Edward Snowden, former US NSA employee and self-styled information liberator, remains a highly contentious figure on the US political scene.
It was then perhaps curiously appropriate, if inadvertent, timing that he should make a guest telecast appearance from Russia to the OpenStack Summit in Boston on the same day that President Donald Trump was sacking FBI Director James Comey as the row over alleged connections to the Kremlin and the Trump campaign rumbles on.
Snowden was beamed in from Moscow to talk about the cloud and the underlying ethics of community, as typified by the open source movement. Talking with the OpenStack Foundation’s Chief Operating Officer, Mark Collier, Snowden bought conversations round to what he sees as some significant dangers in the large amount of unthinking use of the internet and web services by the majority of people, and compared it with the collective strength and protection to be found in collaborating communities – The Collective, essentially – found in the open source world:
Most people just consume the cloud without thinking, but it is communities like OpenStack that give people more control. So many users are sinking cost in to infrastructure that is not theirs, and they are giving up data and information about themselves without thinking.
In this context, he made it clear he was not just thinking of the vast body of consumers, but of business users as well. Many, for example, readily use the services of companies such as Google without thinking through the potential consequences.
On the subject of using open source tools and services, Snowden observed that, while the NSA is largely run on Microsoft Windows, it was the availability of open source tools such as Debian that had given him the means to conduct his now notorious exploits.
Snowden says he sees his primary work now, as President of the Freedom of the Press Organization involves using open source developments to develop data transparency tools for people:
We are looking at things like how you can tell when a document or image of yours has been taken and used by some other organisation or group that you would not want to have access to it. In much the same way, we are looking at ways of going beyond just trusting that when you think your phone is off it is actually off.
When asked what he saw as the main ethical implications and obligations of applications developed using the open source model might be, he said that developers now need to adopt a different attitude. There is, he suggested, now a need for developers to recognise that, while not all government actions are, ipso facto, bad, there is now a need to recognise no one really works for a government or a corporation, and instead they are working for the spirit of the technology itself:
There should not be a need to hide things from the rest of us. So the main ethical obligation I see developers asking themselves a question – ‘How do I empower the user of this application?’ Or at least they should enter that chain of thought. The issue is to think about what they can do to protect users from what can be done to them with the technology. We are moving into a time when everywhere and everything will have a computer in it, so there is now a real need for people to be protected.
When it comes to the exploitation of bugs and the use of viruses, trojans and other tools of the malicious attack business, he suggested there will always be a market for them. But again he saw this as a place where the open source community can, as a collective of not inconsiderable intellect and skill can come together to help cure them when open source applications are involved.
What is more, he also sees that as a really good reason for all users to go with open source applications wherever possible:
When Apple or Google has a bug not only can we have no influence over the cure, but we don’t know anything about the cause and we don’t know what they have learned in effecting a cure. So it is not possible for everyone to use that knowledge to help build a better world for everyone.
We have been struck by a moral dilemma that we didn’t seek or ask for. We now live in a time like the discovery and growth of nuclear science and the way it led to the bomb. With the development of the internet and web services we are well past the point where we can put that genie back in the bottle.
But he sees opportunities for people as a collective to learn from this. For example he decried the fact that all governments seem keen on the idea that only weak encryption is available to users, primarily with the view that it is therefore easier to crack and exploit. This is something that developers should resist, while looking to the future:
We need to say that we are not going to build applications for today, but that we are going to build them for beyond tomorrow.
He also pointed to the recent introduction in the UK of the Investigatory Powers Act, which he called the toughest piece of legislation ever amongst the Western democracies. Meanwhile, the Russians now have what the locals there call the ‘Big Brother’ law, which caused Snowden to quip:
And when Russians call it that, you know you have a problem.
He suggested that this is now becoming something of a front line for open source developers for they are well-placed to ensure the strength and robustness of applications code. He even went so far as to hint that they were now amongst those in the strongest position:
Even the courts are very hesitant about challenging governments, for judges are people too and vulnerable to fear. The weakest link are now the humans. So the old processes are beginning to fail. So the need now is to develop protocols that are ever-present and surround us, and protect at the systems level, where rights cannot be abrogated.
It is no longer a question of whether we can we do it, nor one of whether we should do it. But I would say that, for the benefit of all and those that follow, that we must do it.
For some, including the current occupant of the Oval Office, Edward Snowden is a traitor. To others, he’s a scandal whistle-blower on a global scale. Nothing he said at OpenStack Summit is likely to change anyone’s perspective on that.
Leaving aside the political reaction, Snowden’s espousal of the power of ‘The Collective’ in the form of the open source communities as a point of defence I found to be thought provoking. After all, not only are there a hell of a lot of them, but they do have the tools – and therefore the power – to achieve some of the potential good to which he alludes.
Image credit - Courtesy of Marcus Austen