Snowden effect



In 2013, Edward Snowden, a former NSA contractor, leaked NSA documents that revealed the agency was collecting data from the electronic communications of United States citizens. Other disclosures included information about PRISM, the agency's data collection program, a surveillance metadata collection and XKeyscore, which supplies federated search capabilities for all NSA databases. Since that time, there have been perceptible increases in the general public's knowledge about the U.S. government's cybersecurity initiatives and awareness of how those initiatives have impacted the privacy of individuals, businesses and foreign governments.

On September 2, 2020, a US federal court ruled that the US intelligence's mass surveillance program, exposed by Edward Snowden, was illegal and possibly unconstitutional. They also stated that the US intelligence leaders, who publicly defended it, were not telling the truth.

Snowden's disclosures have fueled debates over mass surveillance, government secrecy, and the balance between national security and information privacy, and have resulted in notable impacts on society and the tech industry, and served as the impetus for new products that address privacy concerns such as encryption services. Collectively, these impacts have been referred to by media and others as the "Snowden effect".

On society
In July 2013, media critic Jay Rosen defined the Snowden effect as "Direct and indirect gains in public knowledge from the cascade of events and further reporting that followed Edward Snowden's leaks of classified information about the surveillance state in the U.S." In December 2013, The Nation wrote that Snowden had sparked an overdue debate about national security and individual privacy. At the 2014 World Economic Forum, Internet experts saw news that Microsoft would let foreign customers store their personal data on servers outside America as a sign that Snowden's leaks were leading countries and companies to erect borders in cyberspace. In Forbes, the effect was seen to have nearly united the U.S. Congress in opposition to the massive post-9/11 domestic intelligence gathering system. In its Spring 2014 Global Attitudes Survey, the Pew Research Center found that Snowden's disclosures had tarnished the image of the United States, especially in Europe and Latin America.

In May 2014, the Obama administration appointed William Evanina, a former FBI special agent with a counter-terrorism specialty, as the new government-wide National Counterintelligence Executive. "Instead of getting carried away with the concept of leakers as heroes," Evanina said in August, "we need to get back to the basics of what it means to be loyal. Undifferentiated, unauthorized leaking is a criminal act." While dealing with insider threats had been an intelligence community priority since WikiLeaks published Chelsea Manning's disclosures in 2010, Evanina said that in the aftermath of Snowden's June 2013 revelations, the process "sped up from a regional railway to the Acela train." A year later, 100,000 fewer people had security clearances.

In September 2014, Director of National Intelligence James Clapper said Snowden's leaks created a perfect storm, degrading the intelligence community's capabilities. Snowden's leaks, said Clapper, damaged relationships with foreign and corporate stakeholders, restrained budget resources, and caused the U.S. to discontinue collecting intelligence on certain targets, putting the United States at greater risk.

In October 2014, former Director of the National Counterterrorism Center Matthew G. Olsen told CNN that Snowden's disclosures had made it easier for terrorist groups to evade U.S. surveillance by changing their encryption methods. Olsen said intelligence collection against some individuals of concern had been lost, preventing insight into their activities. By July 2015, ISIL had studied Snowden's disclosures and, said U.S. officials, its leaders were using couriers or encrypted communications that Western analysts could not crack.

In February 2015, National Counterterrorism Center director Nicholas Rasmussen told Congress that Snowden's disclosures had damaged U.S. intelligence capabilities. Rasmussen said the government knew of specific terrorists who, after learning from Snowden's leaks how the U.S. collected intelligence, had increased their security measures by using new types of encryption, changing email addresses, or abandoning prior methods of communicating.

Reflecting on the effect of his leaks, Snowden himself wrote in February 2015 that "the biggest change has been in awareness. Before 2013, if you said the NSA was making records of everybody's phone calls and the GCHQ was monitoring lawyers and journalists, people raised eyebrows and called you a conspiracy theorist. Those days are over."

In March 2015, USA Today reported that the Snowden effect had hit The Guardian. Journalist Michael Wolff, who wrote for The Guardian for many years, asserted that the recent selection of Katharine Viner as editor-in-chief "can be read as, in part, a deeply equivocal response on the part of the paper's staff, with its unusual power in the process of selecting a new editor, to the Snowden story." According to Wolff, there had developed "a sense of journalistic queasiness around Snowden, difficult to express at the party-line Guardian. Questioning Snowden's retreat to Russia and his protection by Vladimir Putin was internally verboten."

Technology industry
In the technology industry, the Snowden effect had a profound impact after it was revealed that the NSA was tapping into the information held by some U.S. cloud-based services. Google, Cisco, and AT&T lost business internationally due to the public outcry over their roles in NSA spying. A study by the Information Technology and Innovation Foundation published in August 2013 estimated that the cloud-based computing industry could have lost up to $35 billion by 2016. The Wall Street Journal named "the Snowden effect" as 2013's top tech story, saying Snowden's leaks "taught businesses that the convenience of the cloud cuts both ways." The Journal predicted the effect would top 2014 news as well, given the number of documents yet to be revealed. In China, the most profitable country for U.S. tech companies, all are "under suspicion as either witting or unwitting collaborators" in the NSA spying, according to the director of the Research Center for Chinese Politics and Business at Indiana University. The effect was also seen in changes to investment in the industry, with security "back on the map" according to Hussein Kanji, Venture Capitalist at Hoxton Ventures.

