The 2013 NSA Cyber Espionage Revelations in Review and Their Impact on Hosting

IntroFor many, 2013 will be known as the year in which our trust in government was shaken, given the use of new communications technologies for the purpose of surveillance. Many knew that tech companies were being required to secretly hand over data to US authorities via the Foreign Intelligence Surveillance Act, but it wasn’t until former Booz Allen Hamilton employee and NSA contractor Edward Snowden leaked confidential documents that gave us an idea of the extent to which government agencies have access to personal data.

This has caused many to seriously question how governments and private companies are use using the private information we generate electronically. This timeline presents some of the major events this year and some of the reactions of companies involved in the web hosting space starting with the moment in June when documents leaked by Snowden hit the press.


June

Newspapers The Guardian and The Washington Post brought to light documents leaked by Snowden that revealed that a secret Foreign Intelligence Surveillance Court required Verizon to provide the FBI and NSA the metadata from millions of phone calls. It was revealed later in June that the NSA has direct access via its PRISM program to the servers of Apple, Google, Microsoft, and other US tech companies that host private data. It was revealed that the US had collaborated with the UK’s Government Communications Headquarters in spying on foreign leaders and diplomats. The GCHQ was also implicated in tapping large fiber optic cables carrying internet and telephone traffic.


July

Similar to the GCHQ in the UK, it was revealed that the NSA collects is able to tap into the fiber optic cables which carry most Internet and phone traffic to gather information.


August

Among the NSA’s many international collaborations, it was revealed that the NSA had allegedly paid GCHQ millions of dollars between 2010 and 2013, which some rekon allowed it to collect data under British law in ways that would not be allowed under US law. Encrypted email provider Lavabit, which hosted Snowden’s email, shut down after refusing to provide the federal government a private SSL key that would have provided access to Snowden’s email and enable it to wiretap all its email users. Google began automatically encrypting data stored in its cloud service, giving users the option of allowing Google to manage the encryption keys or users can manage their own keys. A Google spokeswoman said that it doesn’t provide encryption keys to any government and provides user data only in accordance with the law.


September

A report from The Guardian showed evidence metadata largely collected via fiber optic cable taps by the NSA and its partners had been stored for up to a year, even if they were not a specific target.


October

According to documents obtained by the Washington Post, revealing that the NSA collects more than 250 million email inbox views and contact lists a year from online services like Yahoo, Gmail and Facebook. The Washington Post also reveals that the NSA has hacked into the connections between datacenters owned by Google and Yahoo.


November

Silent Circle and Lavabit have teamed up on a project called the“Dark Mail Alliance,”designed to provide end-to-end encrypted email privacy technology.

Wikipedia founder Jimmy Wales said that distrust in how online surveillance is conducted by US government agencies could embolden oppressive regimes to increase censorship. Swiss telecom Swisscom reveals plans to create a cloud service that would store data within Switzerland where privacy regulations are very strict.


December

Many US service providers including AOL, Apple, Facebook, Google, Microsoft, and Yahoo have argued for limits on government surveillance for both foreign and domestic users. In an effort partly to protect US tech companies, the bipartisan “High Tech Caucus” called on US officials to make international data transmission a part of pending trade pacts with foreign nations so that worldwide governments could not require IT service providers to locate infrastructure within a country’s borders or operate locally.


The Review Group on Intelligence and Communications Technologies, established by the US government, came out with a number of recommendations that would attempt to balance national security with privacy and civil liberties. At the close of 2013, companies and politicians were still working to restore trust into online communications.