Thursday afternoon, a bombshell dropped: Two leading reports claimed that the U.S. government has been spying on emails, searches, Skype calls, and other electronic communications used by Americans for the last several years, via a program known as PRISM.
According to the reports, the Web's largest names--AOL, Apple, Facebook, Google, Microsoft, Skype, PalTalk, Yahoo, and YouTube--participated, perhaps unwittingly. (Dropbox will reportedly be added as well.) The report claims that the National Security Agency had "direct access" to servers owned by those companies. Most, if not all, of those companies have denied participating in PRISM, although it's unclear whether they were unaware of the NSA's spying, or simply turned a blind eye.
If nothing else, however, the PRISM disclosure is worrying and deeply shocking. If the report is accurate, the government may simply listen in on virtually any electronic communication you've made, in the interests of national security. Is this something that should be encouraged to fight domestic terrorism, or is this sort of government intrusion something that should be deeply distrusted? For the purposes of this story, we're going to err on the side of the latter; whether you take advantage of our advice is up to you.
Note that there is absolutely no guarantee that our tips will make your PC PRISM proof. One of the generally held beliefs in the security world is that, with enough resources on the part of the attacker, any secrets that are known about can eventually be unearthed. But let's say that you support an "Arab Spring" movement in a country whose interests parallel those of the U.S. government. It's this sort of political uncertainty that encrypting personal communications is designed to liberate.
So what can you do? Here are some tips.
Avoid using popular Web services
This is an easy one. If you're concerned about the government watching your moves online, simply avoid making Microsoft Bing and Google your search engines of choice; try DuckDuckGo instead. The site promises not to track or store your searches, which should provide some degree of confidence that you're not being tracked online. Both reports from the Post and the Guardian indicate that the PRISM program is expanding, although for now DuckDuckGo seems to be safe.
Naturally, this also means ditching a Gmail or Hotmail account, and deleting your accounts from those sites. Instead, it's time to think about laying low and skipping around services that you might have forgotten about: Mapquest for maps, for example. You may as well stop social networking altogether, unless it happens to be direct, person-to-person communications.
Sign up for CIO Asia eNewsletters.