IT security and privacy of data, particularly with the NSA and the government (Edward

Snowden Leaks)

Justin Seay

WGU

English Comp II

Jennifer Richmond

1/24/2022
 IT security and privacy of data, particularly with the NSA and the government (Edward

Snowden Leaks)

The world has become a global village, and in the 21st century, the internet and social

media are the primary things that people are associated with. IT security and data privacy have

become basic needs as individuals fight to retain their privacy within an internet and social

media driven world. There has always been rumors that the government has taken liberties in

data mining and surveillance data. storing them in bulk and using them for their own gain. This

rumor contributes the idea that data privacy and internet security is a global problem since the

internet is interconnected globally; meaning if one part of the world does not provide security for

its users, this may affect other areas of the world. A prime example of this is the Edward

Snowden leaks and how the government, particularly the NSA, exploits users' data in their day-

to-day work behind the user's concern. Research suggests data privacy and IT security is a global

problem because of how cybercrimes have continued to rise, the alarming rate of which illegal

data mining has occurred and what has contributed to the increase, different ways we, as a

society, do not enjoy true IT security and data privacy, and finally how the laws governing data

privacy are weak, contributing to a global problem, not just a national problem

The country's laws governing security and privacy are weak, with clear proof from the

Edward Snowden case. It calls for the government representatives to develop better ways to

define privacy and better approaches to use if they need any information. Lundgren and Möller

propose new approaches to describe information security and the optimal method for defining

data access. Because of data breaches, policy, legislation, and ethics in data, the authors believe

it is important to create a clearer definition of information security in today's society. According

to the CIA, information security is defined as the availability, integrity, and secrecy of data
(Lundgren & Möller, 2019). Every user's data should be kept private and accessible whenever

they need it and be thorough and correct. According to the authors, the CIA definition is too

wide and too limited, and it fails to adequately address the international challenge of data

security. The authors believe that by combining the strongest aspects of both AA and CIA

information security, we should design a system that combines both. With what we have and

what everyone is yearning to achieve, the government can propose better ways to approach with

the help of human activists to respect surveillance privacy and maintain national security.

Howe explores how the information privacy breach and security in NSA can cause more

harm to the people as the organization can be targeted by the cybercriminals. Through data

access, the workers working in this organization can threaten the public since they own users'

information, which is a threat to the public (Howe, 2019). Like any other worker in the NSA

offices, the author suggests that Edward Snowden had more than enough information about the

citizens around the world, which created a threat to the public. When one of the employees at

NSA stops working or quits the organization, they have more power than threatening the public.

The NSA continues to be under attack from cybercriminals due to the large amounts of

surveillance data they maintain. According to the Author, the NSA has still been reported to

assist in different attacks, such as the Stuxnet attack by the information they had gathered on the

nuclear facilities in Iran. Snowden continues to be a threat today can be a threat to the national

stage because the agency he was working in has given him more power to access other people's

crucial information that he can use even after leaving the organization. This creates the issue of

cyber security and other related crimes, which have been a problem to the world in the modern

era.
 Edward Snowden was later considered a cybercriminal and a traitor to the country since

he could provide information he gathered to the press in and out of the country. This was funny

since the government had provided him the job which other people were still doing all this time

in NSA. Cybercrime is of different types, and they include hacking- this is an act committed by

an intruder by accessing a computer system without the user's authority. Botnets are networks

from compromised computers that can be controlled remotely by hackers. They can be used to

act as malware to perform harmful tasks. Phishing is an attack where the hacker sends URLs or

email attachments to users to access their accounts and computers. Users are tricked by emails

telling them they need to change their password or update their credit card information to allow

the criminal to access their accounts. Online frauds are in ads that promise rewards or offer a lot

of money to the users quickly. These rewards are considered too good to be true. Cybercriminals

harass people via emails, discussion sites, and websites. Exploit kits are readymade tools that

criminals can buy online and use against anyone who uses a computer. Identity theft occurs when

someone pretends to be you to access resources like credit cards, bank accounts, and other

important information. The imposter can use one's identity to commit crimes such as credit card

fraud. Denial of service attacks is used to make an online service unavailable and take a network

down by overwhelming it with traffic. Piracy is copying and distributing programs, movies,

music, or other intellectual property without the owner's permission.

