Edward Snowden Archives - Page 2 of 7

Why we should be worried about relinquishing our privacy to a secret state

29 Dec 14 | Digital Freedom, Europe and Central Asia, News and features, Politics and Society, United Kingdom, United States

(Photo: David von Blohn/Demotix)

Ben Wizner is a director of the American Civil Liberties Union (ACLU) Speech, Privacy & Technology Project — which is dedicated to protecting and expanding individuals’ right to privacy, as well as increasing the control that one has over their personal information, ensuring that civil liberties are enhanced, rather than compromised, by new advances in science and technology.

Winzer has litigated numerous cases involving post-9/11 civil liberty abuses. These include challenges to airport security policies, government watchlists, extraordinary rendition, and torture. He has testified before US Congress, and also traveled several times to Guantánamo Bay, where he has met people who have been held against their will in secret prisons and tortured by the CIA.

In July 2013, one month after the revelations about the NSA’s practices came to light, Winzer became Edward Snowden’s attorney. He was put in contact with him directly through the journalist Glenn Greenwald. I spoke to Wizner, focusing specifically on the issue of maintaining democratic accountability as technology advances.

He spoke about why he thinks Snowden’s actions to break the law were justified for the sake of the public interest; why we should be worried about relinquishing our privacy over to a secret state, as well as corporations that keep all of our data to ensure that they can target us on a daily basis with advertisements; and why both Congress and the courts, in the United States, have been weak when it comes to protecting individual privacy of American citizens.

Index: With respect to tracking devices and GPS systems, can you discuss how important location has become for both governments and corporations who now spy on us as citizens?

Winzer: Well think about it in terms of privacy before you think about it from the point of view of power.

The location data is a proxy for so many intimate details of our lives. Governments can use location data to learn if you are gay or straight, who you are sleeping with, whether you are an alcoholic, or if you have medical conditions. That information is even more useful than he content of conversations.

When people are eavesdropping on conversations you can lie and you can use code.

But with meta data people can’t lie. So we have kind of gotten this debate about privacy backwards. People think that content is more sensitive than meta data. But in bulk, meta data is more sensitive than content. If you ask any law enforcement officer if they were given the choice in a single day, of having your phone calls, or having the meta data, they would take the phone calls. But if they were given the phone calls for a month or two months, they would take the meta data.

Index: Is there really a need in your opinion for the surveillance cameras that operate in places like London, which appears to have more security cameras per square foot than almost anywhere in the world? And is there presence really just creating a culture in western society of fear rather than trust?

Winzer: The issues with cameras, as with so many tracking technologies, is that they are sold to the public as one thing but they are actually something else. There is very little evidence to suggest that surveillance cameras will prevent anything like the bombings that London had in its transportation system in 2005.

There is some evidence, however, that surveillance cameras are useful, not as a predictive technology, but as a forensic technology.

In the US, the position that we have tried to take is that there is a difference between a system like London’s, where the government controls a huge set of surveillance cameras and can track an individual across the city in real time. So what had you in Boston after the bombings in 2013, was that cameras helped the FBI figure out who had started that terrorist attack. But there was no centralised system. It was just that all the privately held data was brought together after that emergency in order to solve that crime. So there you had the forensic benefit without the threat of giving the government that much power to track citizens in real time.

What has been interesting in the US is that while most Americans have been supportive of surveillance cameras, they have a very different reaction to surveillance drones. And its worth thinking about why that might be? There are already cameras that can be surmounted on drones that can survey an entire city in real time and record every inch of the public space. And so that seems like a permanent eye in the sky. Whereas I think people have a sense that they can avoid cameras, even if that is not true. But I wonder if citizens in the UK who were enthusiastic about surveillance cameras would feel differently if the authorities were flying surveillance drones around London?

Index: When was the first time you met Edward Snowden?

Winzer: I had never heard his name until the Guardian published the Snowden revelations in June 2013. The first time that we interacted over an encrypted chat programme was in July of 2013. The first time we met face to face was in Moscow in January of 2014. And by that time we were old friends, having communicated on almost a daily basis for almost six months.

Index: Are you confident that you can get him back to the United States as a free man?

Winzer: It’s certainly the goal to get him back to the United States with dignity and freedom. The second goal would be to get him to a country in Europe or somewhere else. But in the meantime his morale is high. And his life is not so different than if he were living in another country. He spends his days in Moscow for the most part surrounded by computer screens, consuming information, communicating with journalists, lawyers, and participating in the public debate. And before long I think we will see him getting back to work as an engineer and a computer scientist creating tools to make mass surveillance more difficult and to protect privacy. But wherever he lives in the world he wants a very private life. He is someone who would prefer to be anonymous and in the shadows. The good news is that he is still living in freedom and because of technology he is able to participate meaningfully in the public debate.

Index: Can you speak about your experience in the pre Snowden era when the ACLU(American Civil Liberties Union) tried to challenge these illegal spying programmes by the NSA in open courts: did the the US government and US courts say that you didn’t have legal standings to peruse these legal challenges?

