"By the time this general process has occurred, it is very difficult for the citizens of a country to protect the privacy of their communications, and it is very easy for the intelligence services of that country to make those communications available to the NSA — even without having explicitly shared them," Snowden wrote.
The deals between the NSA and foreign partners are set up in such a way as to provide the NSA with a means of monitoring a partner's citizens without informing the partner, and to provide the partner with a means of plausible deniability, he said.
"The result is a European bazaar, where an EU member state like Denmark may give the NSA access to a tapping center on the (unenforceable) condition that NSA doesn't search it for Danes, and Germany may give the NSA access to another on the condition that it doesn't search for Germans. Yet the two tapping sites may be two points on the same cable, so the NSA simply captures the communications of the German citizens as they transit Denmark, and the Danish citizens as they transit Germany, all the while considering it entirely in accordance with their agreements," Snowden said.
Snowden, who said that he's still seeking asylum in the EU, also provided solutions to solve the mass surveillance problem.
It is easy to make mass surveillance more expensive through changes in technical standards, he said. "Pervasive, end-to-end encryption can quickly make indiscriminate surveillance impossible on a cost effective basis," he said, adding that the result is that governments are likely to fall back to traditional, targeted surveillance founded upon an individualized suspicion.
This traditional method is more effective than mass surveillance, according to Snowden. "I believe that spying serves a vital purpose and must continue," he said.
The European Parliament is set to vote on a draft resolution on Wednesday that seeks to keep data protection out of EU-U.S. trade talks. The MEPs want the EU to suspend two deals with the U.S., one on exchanging banking data and the other on the Safe Harbor privacy principles for U.S. firms holding European data, as, they say, the fight against terrorism can never justify secret and illegal mass surveillance.
The MEPs will also vote on a proposal for stronger safeguards for data transfers to non-EU countries. Wednesday's vote could result in the updating of 19-year-old data-protection laws. Under MEPs' amendments, companies breaking the rules would face fines of up to €100 million (about US$139 million), or up to 5 percent of their annual worldwide turnover, whichever is greater, according to the Parliament.
Sign up for CIO Asia eNewsletters.