Some of the effects of cybercrime are losing money due to online theft and reputation due

to licking personal information by hackers. Files become corrupted by the malware sent by these

criminals, a lot of money is used to fix the problems and prevent cybercrimes. Loss of data, when

a hacker attacks a website, they change and destroy data such that even after recovery, some of

the data may be lost. Companies may also be affected in cases where a company may face fines
and penalties due to failure to protect the customer's data. A company may lose investors due to a

security breach leading to a drop in a company's value. After a security breach, the customers

lose their trust in the company and lose their ability to gain new customers. Rumson ware attack

is where a criminal demands money to stop an attack. Cybercrime can be prevented by using a

strong password, avoiding repeating passwords on different sites, and regularly changing your

password. Make your password complex by combining letters, symbols, and numbers. Keep your

software always updated to avoid cybercriminals accessing your information. A company should

create a cybersecurity response plan to deal with cybercrime. It should also train employees on

cybersecurity policies and what to do if they are hacked.

Cobb researches data protection and privacy in the country and how individuals' interests

are being served. In the name of finding criminals, the country has failed to achieve the data

protection standards by accessing information that should not be accessed in any way (Cobb,

2016). The country legislation has failed to protect the surveillance by granting the state more

power to violate the people's privacy. People do not feel safe on the internet and social media

platforms because they feel that they are always being monitored in everything they are doing.

The author concludes that US data protection does not balance individual security and commerce

satisfaction. According to the survey times, a security breach has occurred many times to achieve

national security. Even after decades of human rights activists and other people such as Ware

1973 fighting for fair information practices in the country, the state of privacy and data security

has never been achieved. Private organizations and the government violate privacy as they

collaborate and share information about the users.

In modern times, social media platforms such as Facebook, Twitter, and Instagram have

more than 90% of human data (Fuchs & Trottier, 2017). Every user using these platforms must
provide detailed information to access usage. The government has less information that they can

use to provide full detail about someone, and thus they have to rely on private institutions to

share data. To provide national security, most people have argued that the government must have

access to surveillance data. Having this data means a faster response time to anything or any

anonymity that needs to be investigated. The government has no legislative power that grants

them this ability and thus breaks the law, and with private cooperates, they can access this data.

Edward Snowden's disclosure showed how the government could do anything through NSA to

ensure that they have full information on anything they want to get regardless of whether they

are breaking the law. With terrorist planning their attacks through social media platforms, some

citizens suggest that the government agencies should have the power to collect necessary

information and protect their citizens.

Von Solms and Van Heerden's paper provide the consequences of Snowden disclosure

and its impact on the surveillance and the law that govern the country. It provides all the events

through a clear timeline of the events and different countries' reactions to what the USA was

doing and what giant companies based in the US were doing with the user's information (Von

Solms & Van Heerden, 2015). After the disclosure, the country, through the president, claimed

that the law that governs data protection was to be changed. Some other positive consequences

meant the people would be more secure than before to protect data. Disclosure made by

Snowden only meant that the country was using the wrong method of getting data. Even though

Snowden provided the information, the process continued; he was considered a traitor and not a

whistleblower. The foreign relations with the country and the NSA and the people relationship

were also destroyed since people started losing trust in the government, and the issue became a

debate.
 Failing to provide security to Edward Snowden and not thoroughly following the case of

Snowden shows the legitimacy of the situation in the NSA. Edward's life is always in danger as

he is considered a threat to the country since they know that he has more than enough evidence.

Edward is even considered a traitor to the nation by telling the whole world the truth about the

situation and data privacy in the country. His case tries to eliminate any other whistleblower

since they understand the consequences of their action after seeing what Snowden went through

after providing proof to the world. The government tends to eliminate those against them by

making them keep quiet, which is against the rights and privileges that the people have.

