Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Yahoo Encrypts Data After Reports of NSA Snooping

It wouldn't be a stretch to say that Yahoo's decision to encrypt all data moving between its data centers in order to protect its users from the prying eyes at the National Security Agency represents a low water mark in the history of the United States.

In fact, maybe it's time to expand the Second Amendment by adding the following declaration: The right of the people to encrypt their data shall not be infringed. Because let's face it, what Yahoo (and Google before it) is doing is bearing arms in the battle to keep the U.S. a free nation. The Washington Post reported in September that Google was stepping up its encryption efforts in the wake of the NSA surveillance revelations.

At the very least, we have reached a truly bizarre and disturbing moment in the history of information security when two of the most powerful tech companies in the world must turn their focus to defending themselves not against the cyber terrorists of the world, but rather against our own government. It's a surreal development that tests the high level of patriotism normally found in the security ranks.

"There are many folks in the IT security community who strongly believe a benevolent government, such as the United States, is justified in doing anything necessary to protect its citizens from a plethora of harms and evil doers," Larry Ponemon, founder of the Ponemon Institute, a privacy and data protection think tank, said via email. "The obvious problem with this argument is that despite good intensions, governments can morph into a very dangerous evil doer."

In other words, nothing we hear about the NSA should surprise us any more. From this point forward, we -- and the companies we trust -- have no choice but to look upon our government as the enemy, at least so far as our personal information is concerned. Most of us probably half expect to wake up in the morning to find an NSA snoop going through our medicine cabinets.

[Read how reports of NSA surveillance have shattered trust in the security of WAN connections from service providers and why you should encrypt now in "WAN Encryption Tops the Agenda After NSA Revelations."]

Apparently, Eric Schmidt is in that camp, judging from comments he made during a speech in Washington this week. During a lecture at Johns Hopkins University, the Google CEO reportedly said the tech industry could end censorship (and presumably, government snooping) in a decade.

"The solution to government surveillance is to encrypt everything," Schmidt was quoted by multiple outlets as saying. He went on to suggest that we should expect to see the steps Yahoo and Google are taking duplicated throughout the tech world.

And it's not just tech companies that are taking action. The Internet Engineering Task Force, an open community that develops Internet protocols, is also considering beefing up Internet security to better fend off the kinds of activities detailed in the infamous documents leaked by former NSA contractor Edward Snowden.

Until that kind of widespread effort becomes reality, however, it will be up the Googles, Yahoos, and other stewards of massive amounts of consumer data to keep the NSA at bay. It's an unexpected chapter in the brief history of the Internet, to be sure.

"It is amazing to me that companies like Google and Yahoo have to devise cryptological solutions to keep the NSA outside their doors," Ponemon said. "Frankly, I never saw this coming."
Neither, apparently, did Google or Yahoo. Nor should they have.