Ever since Edward Snowden blew the whistle on PRISM, the NSA’s no longer secret surveillance program, we know one thing with certainty: nothing that happens online can be considered private. Worse, the leaked documents revealed that companies like Microsoft, Yahoo, and Google have been participating in the program, forwarding user data to the US government. As a result, users from around the world have started to withdraw from US services like Google or Facebook.
Can you really escape the intelligence services’ data hoarders by avoiding specific services? As similar programs in France, the UK, and Germany are revealed, this seems highly unlikely. Moreover, reverting to a service in your home country or a neighboring country that does not record Internet data, doesn’t necessarily mean your data will be safe. The way the Internet works makes data privacy and security much more complicated than that. Let’s have a look at how this works.
How The Internet Works
Without going into detail, let’s just say users rarely make a direct connection to an online service. Between point A and B, Internet traffic always passes through several nodes or servers. The sequence of nodes depends on current traffic or data volumes available to the respective provider. Rather than making the most physically direct route, servers typically route traffic along the fastest or least expensive route. Thus data packages can take very awkward turns before they reach their final destination.
Obviously, the Internet is an international affair and historically the bulk of the infrastructure is located in the US. In other words, it is very likely that data will pass through a server in a country that engages in Internet surveillance, regardless of where the data originated or where they are meant to go.
To learn about the technical details, have a look into our guide on How The Internet Works.
Follow The Route Of Your Data With Traceroute
You can trace the route of traffic for yourself using a command line / terminal tool called traceroute.
In your MAC OS, go to Network Utilities, select the Traceroute tab, and type the traceroute command, followed by the domain name in the terminal.
In Windows, click [Windows] + [R], type in cmd and hit [Enter]; this will open the command prompt. Now simply enter the command tracert, followed by the domain name.
A traceroute to MakeUseOf.com for example revealed that between my router in Berlin, Germany and the target server in San Antonio, Texas, data packages passed through 20 different nodes, located in Germany, France, and the US.
If you’re not comfortable running a command line prompt, you can use the online tool Just-Traceroute or the Mac desktop app WhatRoute.
OpenDataCity Traceroute Demo
You can also get an idea of how traffic is routed using the webapp of German data specialists OpenDataCity. The app visually demonstrates the route of data packages from Germany to a set of exemplary websites like Amazon, Skype or YouTube. Following a list of servers which the data passed through, the app also lists potential data snoopers.
The example pictured above demonstrates that even data of a local German organization, in this case the yellow press paper BILD, passes through an American server, before being re-routed back to Germany.
What Can You Do?
Not much, except not shutting up about how all of this is a really bad idea. Like this German artist, who projected the words United Stasi of America onto the US embassy in Berlin, Germany.
Government eavesdropping is a highly sensitive topic in Germany, evoking memories of the Nazi Gestapo and the Stasi security police, which used a vast network of informants to crush dissidents in communist East Germany. (…) Washington’s spy methods make the former East German secret police look like boy scouts. – Reuters
You cannot escape international intelligence agencies. The data hoarders sit everywhere and the way Internet traffic is routed means it will pass by one of them at some point. Once you are online, chances are your activities will be recorded and stored somewhere. Encryption only makes you more suspicious and while agencies like the NSA may not be able to crack the encryption code now, they will be cracked in time. Meanwhile, the data is safely stored in their data center.
The upside is that the NSA or other secret services likely have a backup of your precious family photos, provided you shared them on Facebook.
What do you think of PRISM and has it had consequences for any online services you use or how you use the Internet in general? Please elaborate in the comments.