Classified Data Leaks Tough to Stop, Sure to Continue, Experts Say
With global citizens and governments dealing with cyber-surveillance and its impact on personal freedom, classified document leaks will continue and that's not a bad thing, say security and law experts.LAS VEGAS—The leak of secret U.S. documents describing the expansion of the government's Terrorist Screening Database has reopened the debate over whether whistleblowers should be prosecuted and how agencies and companies can prevent leaks of sensitive information. At the Black Hat security conference here, noted security expert Mikko Hypponen argued that many breaches—Edward Snowden's leaks of National Security Agency documents among them—shed light on the opaque operations of government and so serve a public good. Because of the penchant for over-classification and the restriction of information about government operations, information relevant to personal freedoms and human rights is rarely released by the government on its own initiative. "I hope that we get more people like Snowden, but in other countries, not just the United States," said Hypponen, the chief research officer at F-Secure. "We have learned a lot because of Snowden, but the rest of the world continues to be opaque." On Aug. 5, The Intercept, the publication co-founded by journalist Glenn Greenwald, released documents leaked by a source "in the intelligence community" other than Snowden. The documents reveal that 680,000 people are in the Terrorist Screening Database, frequently referred to as a "terrorism watchlist," and that 40 percent of those people are not affiliated with any known terrorist organization.
The leak represents a third major source of classified information on U.S. government operations in the last two years, according to Bruce Schneier, chief technology officer for incident-response toolmaker Co3 Systems. In addition to Snowden, another source has leaked information from Germany on the NSA's TAO group and on the targeting of German chancellor Angela Merkel, he told eWEEK at the Black Hat security conference.