When one group feels threatened, everyone will not work in helping others to achieve

their best. This is the problem in today's country, where the government and the surveillance do

not trust data privacy. The laws are not followed, and the government has not put in place any

step from the day of Edward Snowden's disclosure to show how motivated they are to protect the

people. The United States lacks robust rules that protect the privacy and security of its users'

data, with just a handful that are not obeyed by government entities. Landau explains how the

National Security Agency acquires data and if they utilize surveillance to use data for their

purposes to improve security (Landau, 2016). Legal issues such as Smith vs. Maryland have

clarified the idea of data security and the regulations that regulate how surveillance is protected.

The authors conclude that telephone metadata is revelatory without the concern of its users,

making surveillance data difficult to govern and safeguard. The paper concludes that the

government does not need to work hard to ensure data privacy. Even if the data is securely

secured, they will always find methods to press for more access, even though metadata is a

relatively new notion.

 When the government fails to put in place proper security measures, the nation ends up

always at threat of cyber security. Since national institutions such as NSA are involved in data

breaching, employees can access data and provide it to people who later use it for their gain. This

is an example of accelerated cybercrime but bad choices made by the government as a way of

protecting the people. Cybercrime attacks may start wherever there is digital data, opportunity, or

motive to commit them. Cybercrimes are distributed in nature. This is where criminals rely on

other people to do the crime. Social engineering involves psychological manipulation to trick

users into making security mistakes or giving away sensitive information; cybercriminals use it

as a component to carry out most types of cybercrimes. Cybercriminals may target personal

information or some company's data for resale. Internet connectivity leads to increased

cybercrime as a criminal does not need to be present while committing the crime. Cybercrime

can be carried out by people with little or no technical skills. These groups choose to carry out

these crimes in countries with weak or nonexistent cybercrime laws to reduce the chances of

being caught. According to research, approximately 1.5 million dollars was lost in 2012 to online

credit and debit card theft.

The citizens have no clue what goes behind the scenes, with most of them believing that

the internet and social media are secure and their data is protected. This Fuchs and Trottier work

aim to show how computer and data specialists perceive the internet and social media issue due

to the Snowden leak, using mass-surveillance tools like Tempora, Xkeyscore, and prism (Weber,

2010). The two independent, focused groups of each five computer professionals stationed in

London to acquire the necessary data for the investigation. The authors concluded that citizens

did not know what goes on behind the scenes based on the outcomes of their research. With the

help of secret services, concealed cooperation and government agencies have a lot of access to
surveillance data. The problem is not limited to the United States; it also affects the UK,

Australia, Canada, and New Zealand. This exemplifies data security, the internet, and social

media challenges. The world has a problem related to the right to privacy, with the main

institution responsible for protecting people working hard to steal their data.

IT security has always been a problem to the state and the whole world due to the

advancing and changing technology which leads some parts to lag while others are advanced.

The government is always at the front line to equip itself with the best Internet of Things and the

best network available, making it easy to manipulate the surveillance. The Weber work examines

the security and privacy problems of the Internet of Things and the chain network impact on the

security and privacy of its users. The authors were able to show how security and privacy may be

accomplished through their study on resilience attacks, access control, and authentication. The

private sector has become a major problem in breaking the regulations and gaining access to

people's data without their consent, failing to follow security requirements (Weber, 2010). This

is at the most fundamental level since when laws and legislation are changed, the government

often uses its power and the assistance of the private sector to gain access to whatever

information they require to protect national security. The authors suggest that the government

must guarantee that citizens have access to information through appropriate laws and that

Internet of Things and IT security policies are consistently supported.

The surveillance has always been in fear of data breach or lack of privacy on their data

which was brought to reality by Snowden disclosure. People will always use the internet and

social media while the government continues snooping the surveillance data. The authors recount

the events and how people's fears about security breaches and privacy in the country have

increased due to the Snowden revelation and its global repercussions. After learning about the
security difficulties in the United States, the essay highlights the key developments that occurred

in many world places. This is in response to Edward Snowden's revelations on the importance of

preventing surveillance and national data from leaving the country owing to the US's lack of

privacy and security. According to the author, some countries have difficulty trusting others

because they think they are not adhering to international security norms, which might be

detrimental to their country. Canada, Germany, Brazil, Australia, China, and Malaysia are

working to tighten their legislation to safeguard their users' security and privacy. According to

the author's research, the United States does not trust or is unwilling to trust others. The internet

and social media platforms should provide the users with the assurance that their data will

always be protected and eliminate any chance of being manipulated by the government.

