SXSW 2015 In a quietly arranged Q&A session at South by Southwest (SXSW) on Sunday morning, Edward Snowden told about thirty influential people from the tech world that the onus for thwarting mass surveillance was falling to them.
Snowden had previously spoken at SXSW with the American Civil Liberties Union, explaining to attendees the “massive scale” on which he believed the US Constitution was being violated by the spooks' mass-surveillance operations.
His talk on Sunday morning, however, was more private and directed specifically at technology companies, with few other parties invited by the SXSW organisers.
The Verge spoke to Sunday Yokubaitis, president at Golden Frog, a global online services provider, who attended the gathering and described Snowden's question-and-answer session as a “call to arms”.
Yokubaitis said that Snowden was encouraging a greater adoption of end-to-end encryption.
“The low-hanging fruit is always [the] transit layer,” the NSA whistleblower reportedly said. “It raises the cost. Every time we raise the cost, we force budgetary constraints.”
Tech companies' responsibility for managing their users' privacy has been a standard concern for users since before the revelations regarding global surveillance began to be published.
It has also been the focus of concern from a different perspective. Former MI6 chief Sir John Sawers, stated while giving this year's annual lecture at King's College London's Department of War Studies: “Thanks in large part to Mr Snowden, our intelligence picture to cover [the new challenges of the 21st Century] is weaker than it was. All of us, you and me here tonight, are more at risk from terrorism and cyber-attack. And why? Mainly because technology companies has [sic] scaled back their previous quiet co-operation with intelligence agencies.”
Not only have technology companies scaled back their co-operation, but a market-driven competitive advantage is now recognised to exist for companies who best manage their users' privacy.
Yahoo! Mail announced this Sunday that they will be offering an end-to-end encryption plug-in for their service, a project developed in collaboration with competitor Google for the privacy of internet users. Following the open-source standard for security features, Yahoo! have also published the source code on GitHub.
Almost a year to the day after the first global surveillance release by the Guardian, Google's Online Security Blog announced the addition of an end-to-end encryption plug-in for the Chrome browser, too.
Yokubaitis told El Reg: “Snowden made a number of suggestions about improving cybersecurity. In particular, he said we need to develop new technologies to obscure VPN services, so VPN traffic can’t be identified as being encrypted. He also said we need more randomising efforts for other services, so we, as a tech community, can defeat monitoring at the network level.”
Snowden also said that he doesn't regret blowing the whistle.
"I have gained so much. I have the ability to contribute in a much more meaningful way. I really got the sense that I'm helping to improve lives. It gives me a reason to get up in the morning. And that's something that you can't get from almost anything other than maintaining a guiding principle that you believe in very strongly."
Speaking at the Chaos Computer Congress late last year, Jacob Appelbaum confirmed that the contents of PGP and GnuPG encrypted email, the standard end-to-end encryption tools and basis for the above plug-ins, remain secure from dragnet capture.
We have requested comment from several technology companies and will update as we receive responses. ®