Ronald Deibert: For non-Americans, NSA's massive surveillance is unsettling
Deibert: While cyberspace may be global, its infrastructure most definitely is not
He says much of global Internet traffic flows through networks controlled by the U.S.
Deibert: U.S. needs to rethink the global implications of its domestic surveillance policies
Editor’s Note: Ronald Deibert is a professor of political science at the University of Toronto, where he is director of the Canada Centre for Global Security Studies and the Citizen Lab at the Munk School of Global Affairs. He is author of “Black Code: Inside the Battle for Cyberspace” (Signal/McClelland & Stewart, 2013).
In 2011, I was on a panel, organized by the security company RSA, with two retired National Security Agency directors, Michael Hayden and Kenneth Minihan. During the course of our debate, I raised concerns, as the only non-American on the panel, that their plans and preferences for having the NSA secure cyberspace for the rest of us were not exactly reassuring. To this, Minihan replied that I should not describe myself as “Canadian” but rather “North American.”
As jarring as his response was, the fact of the matter is when it comes to communications, he’s right. Practically speaking, there is no border separating Canadian from U.S. telecommunications – though that’s not true the other way around. Primarily, this one-way dependence is a product of history and economics. Canadians’ communications are inextricably connected to networks south of the border and subject to the laws and practices of the U.S. over which we, as foreigners, have no say or control.
For American citizens, the recent NSA scandal has touched off soul-searching discussions about the legality of mass surveillance programs, whether they violate the Fourth and Fifth Amendments of the U.S. Constitution, and whether proper oversight and accountability exist to protect American citizens’ rights.
Indeed, with respect to the case of PRISM, NSA’s secret set of tools used to collect data about overseas Internet communications, some argue the program actually enhances those safeguards for Americans – because it appears that collection of company data was segregated in such a way to limit the collection to “foreign citizens.” As reassuring as this may be for Americans, for the rest of us non-Americans who enjoy our Gmail, Google Docs, and Facebook accounts, it’s definitely unsettling: We’re all fair game.
While cyberspace may be global, its infrastructure most definitely is not.
For example, a huge proportion of global Internet traffic flows through networks controlled by the United States, simply because eight of 15 global tier 1 telecommunications companies are American – companies like AT&T, CenturyLink, XO Communications and, significantly, Verizon.
The social media services that many of us take for granted are also mostly provided by giants headquartered in the United States, like Google, Facebook, Yahoo! and Twitter. All of these companies are subject to U.S. law, including the provisions of the U.S. Patriot Act, no matter where their services are offered or their servers located. Having the world’s Internet traffic routed through the U.S. and having those companies under its jurisdiction give U.S. national security agencies an enormous home-field advantage that few other countries enjoy.
But there are unintended consequences of the NSA scandal that will undermine U.S. foreign policy interests – in particular, the “Internet Freedom” agenda espoused by the U.S. State Department and its allies.
The revelations that have emerged will undoubtedly trigger a reaction abroad as policymakers and ordinary users realize the huge disadvantages of their dependence on U.S.-controlled networks in social media, cloud computing, and telecommunications, and of the formidable resources that are deployed by U.S. national security agencies to mine and monitor those networks.
For example, in 2012, Norwegian lawmakers debated a ban on the use by public officials of Google’s and Microsoft’s cloud computing services. Although shelved temporarily, this type of debate will almost certainly be resurrected and spread throughout Europe and other regions as the full scope of U.S.-based “foreign directed” wiretapping and metadata collection sinks in.
Already we can see regional traffic to the United States from Asia, Africa and even Latin America gradually declining, a trend that is almost certainly going to accelerate as those regions ramp up regional network exchange points and local services to minimize dependence on networks under U.S. control.
Many of the countries in the Southern Hemisphere are failed or fragile states; many of them are authoritarian or autocratic regimes. No doubt the elites in those regimes will use the excuse of security to adopt more stringent state controls over the Internet in their jurisdictions and support local versions of popular social media companies over which they can exact their own nationalized controls – a trend that began prior to the NSA revelations but which now has additional rhetorical support.
In the age of Big Data, the revelations about NSA’s intelligence-gathering programs touched many nerves. The issue of surveillance won’t go away, and Americans will need to figure out the appropriate safeguards for liberty in their democracy. It’s an important debate, but one that doesn’t include us “foreigners” that now make up the vast majority of the Internet users. Americans would do well to consider the international implications of their domestic policies before they come home to bite them.
Follow us on Twitter @CNNOpinion.
Join us on Facebook/CNNOpinion.
The opinions expressed in this commentary are solely those of Ronald Deibert.