Conclusion

IT security and data privacy in the country seem to be one thing that does not exist in the

country in any way. The government agencies such as NSA have brought into reality the lack of

data privacy-violating human rights as they work on accessing surveillance information. The

main problem with the country is that people are always promised safe and secure data

protection, but in the end, their information is breached and used for other wrong purposes. With

all these incidents, cybercrimes have risen as there are breaches and chances of acquiring private

data in many different ways without any trace. The problem of data privacy and internet security

has become a global problem since the internet is interconnected globally. If one part of the

world does not provide security for its users, this may affect other parts. To provide advanced

data security and privacy, the country needs to develop laws that fight big cooperation, such as

NSA from accessing information without consent. The existing legislation should be thoroughly

followed, and any whistleblower is protected by new laws that will be put in place. When there is
trust in the country, everyone will achieve the best, not some group trying to bring others down

by going behind their backs.

Annotated Bibliography

Lundgren, B., & Möller, N. (2019). Defining information security. Science and engineering

ethics, 25(2), 419-441. https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6450831/

The article proposes the new ways to define information security and the best way to define data

access. Due to data breach problems, policies, and law and ethics in data, the authors find it

important to look for a better definition of information security in the modern world. According

to the CIA definition, information security is based on availability, integrity, and confidentiality.

Every user data or information should be confidential and available whenever they need it and

ensure that it is complete and accurate. According to the authors, the CIA definition is too broad

and narrow, which does not accurately solve the international data security problem. The authors

conclude that with both AA and CIA information security, we should combine the most powerful

aspect of the two and develop a solution that brings conflict between information security and

privacy in our country. The relevance for this source shows the myriad ways needed for

information security and how we could secure it. Lundgren has a Doctorate in Philosophy who

has published twenty-one publications, along with him we have Moller who is affiliated with

Stockholm University, KTH Royal Institute of Technology, and the Royal Canadian Institute of

Technology. The two gentlemen writing the paper cover a wide gambit of the source material.
Landau, S. (2016). Transactional information is remarkably revelatory. Proceedings of the

National Academy of Sciences, 113(20), 5467-5469.

https://www.ncbi.nlm.nih.gov/pmc/articles/PMC4878502/

The article investigates the concept of metadata, content, privacy, and the law regarding

surveillance communication. The author describes how the National security Agency collects

data and targets surveillance to use their data to enhance security. The concept of data security

and the laws that govern how the surveillance is protected with legal cases such as the Smith vs.

Maryland case. The authors conclude that the telephone metadata is revelatory without the

concern of its users, making it hard to control and protect the surveillance data. The article

concludes that the government does not necessarily ensure data privacy is achieved. If the

content is well encrypted, they always find ways to push and have greater access to the data.

Even though the concept of metadata is being recognized and valued by the government, the new

technologies always complicate the concept each day. Susan Landau is an American

mathematician, engineer, cybersecurity policy expert, and Bridge Professor in Cybersecurity and

Policy at the Fletcher School of Law and Diplomacy at Tufts University. She previously worked

as a Senior Staff Privacy Analyst at Google. She was a Guggenheim Fellow and a Visiting

Scholar at the Computer Science Department, Harvard University in 2012. The relevance of this

source shows how data is being collected and how that can affect the populace.

Fuchs, C., & Trottier, D. (2017). Internet surveillance after Snowden: A critical empirical

study of computer experts’ attitudes on commercial and state surveillance of the

Internet and social media post-Edward Snowden. Journal of Information,

Communication, and Ethics in Society.

