THE BLOG
12/17/2013 02:28 pm ET Updated Feb 16, 2014

The Problem Is NSA Overreach, Not the Technology We Use

Blaming big tech companies for enabling our runaway surveillance state is like blaming Toyota or Ford for drunk drivers. It's a dangerous distraction, and it's the wrong strategy if we want to reform the system and restore the Right to Privacy in America.

Late last Tuesday the Washington Post revealed how NSA uses Google advertising cookies to select targets for hacking. Putting aside that WaPo uses cookies on its blog, as do almost all online businesses, we need to be clear that civil liberties proponents should focus on NSA overreach, not the existence of behavioral advertising. After all, most people like ads targeted to their interests, and it's an important tool for the retail sector to generate sales.

While it's not clear from the WaPo article how NSA is gaining access to cookie tracking information, it's likely they're once again using underhanded tactics to break in. Like when they hacked Yahoo and Google servers to harvest user information.

This news comes as Microsoft executive vice president Brad Smith revealed last week that Microsoft's security team now considers the U.S. government an "advanced persistent threat," a term previously reserved for foreign government-backed hackers and cyberterrorists.

While some privacy groups have called for an investigation into big tech companies' complicity with the NSA, and the Heartland Institute writes that we should just go ahead and blame Google, both of these views are mixing up the facts about what it means to collaborate with Big Brother.

We should make no mistake that big tech companies are actively cooperating with the NSA and other government agencies that want to spy on us. But what critics miss is that this happens primarily through secret FISA court requests, and subpoenas under ECPA (a 1986 law that says the feds don't need a warrant to see your online communications and private data).

These companies are forced to do so under penalty of law -- increasingly to the detriment of their bottom lines, and weakening public trust in their products. Indeed, they're not legally allowed to reveal details about many of these requests, as Yahoo CEO Marissa Mayer recently called attention to (prompting a few companies to sue the government so they can be more transparent).

So while it's true they cooperate with the government, it's unfair to say these companies are trying to help NSA (with the possible exception of some telecoms). Especially when most of them depend on the trust people place in their technology.

As the Snowden revelations have made clear, there are a number of ways big tech companies don't cooperate with government, but nonetheless have been hacked or otherwise have had their data compromised by the government.

Big tech firms have been quick to respond to this threat. Almost daily news stories about new breaches in their software, encryption, and hardware have led them to ratchet up encryption for much more of their data, and raise new barriers against U.S. government-sponsored hacking. As Mike Masnick at TechDirt points out, Google will likely soon find ways to better implement advertising cookies to protect users from government snooping.

Americans place a lot of trust in technology. It's hard to even list how much sensitive, personal information we entrust to Apple, Microsoft, Google, and Facebook, among others. Their businesses rely on our trust, and cooperating with NSA is very clearly bad for business. What we are witnessing promises to be just the beginning of a digital arms race between the NSA and the private sector.

Scapegoating these companies and their products gets the facts wrong, and distracts from what should be the prime targets of civil liberties advocates: our runaway national-security bureaucracies, and outdated privacy laws.