In the immediate aftermath of the initial NSA revelations (and there are more to come), some people are pushing for judicial or legislative restraints on further privacy violations. This is a noble effort, and I hope those people succeed. But let’s be real for a moment: those efforts are mostly symbolic.
Does anybody believe our government is going to stop spying on us just because it’s against the law? We already know PRISM is unconstitutional. If that isn’t enough to stop the Obama administration from spying on Americans, tinkering with the margins of the Patriot Act isn’t going to make a difference.
The problem isn’t the law. Fortunately, neither is the solution. Once we centralized all our communications and metadata on just a handful of servers, we made inevitable the use of that massive data trove by people who don’t share our interests or values. Today we know this includes the NSA, but it also includes the marketers, the insurance profilers, and your ex-future employers. It is impossible to centralize massive amounts of information and then dictate what that information is used for. Once you collect it, people are going to use it. And share it. And you have no control over what happens next.
The solution is to stop giving all your data to the same handful of services. Migrate off cloud services for things like email. Use old tech like IRC and email, which are too decentralized to spy on at mass scale. Build your own servers if you’re able. And when you do use cloud services, demand those services let you access them with your own clients that can encrypt your communication.
If we keep making giant piles of data, governments and corporations will continue to paw through our personal lives at will and for their own purposes. The conversations we have on Facebook and Google feel private, but they occur in public spaces. If we want privacy, we need to take those conversations to truly private infrastructure or encrypt them so the snoops have nothing to listen to.