Even if you don't have a problem with our government today, we don't know what the government will be 20 years from now,” he said. ”If they have 20 years of your search data, they'll find something illegal or embarrassing to twist your hand.”
Though the leaks have caused some IT professionals to question the safety of their data stored with and routed through U.S. service providers, avoiding these companies and services won’t solve the problem, Hypponen said. Neither can each country afford the time and expense of building its own alternatives.
Working across international boundaries, developers should band together to build secure and reliable software and services that prevent back-door tampering and ensure users’ privacy, Hypponen said.
“I suggest that open source provides a solution to this problem,” he said. “Then countries don't have to work alone. It will be secure, open and free.”