The article's purpose is to provide meaningful results of how the computer experts and data

experts view the issue about the internet and social media as a result of the Snowden leak based

on mass-surveillance systems, for example, Tempora, Xkeyscore, and prism. To gather the

required data for the analysis, the authors conducted two different focused groups of five

computer experts based in London. According to the results and findings of their study, the

authors concluded that the citizens have no idea of what is done behind the scenes. The

surveillance data is highly accessed by the secrete cooperation and government agencies with the

collaboration of the secret services. The problem is in the US and the other big five countries: the

UK, Australia, Canada, and New Zeeland. This indicates the world's universal problem regarding

data security, the internet, and social media. Christian Fuchs is an Austrian social scientist.

Fuchs, is Professor of Media, Communication & Society at the University of Westminster, where

he is the Director of the Communication and Media Research Institute (CAMRI). Fuchs has been

influential in the study of modern-day social media.

Weber, R. H. (2010). Internet of Things–New security and privacy challenges. Computer

law & security review, 26(1), 23-30. DOI:10.1016/j.clsr.2009.11.008

https://www.sciencedirect.com/science/article/abs/pii/S0267364909001939

The article reviews the Internet of Things security and privacy challenges and the chain network

effect on the security and privacy of its users. The authors have explained how security and

privacy can be achieved with the research on resilience attacks, access control, and

authentication. The private sector has become one of the main problems in breaching the rules

and accessing people's data without their concern, thereby failing to follow security guidelines.

This is at the basic level since with adjustment of laws and legislation; the government usually

uses their power and help of this private sector to access every information they need to maintain
national security. The authors conclude that the government must ensure that the people have the

right to information through respective legislation and ensure that Internet of Things and IT

security legislation are always supported. The client security and privacy need to be established

and protected from all sides based on the law with measures taken to any breach. Rolf H. Weber

studied at the University of Zurich and at the Harvard Law School. Since 1995 he is chair

professor at the University of Zurich and since 2006 a visiting professor at the University of

Hong Kong, teaching and publishing in civil, commercial, and European law with special topics

in Internet, media and competition law, international finance and trade regulation.

Mahmoud, F. Z. M., & Zeki, A. M. (2016). Edward Snowden disclosures turn the fears of

surveillance into reality: the impact and transformation in information

security. Journal of Theoretical & Applied Information Technology, 83(2).

The article describes the events and how the people's fear of their security breach and privacy has

raised after the Snowden disclosure and its impact on the world. The article describes the major

changes made in different parts of the world after learning the security issues in the US. This is

after Edward Snowden's revelation, which includes protecting the surveillance and national data

from leaving the country due to weak privacy and security in the US. The author states that some

countries find it difficult to trust others since they do not follow international security standards,

which may be dangerous to their countries. The countries include; Canada, Germany, Brazil,

Australia, China, and Malaysia, which try to improve their laws to protect the security and

privacy of their users. According to the author's literature findings, the USA does not trust or

have confidence in their leaders after Snowden. They cannot defend their freedom of internet and

data privacy.
Von Solms, S., & Van Heerden, R. (2015). The consequences of Edward Snowden NSA-

related information disclosures. In Proceedings of the 10th International Conference

on Cyber Warfare and Security: ICCWS 2015 (pp. 358-368).

https://www.researchgate.net/publication/275019554_The_Consequences_of_Edwar

d_Snowden_NSA_Related_Information_Disclosures

The paper provides the consequences of Snowden disclosure and its impact on the surveillance

and the law that govern the country. The article provides all the events through a clear timeline

and different countries' reactions to what the USA was doing and what giant companies based in

the US were doing with the user's information. After the disclosure, the country, through the

president, claimed that the law that governs data protection was to be changed. Some other

positive consequences meant the people would be more secure than before to protect data. The

authors conclude that the disclosure made by Snowden only meant that the country was using the

wrong method of getting data, and the process was continuing since even though Snowden

provided the information, he was considered as a traitor and not a whistleblower. The foreign

relations with the country and the NSA and the people relationship were also destroyed since

people started losing trust in the government, and the issue became a debate. Cybercrimes are

accelerated by what measures that the country put in place. Most cyber criminals carry out this

crime to acquire money. Computers may be targeted to damage, disable them directly, or infect

them with a computer virus, which is then spread to other machines and other networks.

