The news of massive monitoring by the NSA broken by the Guardian and The Washington Post is not surprising. The new wrinkle is just how much information is collected and stored every day by corporations whose stuff you use. The Government didn’t build this thing; Facebook did, and Google too (Microsoft wants to play too, but sadly for them, they didn’t build it). This corporate data pile is a natural data source that all spies want access to. Even the spies who work for us. (Though if you think the NSA has crossed the line, you might want to see what motivated Edward Snowden, the source behind the PRISM outing http://www.guardian.co.uk/world/2013/jun/09/edward-snowden-nsa-whistleblower-surveillance).
This story shows how fundamentally surveillance law and practice have shifted away from individual suspicion in favor of systematic, mass collection techniques. Mass collection is a messy and non-surgical instrument. Your data are being stored. They can be accessed later.
Facebook has more information in their files about you than the Stasi had about East German citizens. We have created a “turn key” system for oppression that thankfully is not being misused by an oppressive regime. We like it. We have not considered the implications.
When we build systems, we need to not only think about security, but also privacy. You can build privacy in in the very same way that you can build security in.
The CALEA laws ask tech companies to build in monitoring capability. That is really exceptionally stupid.
The NSA’s databases are a ripe target for foreign attackers (say Chinese hackers) since they collate everything (yeah, everything) in one place that is searchable.