Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Worried about the government? Internet giants also dip their hands in the cookie jar

Zach Miners | March 24, 2014
Security protections have been tightened at many of the major online services, as firms like Google and Microsoft pledge to protect their users against unwanted prying eyes. But while many people fret about unwarranted government access to their data, the Internet firms themselves play by their own set of rules.

And encryption may only go so far. The topic generated discussion last week at SXSW Interactive in Austin, Texas. During a video interview, NSA contractor-turned-leaker Edward Snowden noted that HTTPS encryption does not prevent service providers from tapping into data stored on their own servers.

End-to-end encryption, which encrypts data before it leaves the user's own device, is not practical for the Internet giants because it conflicts with their business models, Chris Soghoian, a senior policy analyst at the ACLU, said during the event. That's because it prevents them from scanning content for advertising or other purposes.

"The tools designed with security as a first goal are often developed by independent developers, activists and hobbyists," he said.

In other words, if you're using one of the major online free services, be careful what you say. As the University of San Francisco's Freiwald put it: "There's a lot less security online than people think."

 

Previous Page  1  2  3 

Sign up for CIO Asia eNewsletters.