Electronic spying a wake-up call

The top secret documents leaked by Edward Snowden have revealed that the ‘five eyes’ (US, Britain, Canada, Australia, and New Zealand) have engaged in large-scale spying by tapping electronically-transmitted data such as conversations on mobile phones, emails, and browsing habits. This has raised concerns worldwide that key leaders may be subject to foreign pressures.

The most recent leaked documents show that a wider alliance, including Israel and Singapore, have helped the ‘five eyes’ to collect huge amounts of personal data. Specifically, Singapore helped tap electronic communications to Indonesia and Malaysia, going through the undersea fibre optic cable SEA-ME-WE 3 (linking South-East Asia, the Middle East and Western Europe), partly owned by the government-owned Singapore Telecommunications (SingTel).

Apart from military spying, the Internet has also led to an explosion in commercial spying to target unwary consumers with pinpointed advertisements and product offerings, using data mining techniques which practically enable companies to read the minds of consumers.

These techniques involve recording not only what the consumer buys, but all that the consumer sees, for how long, etc. This goes well beyond the camera surveillance inside houses by Big Brother which George Orwell imagined in his novel called ‘1984′.

In response to this widely-felt threat to privacy, Malaysia passed a data privacy law based on the European model, but this law was lying dormant since 2010. It was activated a few days ago (on Nov 15, 2013) by the minister in charge of the Malaysian Communications and Multimedia Commission who finally appointed a Personal Data Protection Commissioner.

The Consumers Association of Penang (CAP) feels that even the new law is insufficient, for it relates only to servers and companies which are located in Malaysia. That law seems unusable in cases like SingTel spying on Malaysia. And, even if it is used, at most this law can impose some minor penalties for what is evidently a case of massive spying and data theft.

Further, changing the law is a slow process which rarely keeps pace with the rapid changes in electronic technology. The government must take other pro-active measures. The first line of defence for the country is an educated and aware citizen and consumer. A knowledge society does not just consist of passive users of the latest technology.

If Malaysia is to truly become a knowledge society, the citizen must be knowledgeable and aware of the dangers and risks which come along with the new technology of mobile phones, tablets etc. The growth of technology-related businesses leads to huge profits, but it also leads to novel and unexpected social  risks.

The spying scandal has made this clear, for the new technology allows foreign governments to have access to the innermost thoughts of people, and manipulate their behaviour. The government must insure citizens against such risks.

This can be easily done if a part of the tax revenue from the profits of technology companies is used to educate all citizens and consumers about the right use of the new technology (mobile phones, computers, Internet) on which most people have become dependent today.

Mandatory facilities for encryption

The second step is to mandatorily require that all mobile phones, tablets and computers themselves afford data protection by providing facilities for encryption and decryption of all data, using a higher level of encryption.

Encryption is the only way of communication regarded as secure enough for the military or banking, where a high level of security is desired. Encrypting emails and mobile conversations or any information transferred electronically is easily possible with existing technology. For example all online banking transactions use such secure encryption.

The third step is to educate and guide users to select the appropriate technology. CAP has already earlier advocated that the government should encourage the use of  open source, not only for its financial benefits, but also because it reduces the chances of embedded or downloaded malware used for spying for strategic or commercial purposes.

Encryption and decryption software can be easily made available on all open source platforms, and it can be tailored to a higher standard as required.

Wily marketers prey on the young, by moulding their habits, and the government must also immediately start to educate its young and future citizens against technology risks, such as the disguised forms of marketing through social networking sites.

Young children must be educated on the dangers of revealing all personal details on social networking sites such as Facebook, etc. which they tend to do under peer pressure, and because the parents themselves are unaware of the dangers.  They must be made to understand that such details get a permanent home on the Internet, and can not only be used by marketers to manipulate consumer behaviour, but can also become a source of later embarrassment.

The revelations of large-scale spying should serve as a wake-up call for the dangers associated with the new technologies, on which immediate action is required.

Press Statement, 29 November 2013