The Good(?) And Evil Of PRISM


The whole news about PRISM is pretty depressing – but after thinking through the weekend, I am not as depressed as I was when I first heard it. Sure it is still very evil, but has a few positives as well . The evil part is pretty obvious , so I am just calling out the not so evil things that partly balances it out . Who knows, my opinion could still change as I think more .

The most obvious positive is that there is a chance this does help government keep us safer to some degree .Bad guys are bad – but sadly they are not stupid . They already should know that law enforcement is checking emails and phones . A part of me wants to believe that PRISM is just a leak to further deter the bad guys 🙂

Irrespective of political leaning , Government will over reach . Neither Bush nor Obama has any moral superiority that their administration can claim when it comes to privacy invasion. And this is as good a reason as any to stop following either party blindly the next time people vote them to power .

We compromise privacy all the time – by disclosing personal data in social networks , by using loyalty cards , by online commerce and so on . Experts have warned us a million times to be careful – yet not much has changed . If private companies can hold our data and target us – what is the big deal if government does the same ? Or do we trust capitalist companies to do less evil than an elected government ?

If PRISM has to live up to its great expectations – government probably does not have all the tech it needs in house . This means a lot of companies – big and small will make good business creating that tech . And then those technologies will be repurposed for enterprises and consumers – in good and bad ways . Irrespective – this in general should help an advancement of technology and economy in general .

Same with hardware – a lot more disks, flash, DRAM etc need to be produced to keep up with the big data that the government needs . That is good for the semiconductor industry in general , and should further increase affordability and quality of HW for the rest of us .

Even with all of these , the evil is not nearly balanced by positives. and it could get a lot worse . Aggregation of data is generally considered a good thing in enterprise world – for things like 360 degree view of the customer , end to end supply chain visibility etc . The limiting factor in achieving that goal is that enterprises do not have much access outside their intranets . But if governments can gain access to enterprise servers and get business information – now they can indeed have nearly 360 degree information on everyone . Or god forbid – government could have an API for companies to get some parts of the data from government repositories . It can get even more real evil real soon .

Privacy matters in more ways than most people realize . I don’t know if anything much would change – but the least we can all do is raise awareness so that we keep the damages to a minimum .

Advertisements

6 thoughts on “The Good(?) And Evil Of PRISM

  1. Good post Vijay

    Here is a non-technical perspective.

    In a society where many people maintain fear-based moral standards and interesting religious beliefs (see afterlife, judgement day and alike concepts) it was a tacit agreement that the divine sees it all but is graceful administering punishment, while the human cannot be fair in punishment because it cannot know it all.

    Therefore, at an ethical level, in case of knowingly breaking the behavioral rules of the social codex, we expect a different type of justice from an omniscient divine power than justice administered from human hand.

    Without having the exact numbers I would even reckon that while the majority of us has effectively deprecated the belief in the divine as a record-keeping heavenly gatekeeper, current moral standards based on those beliefs are still there. Alive and kicking.

    But knowing all, seeing all and having eternal memory it is exactly what we make possible with technology. When the government wiretaps indiscriminately all of our communication – see Echelon and the slide on PRISM where they show the undersea cable access points – it is taking governments into “divine” omniscient levels in giant steps. And we should deeply mistrust this type of intelligence outside of public control.

    We intuitively understand that the most feared government capability of selective repression on its citizens is indeed based on the capability of observing, recording and evaluating the actions of the individual citizen. There are many examples of this repressive capability: see any communist country – specially East Germany and the USSR.

    That is what makes many of us feel really bad about this. Having a government keeping score on our actions, thoughts and communications forever….because you never know when “emergency” will bring the democratic control machinery to a halt.

  2. Great post Vijay. A long time ago I read Peter Wrights Spy Catcher. It opened my mind to what governments will do. The ‘news’ of Prism unfortunately did not strike me as surprising.

  3. There is nothing called good or evil, permanently? It changes with time and mostly it depends on which lens you use. Using your lens or view, i see the business becoming better for the firms who developed the technologies and we can learn much from the data crunching app for handling big data. As for privacy most of the so called private information is available in the net spread across the social media and also for a right price the tools and how to info is there as well.
    Saving grace is that based on the reaction from public, govt definitely would bring some kind of restrictions in invasion of privacy US citizens but not for others, there lies the difference.
    I am sure , this will further the case for data centers in many more countries as nations would clamor for data to be hosted with in their jurisdiction. That also is a business opportunity apraed across the world.
    Keep posting…

    Neel

  4. Good post, Vijay!

    The one comment I found particularly interesting was “the limiting factor in achieving that goal is that enterprises do not have much access outside their intranets”. Some could say that this is an additional argument for keeping data on premise vs an external cloud. There will be a great many applications that will require data and network isolation, whether or for regulatory (geographical isolation or security isolation) or cybersecurity (air gap or physical isolation) reasons.

    The privacy conspiracy theorists might make the case that the move to cloud computing opens up a business’ entire data and operations to government (and bad guys) that might not have been possible before (or at least would have required a series of separate cracks/intrusions versus compromising a single cloud app or infrastructure).

    I learned a long time ago that any illusion of privacy on the internet is just that – an illusion – and I have taught my family the same. There will be many enterprise use cases where the “illusion” is simply not good enough, and pure and absolute privacy of trade secrets, financial data, and the like will not be an option. Even if the back end data stores and applistructure are resistant to intrusion, there are a number of links and hops on the way from the end user to the cloud that provide a huge vulnerability surface. Business will have to assess their risks accordingly.

    Despite what the critics of SAP’s cloud strategy say, I think SAP is doing the right thing by offering choice: on premise, private cloud/self hosted, public cloud, multi-tenant, and dedicated instances. There is no single answer/best approach, and by offering those options, the likelihood of meeting the customers unique needs is much greater. It does bring additional costs and some compromises in architectural choices, but I think those differences will disappear over time as the technology stack for on-premise and the stack for cloud become virtually indistinguishable, and we just think of them as “computing appliances” (hardware, software, other) and architectural best practices.

    Cheers,

    Rick

    • Thanks Rick !

      I agree with you completely – customer choice is a must in deployment options . It was an eye opening experience when a public cloud friendly CIO chose to deploy sugar CRM internally because it made economic sense . People who don’t sign checks and POs have a religious beliefs on cloud – pragmatic souls don’t 🙂

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s