On August 8, 2013, Lavabit, a secure email provider that Snowden used, discontinued service after being asked for encryption keys that would have exposed to U.S. government prosecutors the emails of all 410,000 Lavabit users. The next day, a similar provider called Silent Circle announced that it too would shut down because it was not possible to sufficiently secure email. In October 2013, the two companies joined forces and announced a new email service, Dark Mail Alliance, designed to withstand government surveillance.

After revelations that German Chancellor Angela Merkel's mobile was being tapped, the tech industry rushed to create a secure cell phone. According to TechRepublic, revelations from the NSA leaks "rocked the IT world" and had a "chilling effect." The three biggest impacts were seen as increased interest in encryption, business leaving U.S. companies, and a reconsideration of the safety of cloud technology. The Blackphone, which The New Yorker called "a phone for the age of Snowden"—described as "a smartphone explicitly designed for security and privacy," created by the makers of GeeksPhone, Silent Circle, and PGP, provided encryption for phone calls, emails, texts, and Internet browsing.

Since Snowden's disclosures, Americans used the Internet less for things like email, online shopping and banking, according to an April 2014 poll. Also in April 2014, former NSA deputy director Col. Cedric Leighton told the Bloomberg Enterprise Technology Summit in New York City that Snowden's leaks had performed a significant disservice to the worldwide health of the Internet by leading Brazil and other countries to reconsider the Internet's decentralized nature. Leighton suggested that nation-states' efforts to create their own versions of the Internet were the beginning of the end for the Internet as we know it. "When you have a situation where all of a sudden, everyone goes into 'tribal' mode—a German cloud, a Swiss cloud, or any other separate Internet—they are significant nationalistic attempts," said Leighton. "What happened with Snowden, it's more of an excuse than a policy, it's more of an excuse to re-nationalize the Internet."

In March 2014, The New York Times reported that economic fallout from Snowden's leaks had been a boon for foreign companies, to the detriment of U.S. firms. Daniel Castro, a senior analyst at the Information Technology and Innovation Foundation, predicted that the United States cloud computing industry could lose $35 billion by 2016. Matthias Kunisch, a German software executive who switched from U.S. cloud computing providers to Deutsche Telekom, said that due to Snowden his customers thought American companies had connections to the NSA. Security analysts estimated that U.S. tech companies had since Snowden collectively spent millions and possibly billions of dollars adding state-of-the-art encryption features to consumer services and to the cables that link data centres.

In July 2014, the nonpartisan New America Foundation summarized the impact of Snowden's revelations on U.S. businesses. The erosion of trust, said the report, has had serious consequences for U.S. tech firms. IT executives in France, Hong Kong, Germany, the UK, and the U.S. confirmed that Snowden's leaks directly impacted how companies around the world think about information and communication technologies, particularly cloud computing. A quarter of British and Canadian multinational companies surveyed were moving their data outside the U.S. Among U.S. companies attributing drops in revenue to, in part, the fallout from Snowden's leaks was Cisco Systems, Qualcomm, IBM, Microsoft, and Hewlett-Packard. Proposed laws in more than a dozen foreign countries, including Germany, Brazil, and India, would make it harder for U.S. firms to do business there. The European Union is considering stricter domestic privacy legislation that could result in fines and penalties costing U.S. firms billions of dollars.

In August 2014, Massachusetts-based web intelligence firm Recorded Future announced it had found a direct connection between Snowden's leaks and dramatic changes in how Islamist terrorists interacted online. (In 2010, the privately held Recorded Future received an investment from In-Q-Tel, a nonprofit venture capital firm whose primary partner is the CIA. ) Just months after Snowden's 2013 leaks, said Recorded Future, operatives of al-Qaeda and associated groups completely overhauled their 7-year-old encryption methods, which included "homebrewed" algorithms, adopting instead more sophisticated open-source software and newly available downloads that enabled encryption on cellphones, Android products, and Macs, to help disguise their communications.

In September 2014, Seattle-based Deep Web and Dark web monitoring firm Flashpoint Global Partners published a report that found "very little open-source information available via jihadi online social media" indicating that Snowden's leaks impelled al-Qaeda to develop more secure digital communications. "The underlying public encryption methods employed by online jihadists," the report concluded, "do not appear to have significantly changed since the emergence of Edward Snowden. Major recent technological advancements have focused primarily on expanding the use of encryption to instant messenger and mobile communications mediums."

In May 2015, The Nation reported, "The fallout from the Edward Snowden fiasco wasn't just political—it was largely economic. Soon after the extent of the NSA's data collection became public, overseas customers (including the Brazilian government) started abandoning U.S.-based tech companies in droves over privacy concerns. The dust hasn't settled yet, but tech-research firm Forrester estimated the losses may total 'as high as $180 billion,' or 25 percent of industry revenue."

Consumer products
In September 2014, The New York Times credited Apple Inc.'s update of iOS 8, which encrypts all data inside it, as demonstrating how Snowden's impact had begun to work its way into consumer products. His revelations said The Times, "not only killed recent efforts to expand the law, but also made nations around the world suspicious that every piece of American hardware and software—from phones to servers made by Cisco Systems—have 'back doors' for American intelligence and law enforcement." The Times situated this development within a "Post Snowden Era" in which Apple would no longer comply with NSA and law enforcement requests for user data, instead maintaining that Apple doesn't possess the key to unlocking data on the iPhone. However, since the new security protects information stored on the device itself, but not data stored on Apple's iCloud service, Apple will still be able to obtain some customer information stored on iCloud in response to government requests. The Times added that Google's Android would have encryption enabled by default in upcoming versions.