My thoughts on why the Guardian and the Washington Post are barking up the wrong tree with their constant side-stories about #Prism. It is disappointing to read the story degrading in this way.

“Analysing this type of meta-data is exactly what companies such as Google, Yahoo, Twitter, Facebook etc. openly do.”

Seriously… what is the problem with collecting and analysing meta-data?

Meta-data does not include the actual conversation (chat, email, phone). As a privacy advocate, I positively support the analysis of meta-data by democratically elected governments.

In fact analysing this type of meta-data is exactly what companies such as Google, Yahoo, Twitter, Facebook etc. openly do. They use it to better target online advertising to the consumer. I want my government to do the same to help identify crime before it happens. By analogy, I consider analysing meta-data as the same as putting more policemen on the streets – we know that works.

For example, if someone is using Google to research making a bomb, I want that information to alert the authorities. Of course in a smart way i.e. building up a pattern of behaviour until it reaches a threshold (bayesian learning).

“With old-school police investigations, once the police have gained enough evidence (analogous to meta-data), they would need to get a warrent from a judge in order to tap a phone or bug an office. Thats the legal process that protects all democracies.”

The REAL privacy story with Prism is that when the CIA/MI6 et al secretly gain access to the Internet, they don’t just “see” meta-data, they see ALL of it. That means, if they can see my search terms and who and when I send emails to, they can also see what the content of those emails are. These are not separate data sets, they are all part of the same packet stream. Once access is gained to the meta-data, there is no barrier to all of the data flowing through the fibres of the Internet.

With old-school police investigations, once the police have gained enough evidence (analogous to meta-data), they would need to get a warrent from a judge in order to tap a phone or bug an office. Thats the legal process that protects all democracies. By capturing Internet traffic, that legal process is by-passed. And that is the BIG story here and the real threat to democracy.

From a technical point of view, the other side of this story is HOW. Accessing unencrypted communications is a high-school project for the smart, but gmail for example is encrypted. In fact if you use your Google account, all Google services are enrypted and cryptology these days is uncrackable by any secret service. The only way to decypher encrypted text is to obtain the master encryption key.

So a message to the Guardian/Washington Post:- please don’t dilute the major impact of this ground breaking story with petty articles. The public simply isn’t buying-in to the idea that ad agencies, Internet companies or even governments looking at meta-data is somehow a massive shock, or even a bad thing.