With much of the world in a state of outrage and/or panic over NSA spying, Dutch privacy and security researcher Guido Van ‘t Noordende has a handy solution. For Trouw of the Netherlands, Van ‘t Noordende wonders why anyone would expect security, when data, in cyber terms, is just sitting in plain sight. He suggests not using the ‘cloud’ to store unencrypted data, ever, particularly with firms that are either American owned or based in the United States.
For Trouw, at the expense of America’s Internet giants, Guido Van ‘t Noordende offers a dash of Dutch common sense:
The bugging by U.S. spy agency NSA has led to disbelief and outrage in Brussels, but also in The Hague. In the Netherlands alone, 1.8 million telephone calls were tapped. But we make it so easy for the Americans. We conveniently forget that we’re the ones putting all of our business information in unlocked safes in the middle of the town square or the Dam [in Amsterdam]. And then we’re surprised that thieves and secret services are poking around!
While the opposition party in The Hague calls for debate, big companies advertise data storage in “the cloud.” Whether this storage is adequately protected isn’t specified – and eavesdropping isn’t even mentioned. The cloud consists mainly of data centers where companies can store information. Some of those data centers are located in the United States, are American properties, and often make use of American software. That’s a problem. For all U.S. software must meet U.S. anti-terrorism legislation and allow for the handy retrieval of data. Any unencrypted information in the cloud or sent over the Internet may be intercepted – not only by the U.S., but also the British, Chinese, or our own intelligence services.
The question is why the architecture of systems have been designed in such a way that this can happen. Why don’t the government and companies choose a system in which eavesdropping is prevented? Or systems in which overcoming security is so difficult that it would only happen when absolutely necessary? Solutions are known. Information must be encrypted. Only the sender and receiver therefore have the keys to decrypt the data. Third parties, including the cloud administrator, have no access. As long as sender and receiver abide by the rules, this is how to keep the intelligence services out.
READ ON IN ENGLISH OR DUTCH, OR READ MORE TRANSLATED and English-language foreign press coverage as the NSA surveillance scandal continues to unfold at Worldmeets.US, your most trusted translator and aggregator of foreign news and views about our nation.
Founder and Managing Editor of Worldmeets.US