Interview: Online Security Expert Bruce Schneier
EMMA ALBERICI, PRESENTER: One of the world’s leading experts in online security is Bruce Schneier. He’s a fellow at Harvard University’s Berkman Center for Internet and Society. His latest book, ‘Data and Goliath’, is about how governments and corporations are using and controlling our data.
I spoke to Bruce Schneier from Minneapolis.
Bruce Schneier, welcome to Lateline.
BRUCE SCHNEIER, AUTHOR, ‘DATA AND GOLIATH’: Thanks for having me.
EMMA ALBERICI: How much of our privacy are we unwittingly giving away?
BRUCE SCHNEIER: We’re giving away a lot of privacy. We do it unwittingly because of the devices we carry and use: our cell phones, our computers, all the computers we interact with. These all produce data about us, about the transactions and that data is recorded, stored and used.
So we give away a lot of privacy as we send and receive messages, as we buy things online, as we carry our cell phone around. It’s extraordinary how much data we produce.
EMMA ALBERICI: Why does it matter that we’re giving up our privacy? What’s the harm in it?
BRUCE SCHNEIER: Well, the harm is that you’re under constant scrutiny. We know that people who are under constant surveillance are more conformist, that they’re less individual, less free. There’s a potential of abuse by governments, by corporations, whether for purposes of social control, whether purposes of manipulation and advertising.
There’s a lot of value in our society to having privacy. And it’s a right that you don’t notice missing ’til it’s gone, which is why sometimes it’s hard to talk about it in the abstract. But it’s very valuable.
EMMA ALBERICI: Our Government will this month pass metadata retention laws. This will force all Australian telecommunications companies to store customers’ metadata for two years for warrantless access by law enforcement agencies: so pretty much unfettered access. Now, authorities say this is critical for foiling terror plots and for investigating other crimes. What do you say?
BRUCE SCHNEIER: Well, in the United States we know that that data is not critical to foiling terrorist plots and investigating crimes. I mean, you know it’s true because crimes have been investigated decades before this metadata even existed or was saved.
This kind of access – warrantless access, suspicionless access – I think it’s very dangerous to give a government. The reason we have a warrant process is to protect us from police overreach. Without that process, you have very extraordinary levels of surveillance by government on the entire population.
EMMA ALBERICI: The Australian Government has tried to assuage our fears by saying that metadata is a different style of data, a much more benign intrusion into our privacy; that it’s really just the address of the email or the SMS, rather than the content and, therefore, no harm done?
BRUCE SCHNEIER: You know, metadata is a different kind of data but it actually is very intimate. If you call a suicide prevention hotline, it doesn’t matter what you say; it’s the fact that you called them. Metadata reveals who we’re intimate with, who we associate with, what our interests are, who we are, what we are. And because it can be processed by computers automatically, it’s not voice conversation, it’s just data. It allows people with access to that metadata to do very extensive levels of surveillance.
When the Government says “It’s only metadata”, what they’re really saying is: “You’re only under surveillance.”
EMMA ALBERICI: What does the experience of other countries tell us in terms of the success of mandatory data retention regimes, in terms of reducing crime rates?
BRUCE SCHNEIER: Well, what we know about data retention and metadata collection in the US, Germany and other countries is that it’s not essential. In the US we are asking again and again for the government to provide evidence, real-world actual crimes where this metadata was essential; real terrorist plots that were foiled. And we’re just not getting that. That doesn’t exist.
In most cases, crime is prevented, terrorism is prevented by following the leads; not through broad collection but through targeted investigation.
EMMA ALBERICI: Governments tell us if we have nothing to hide then we have nothing to fear from State surveillance?
BRUCE SCHNEIER: You know, the “nothing to hide” argument comes up again and again and it’s obviously ridiculous. Privacy is not about something to hide. Privacy is about human dignity. Privacy is about individuality. Privacy is about being able to decide when and how we show ourselves to other people.
You know, to say that privacy is about something to hide: it takes a very narrow view about privacy. And I assure you all of those politicians don’t reveal everything about themselves.
EMMA ALBERICI: Well, as a matter of fact, our Communications Minister has admitted that he uses the encrypted messaging app Wickr. How widely is that used?
BRUCE SCHNEIER: You know, we’re seeing a rise of a lot of what are known as “ephemeral apps”: phone apps and computer apps where messages disappear or can’t be saved for text messages, for photos.
There was a survey, a worldwide survey about the Snowden documents and what people were doing in response to them. And I ran the numbers and about 700 million people around the world have changed their habits due to the NSA and Edward Snowden. Now, maybe what they did wasn’t effective but it’s extraordinary how many people are taking steps to preserve their privacy in this world of extensive government surveillance.
EMMA ALBERICI: Can you please give our viewers some tips about how to improve their online privacy?
BRUCE SCHNEIER: Well, a lot of things you can do to protect your privacy online involve downloading apps that you will install in your browser. So there are apps to make sure that you can use an encrypted link between you and your web server. There are apps for encrypted messaging. Again, a lot of these are around the edges; there are things that they can’t protect. But there are tools – and they’re easily Google-able or searchable for – that you can use to protect your privacy.
I recommend using them all. I recommend encrypting your hard drive and encrypting your cell phone. All of these things help.
Privacy is primarily a political problem. There are technical things we can do but the solutions really are political. What people should do is observe surveillance, talk about it and fight for privacy. This is very important.
And we’re right now in the world of big data, where everyone’s collecting everything. We need some push-back against that to protect us from governments, from corporations, to preserve our privacy and dignity. And that’s going to be a legal process.
EMMA ALBERICI: What would your message be to the Australian Senate as they debate these metadata retention laws?
BRUCE SCHNEIER: That privacy is valuable. Privacy is a fundamental human need. And if we lose that in a misguided effort to fight crime or terrorism, we really are losing something important.
This is not as simple as “you have nothing to hide”, this is not as simple as “it’s only metadata.” These are deeply personal, important issues. And we need to preserve our privacy moving forward. It can’t be that having computers involved in our lives means we give up privacy. It’s not going to work for our society long-term.
EMMA ALBERICI: Bruce Schneier, some fascinating insights there. Thank you so much for taking the time to share them with us.
BRUCE SCHNEIER: Thank you.
EMMA ALBERICI: Has your personal data been used in unexpected ways? Or do you know of apps or websites which have compromised your privacy without your permission? We want to hear your story. So you can contact us through our website or on Twitter and Facebook.