The Government’s New Outsourced Surveillance Machine

By Rob Shavell, Co-Founder and CEO of Abine/DeleteMe

The reality that governments, even democratically elected ones, abuse their citizens’ privacy is unsurprising. However, as the recent Pegasus scandal reveals, the way privacy is infringed upon by authorities who purport to protect it has entered a terrifying new era. 

Developed by Israeli cyber-arms company, NSO Group, Pegasus spyware has allowed both autocratic and democratic governments, such as Saudi Arabia and Mexico, to leverage technology purchased from a private sector organization to monitor citizens’ communications without their consent or knowledge. Shockingly, this blatant abuse of individual privacy has been going on for years—at least since 2013, according to reporting by The New York Times—and has impacted journalists, activists, and politicians in 40 countries

US citizens might take solace in the news that they are unlikely to have been affected. None of the phone numbers selected for surveillance uncovered by the Pegasus Project, a reporting consortium that exposed Pegasus, had the +1 prefix, and NSO swears the spyware they sell can’t hack US-based smartphones. It also does not appear that NSO had customers in the US, at least at first glance.

But even if the average American is unlikely to have been impacted by Pegasus directly (Americans using foreign phones could still have been hacked), the spyware’s exposure should be taken as a clear wake-up call. While the slow erosion of our right to privacy has been happening for some time, increasing digitization means that governments can now leverage for-profit companies to conduct domestic and foreign surveillance on their behalf. This has rapidly moved the idea that democratically elected governments use technology to spy on their citizens’ communications from fringe theory to common knowledge. 

The Demise of Digital Privacy

For most US citizens, the realization that America’s extensive domestic digital surveillance program was more than just a conspiracy theory came about in 2013. The news that the National Security Agency (NSA) was keeping tabs on tens of millions of Americans by tapping into their telephone and internet data was impossible to miss, and hard to ignore. Previously, intelligence officials had claimed that the NSA did not knowingly collect information on Americans. 

However, rather than applauding Edward Snowden, a CIA contractor who blew the whistle on his former employers’ clandestine spying operations, 44% of Americans said that his leaking of classified information harmed the public interest, with 54% of the public stating that Snowden should be prosecuted for his actions (according to the Pew Research Center). Although the NSA program has since been found to have been unlawful, Snowden, who was charged with espionage shortly after going public with the story, is yet to be pardoned. 

Nevertheless, the incident evidently made Americans think long and hard about government surveillance. Subsequent studies by the Pew Research Center found that in the months following Snowden’s revelations, Americans became more critical of the NSA program, with the majority of Americans saying that it is unacceptable for the government to monitor US citizens in a 2014-2015 study. 

Still, government tracking has not stopped. If anything, in the years since 2013, it has grown. In early 2021, for example, the USPS admitted to monitoring Americans’ social media posts. Similarly, the FBI has been accused of searching for Americans’ personal details in emails collected by the NSA without warrants for the second year in a row, then given the green light to continue doing so. 

While Americans have grown wary of government spying, they’re even more skeptical of Big Tech. A whopping 81% of people feel like they have no control over the data tech companies collect about them and the same number think that the potential risks of this data collection outweigh the benefits. Only 66% of people think the same about government data collection. Unsurprisingly, about 7 in 10 individuals want governments to do more to regulate Big Tech, but for governments, restricting tech giants’ data collection may not always be in their best interest. 

Public-Private Surveillance

In many cases, government agencies are direct beneficiaries of Big Tech surveillance. Take the Justice Department, for example, which was caught red-handed requesting data from tech companies about lawmakers, journalists, and White House officials, then preventing the companies from letting the targets know. But that’s just one instance. In the first half of 2020 alone, local, state, and federal officials made 112,000 data requests for user information to Big Tech companies, including phone calls, emails, and driving routes. These same companies complied with 85% of these requests according to the Associated Press.

In some cases, government agencies may not directly collaborate with tech companies, but they still may benefit immensely from their data collection capabilities. Several US law enforcement agencies, like the Department of Homeland Security and the Internal Revenue Service, have been found to routinely purchase geolocation data from data brokers, who get at least some of their own information from tech companies. 

Government spying is a great concern, but as state, local, and federal agencies employ “surveillance intermediaries,” as University of Minnesota Law professor Alan Rozenshtein refers to tech companies, invasion of privacy is increasingly likely to fly under everyone’s radar. In the previously quoted Pew Research Center study, 41% of those polled said they understand what tech companies do with their data. In reality, it is very unlikely that 4 in 10 people are aware companies like Facebook and Google give government agencies access to their data. 

Protecting Your Privacy

The “public-private surveillance partnership” is here to stay, for the foreseeable future at least. However, protecting your privacy as an individual is still possible. Knowing that governments and tech companies work hand in hand is a good starting point as it gives you an idea of what the privacy landscape actually looks like.

You may not be able to evade government tracking entirely, but you can be smart about how you use the internet. Opt for a privacy-focused browser, don’t overshare on social media, and take the time to remove your name from data brokers, or employ a trusted privacy protection provider to do it for you.

About Rob Shavell

Rob Shavell is CEO of Abine / DeleteMe, The Online Privacy Company. Rob has been quoted as a privacy expert in the Wall Street Journal, New York Times, The Telegraph, NPR, ABC, NBC, and Fox. Rob is a vocal proponent of privacy legislation reform, including the California Privacy Rights Act (CPRA).

Follow Brilliance Security Magazine on Twitter and LinkedIn to ensure you receive alerts for the most up-to-date security and cybersecurity news and information.