Edward Snowden's appearance (via video) at the South by Southwest conference on Monday prompted a spike in coverage of who Snowden is and what he wants and how he manages his image and so on. On Tuesday, Vice Admiral Michael Rogers, the likely next head of the NSA, heads to Capitol Hill to discuss some of the systems Snowden exposed, yielding a series of stories about Rogers. Which should serve as a reminder: The struggle to ensure online privacy exists independent of these two people.
Snowden's emergence from his private life in Russia was guaranteed to attract attention, of course. But "it’s no accident that the first live public appearance that we’ve arranged for Snowden to speak at is South by Southwest and not daytime television," Snowden's attorney, Ben Wizner, told Politico. A Snowden appearance, and the frenzy that would follow, allows the leaker to put spotlights on the issues that he considers the most important. So: SxSW, a convening of tech geeks that would appreciate his message of the need to bolster online defenses against privacy intrusions.
That's the broader fight at hand. Yes, the NSA's surveillance has been bad for business in the tech industry, in part because of companies' legally binding work with the NSA on surveilling customers and in part because of revelations that the NSA tapped connections owned by the companies. But Snowden's point on Monday was less about helping Facebook's bottom line than ensuring that people can communicate online without being observed. He strongly advocated more widespread use of peer-to-peer encryption, scrambling signals between two users so that only those users can decode what's being said. As The New York Times noted, Snowden offered a particularly good example of why he trusts encryption: "The U.S. government still has no idea what documents I have because encryption works."
One of the details Snowden revealed with his leaks was the awkward position of the NSA in the effort to protect the nation's online infrastructure. On one hand, the NSA's Cyber Command — the cyberattack battling group prompting Rogers' visit to the Senate Armed Services Committee on Tuesday — needs to ensure that America's networks are well-encrypted and defended against surveillance from criminals and foreign intelligence agencies. But on the other hand, the NSA and the Cyber Command need to have backdoors into that encryption so that they themselves can spy on foreign agencies and terrorists. Snowden revealed that the NSA actively sought to weaken encryptions systems precisely to accomplish that goal. But in doing so, it made the web less private for everyone.
Among the recommendations made by the independent review committee President Obama organized last year was that the duties of protecting web privacy and spying on the web be separated into two functions, and that attempts to undermine encryption be halted. As Spencer Ackerman reports at The Guardian, the combination of both of those roles was intentional. Cybersecurity expert and author Peter Singer describes the rationale for giving the head of the NSA both roles: "So that the CyberCom head could speak with a bigger ‘voice’ in discussions with Congress and in policy."
Rogers hasn't yet been approved to replace Keith Alexander, the current head of the agency. But he's already the subject of a great deal of tea-leaf reading. Will he support reforms to the system? As Singer notes, "personnel changes do make it easier sometimes to change internal programs, as they allow a shift without making people have to admit they were wrong." But the Times quotes one of those ubiquitous "senior administration officials." "Harry Truman created the N.S.A. to break codes," he told the paper. "No one can figure out why it makes sense to make that harder."
Well, except that people value privacy. That's one of the several reasons that Snowden has become a cult figure in the NSA debate. (The most obvious being that he's the reason the debate exists.) Snowden is a face of the fight to protect privacy; on Monday, a literal face looming above the SxSW crowd. He's hailed in hagiographic essays; he's maligned by "senior officials" regularly. In its report on "Snowden, Inc." — the title itself an allusion to charges that Snowden is profiting from his fame — Politico quotes various members of the intelligence community past and present. "Snowden … was manic in his thievery, which was exponentially larger than Hanssen's," NSA inspector general George Ellard said at a conference last month. The reference is to Robert Hanssen, a spy for the Soviet Union and Russia whose efforts mostly pre-dated the ability to sweep large numbers of electronic documents onto flash drives. By comparing Snowden to Hanssen — an actual admitted spy-for-money — and then implying recklessness on Snowden's part, Ellard helps create the space for those who'd like to maintain business as usual. Ellard's not making any argument on the merits of encryption or spycraft.
The question of balance between security and privacy is ever-present and probably unresolvable in any way that everyone can accept. By making the debate about Snowden and Rogers, we give up on even trying to answer that question.