Computer engineer and researcher with a keen interest in cyber security, impact of engineering

technology & engineering education. Renier van Heerden PhD is council for Scientific and

Industrial Research, South Africa.

Cobb, S. (2016). Data privacy and data protection: US law and legislation. An ESET White

Paper, 1-15.

https://www.researchgate.net/publication/309456653_Data_privacy_and_data_prote

ction_US_law_and_legislation

The paper researches data protection and privacy in the country and how individuals' interests are

being served. In the name of finding criminals, the country has failed to achieve the data

protection standards by accessing information that should not be accessed in any way. The

country legislation has failed to protect the surveillance by granting the state more power to

violate the people's privacy. The author concludes that US data protection does not balance

individual security and commerce satisfaction. According to the survey times, a security breach

has occurred many times to achieve national security. Even after decades of human rights

activists and other people such as Ware 1973 fighting for fair information practices in the

country, the state of privacy and data security has never been achieved. Stephen Cobb has over

three decades researching, writing, and teaching at the nexus of technology, ethics, crime, and

public policy. Now exploring effects of patriarchy on the use and abuse of technology.

Howe D., (2019) Deciphering How Edward Snowden Breached the NSA [Five Years Later].

VENAFI https://www.venafi.com/blog/deciphering-how-edward-snowden-breached-

the-nsa

The article explores how the information privacy breach and security in NSA can cause more

harm to the people as the organization can be targeted by cybercriminals. Like any other worker

in the NSA offices, the author suggests that Edward Snowden had more than enough information

about the people, a threat to the public. When one of the employees stops working or quits the

organization, they have more power than threatening the public. The NSA still has been attacked
with cybercriminals managing to acquire private information as the NSA keeps bulk surveillance

data. According to the Author, the NSA has still been reported to assist in different attacks, such

as the Stuxnet attack gathering information on the nuclear facilities in Iran. The author concludes

that most of the problems relating to cybercrimes can be solved through security coordination

and access control.

 References

Cobb, S. (2016). Data privacy and data protection: US law and legislation. An ESET White

Paper, 1-15.

https://www.researchgate.net/publication/309456653_Data_privacy_and_data_protection

_US_law_and_legislation

Fuchs, C., & Trottier, D. (2017). Internet surveillance after Snowden: A critical empirical study

of computer experts’ attitudes on commercial and state surveillance of the Internet and

social media post-Edward Snowden. Journal of Information, Communication, and Ethics

in Society.

Howe D., (2019) Deciphering How Edward Snowden Breached the NSA [Five Years Later].

VENAFI https://www.venafi.com/blog/deciphering-how-edward-snowden-breached-the-

nsa

Landau, S. (2016). Transactional information is remarkably revelatory. Proceedings of the

National Academy of Sciences, 113(20), 5467-5469.

https://www.ncbi.nlm.nih.gov/pmc/articles/PMC4878502/

Lundgren, B., & Möller, N. (2019). Defining information security. Science and engineering

ethics, 25(2), 419-441. https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6450831/

Mahmoud, F. Z. M., & Zeki, A. M. (2016). Edward Snowden disclosures turn the fears of

surveillance into reality: the impact and transformation in information security. Journal

of Theoretical & Applied Information Technology, 83(2).

Von Solms, S., & Van Heerden, R. (2015). The consequences of Edward Snowden NSA-related

information disclosures. In Proceedings of the 10th International Conference on Cyber

Warfare and Security: ICCWS 2015 (pp. 358-368).

https://www.researchgate.net/publication/275019554_The_Consequences_of_Edward_Sn

owden_NSA_Related_Information_Disclosures

Weber, R. H. (2010). Internet of Things–New security and privacy challenges. Computer law &

security review, 26(1), 23-30. DOI:10.1016/j.clsr.2009.11.008

https://www.sciencedirect.com/science/article/abs/pii/S0267364909001939