Allow me to preface this by underscoring that I’m not becoming a Johnny-Come-Lately supporter of the Snowden/Greenwald clique. That said, unless we learn new mitigating evidence (always possible), I can’t help but to be a little creeped out by the new Snowden revelation in The Guardian about how the British GCHQ collected screen grabs and metadata from millions of Yahoo! webcam chats.
From 2008 to 2012, the British counterpart to the National Security Agency tapped into cables allowing it to sweep up internet communications including still-frames from video chats perhaps, but not confirmed to include American citizens. The program, codenamed Optic Nerve, “experimented” with facial recognition software to match the users’ faces with those of targeted terrorists or bad actors.
Reporters Spencer Ackerman and James Ball reported that the GCHQ doesn’t have any rules requiring minimization of inadvertently collected data.
Additionally, “between 3% and 11%” of the images contained nudity (I think we’re all old enough to remember the very public, and very naked “Chat Roulette” site).
What makes this more obnoxious than other revelations is the combination the sheer volume of the collection, coupled with the existence of so many un-minimized and sometimes pornographic images, including perhaps American faces/privates. On top of that and as with the bulk collection of metadata, it’s clear that these methods of capture are just too cumbersome and sloppy to be effective. There has to be a more precise way to do this.
But I say all of this with a large dollop of caution because as we’ve witnessed time and time again, new information not included in the articles has invariably emerged within days of a new revelation, often rendering impotent the impact of the stories.
In this case, no matter how creepy this might seem, the reporting was typically murky, scattered and vague. Additionally, there are indeed several things in the article as well as within an article in Pando Daily that somewhat mitigate the news.
–This is the U.K. government, not the U.S. government.
–The user accounts were anonymous. There’s nothing in the reporting that indicates the GCHQ matched proper names to the images. Ackerman and Ball write that it was impossible to “filter out information from UK or US citizens” because the images were anonymous.
–The content of the chats weren’t recorded, nor was any video captured. The Guardian: “[T]he program saved one image every five minutes from the users’ feeds, partly to comply with human rights legislation, and also to avoid overloading GCHQ’s servers.”
–Distributing any naked images was a “disciplinary offence.” At least there’s that.
–The program required oversight by the foreign secretary under the Regulation of Investigatory Powers Act, William Hague.
–Ackerman and Ball invoked the Orwell 1984 metaphor, which, much like Godwin’s Law and Nazi references, is unnecessarily hyperbolic.
—Pando Dailyreported Thursday that during the time of this operation, many Yahoo! chats were in fact public, meaning anyone could see them. In addition, Yahoo! didn’t encrypt its private chats until 2012, coincidentally when Optic Nerve ended. What this means is that any low level hacker could see the private chats of anyone, anonymous or otherwise. Again, Optic Nerve only looked at anonymous chats. I asked Ackerman yesterday for clarification on whether the collection was from private chats or public chats or both. He has yet to respond.
Decide for yourself whether these mitigating observations blunt the impact of this revelation. At first glance, I felt this was a step over the line of propriety, but given these additional facts, I’ve downgraded my reaction to “creepy.” I suspect we’ll learn more in the coming days.
One thing is abundantly clear: after so much crying wolf, people who might otherwise be concerned about something like Optic Nerve are probably not paying attention any more.