The Washington Post

PRISM works because a ton of data moves through U.S. servers. That’s also why it could fail.

(Photo by Frédéric BISSON)

The White House really doesn't want you to know what it knows about you. The risk, supposedly, is that disclosing how the nation's intelligence apparatus works would give terrorists and criminals an advantage. But in the long run, the government's penchant for secretiveness could actually undermine its ability to spy on terrorists.

One of the reasons electronic surveillance tools such as PRISM work so well is because much of the world's Internet traffic goes through U.S. servers. The American companies that own and operate that equipment can be subpoenaed and the data handed over to the government. Voila — intelligence secured!

But that works only so long as the traffic keeps going where intelligence agencies want it to go. There are signs now that the gravy train of easy data is coming to an end. Foreign companies who once considered hosting their information on U.S. servers are beginning to change their minds. And they're not the only ones. Governments are growing more wary, too.

Brazil, for example, is weighing a law that would bar companies such as Google and Facebook from storing data on its citizens in servers based in the United States. Instead, the data would have to be stored domestically, under Brazilian jurisdiction.

Then there are independent communications services that vow to have nothing to do with the United States or its allies. Kim Dotcom, the creator of the filesharing website MegaUpload, said earlier this month that he intends to build a new encrypted e-mail service, possibly in Iceland.

"I expect that more and more Internet businesses will find the hostile U.S. environment unbearable and will move their business elsewhere," he told TorrentFreak. "Who wants to store any sensitive data on U.S. based servers anymore?"

Of course, many of the Internet's largest companies — Google, Facebook — are still probably going to do much of their work in the United States. And the NSA has other tools at its disposal for going after unencrypted foreign communications, such as XKeyscore.

But thanks to the NSA leaks and the government's reluctance to fully disclose its activities, criminals are about to have more ways to evade online detection than ever. Investigators' jobs will get far more difficult if their suspects' communications suddenly vanish from U.S. servers and reappear in an encrypted format in a country that won't cooperate with American demands. The task for Washington, then, is to keep data from fleeing the country.

One way it can do that is by clearing up the rules associated with information requests, says Christian Dawson, co-founder of the Internet Infrastructure Coalition. Being more specific about what is being seized — and lifting the gag order that prevents companies from telling their customers about it — may help restore international confidence in the system. It's not a weakness to be transparent, in other words. To the contrary, it gives companies greater assurance that the system is not being secretly abused or subverted.

"The Electronic Communications Privacy Act was written in 1986, before the rise of the commercial Internet," says Dawson. "It forces law enforcement to use terminology that doesn't make a lot of sense to this industry. A lot of well-informed officers will come to us and ask for things like subscriber information. I'll say, 'Well, we're a Web hosting company. We don't have subscriber information. What is it you really want?'

"The more comfortable companies are hosting in the United States, the more the economy grows," Dawson adds. "Without that, you push law enforcement's problem cases out to the fringe."

Brian Fung covers technology for The Washington Post, focusing on telecommunications and the Internet. Before joining the Post, he was the technology correspondent for National Journal and an associate editor at the Atlantic.



Success! Check your inbox for details. You might also like:

Please enter a valid email address

See all newsletters

Show Comments
Most Read



Success! Check your inbox for details.

See all newsletters

Your Three. Videos curated for you.
Play Videos
What can babies teach students?
Unconventional warfare with a side of ale
A veteran finds healing on a dog sled
Play Videos
A fighter pilot helmet with 360 degrees of sky
Is fencing the answer to brain health?
Scenes from Brazil's Carajás Railway
Play Videos
How a hacker group came to Washington
The woman behind the Nats’ presidents ‘Star Wars’ makeover
How hackers can control your car from miles away
Play Videos
Philadelphia's real signature sandwich
Full disclosure: 3 bedrooms, 2 baths, 1 ghoul
Europe's migrant crisis, explained
Next Story
Andrea Peterson · August 20, 2013

To keep reading, please enter your email address.

You’ll also receive from The Washington Post:
  • A free 6-week digital subscription
  • Our daily newsletter in your inbox

Please enter a valid email address

I have read and agree to the Terms of Service and Privacy Policy.

Please indicate agreement.

Thank you.

Check your inbox. We’ve sent an email explaining how to set up an account and activate your free digital subscription.