And how did the actions of Edward Snowden change that?

Winzer: Snowden’s actions did change a lot. One of the questions he asked me during our first conversation was: do you now have standing to bring these cases? Because he had watched how our challenge to surveillance programmes were thrown out. Not because the courts said the programmes were legal, but because they said that the programmes had no right to be in court. I spent a lot of time representing those who were victims of the Bush Administration’s torture conspiracy: people who were kidnapped off the street and held by the CIA and tortured. And every one of those cases was thrown out on grounds of state secrecy.

So I did not have a lot of confidence in the courts from the moment that Snowden arrived. But now I think the atmosphere around these judicial decisions has changed considerably.

Index: Why have Congress and the courts been so weak in the US thus far on this matter?

Winzer: Well one reason is that the military surveillance-industrial-complex is massively powerful and corrupt.

And if you track campaign donations, you will see that members of Congress who sit on intelligence committees get massively higher campaign donations from the community that they are supposed to regulate: the surveillance and defence contractors who are doing this work. That creates a situation where the people who are most sceptical, are in fact most deferential. But there is political expedience. Who in Congress after 9/11 wanted to be the person who would say: I think the NSA and CIA are going too far.When the Patriot Act legislation was rushed through congress, the vote in the senate was 98 to 1.

So the politics of national security can be very toxic in the US.

Index: And is it the same situation in the courts do you believe?

Winzer: Yes. Imagine, for example, you are a judge, and you are considering a law suit about surveillance or torture. And somebody comes to your chambers from the Department of Justice with a brief case handcuffed to his wrist. And inside it is a secret deceleration from the head of CIA, which says: your honour with all due respect, if you allow this case to go ahead you are going to be responsible for all grave harm to national security. I think most judges in that situation would rather kick the case up stairs. If the judges are going to be involved, let the Supreme Court do it. And many of them have so much respect for the national security officials who are writing those declarations.

Index: But like Congress, the courts are responsive to the public mood, right?

Winzer: Well since Snowden, we have seem judges who are much more willing to stand up to the government arguments. We’ve seen one court say that the NSA’s meta data collection programme was unconstitutional and almost Orwellian. So our Supreme Court is not apolitical. This is tremendous power on the government’s side that is consolidated in one branch of government. And so it’s very easy to see scenarios that would be grave threats to democracy.Some of the them sound paranoid. For example, what if someone in the executive branch wanted to blackmail the justice of the Supreme Court. That would be a trivial matter to do. What prevents it are internal policies and laws. And you have to have a lot of confidence in those policies and laws. And so this is why people use the term data bases of ruin. If we collect these massive amounts of information we really are sitting on a ticking time bomb. And we might be confident that it’s never going to blow up. But we have to be sure that we are making our right way to the future.

Index: Given that we now live in a world where nothing is permanently delated, and where everything is stored in a digital cloud: do you think it’s time there are the same legal protections for email that there is for normal mail? And have the ACLU been doing anything to try and ensure that this happens?

Winzer: We have reached a point where, for the most part, we are there with email. All of the major email providers in the US refuse to disclose email content to law enforcement without a warrant. There is not a lot of case law on this, because the government has been very careful to avoid having courts decide this question, they drop appeals, rather than litigating the question. The federal law that governs law enforcement access to emails is from 1986, before there was a World Wide Web.

And that is wildly out of date. So we do need to update that. But there is all other kinds of information that gets stored in a digital cloud.

Index: Can you explain The Third Party Doctrine and how that affects the rights of US citizens, in terms of giving away their privacy?

Winzer: With The Third Party Doctrine the government basically argues that if we provide that information to a third party— a cloud service for example— that our Fourth Amendment [our right to privacy under the US Constitution] is waived. So that is the argument that government makes to defend the constitutionality of the NSA collecting the meta data of all phone calls that happen every day. Their argument is that by simply dialling the number, you have shared it, with say, for example, the telephone company Verizon, and therefore you can’t claim that the constitution prevents the government from having that same access.

This argument made no sense in the 1970s and it certainly makes no sense today, where the government is not collecting phone numbers from one person’s phone calls, but from everybody’s phone calls, every day. The difference in degree amounts to a difference in kind. It’s not just a question of scale, it’s a completely different surveillance activity. Again, it’s really about how advances in technology should not diminish our rights. We should essentially use the models that we developed for the analogue world in figuring out what legal protections we are going to need in the digital world.

Index: Are the laws in the US, with regards to privacy, woefully inadequate?

Winzer: Yes. But there has been a lot of momentum and progress. And now we are seeing a handful of US states that have passed laws: these say that the government needs a warrant before it can get your location from a phone company. So there is a more broad coalition for privacy protection. And we are seeing progress in the courts. In the last two years we have seen two unanimous decisions in the Supreme Courts, one where law enforcement ruled that if they cease your cell phone during your arrest they have to get a warrant before they search it.

The second is that they said they have to get a Fourth Amendment search for the government to use GPS to track you over time. There is a lot of momentum in the US towards some of the kind of changes that are necessary. It would be much harder to implement those changes with respect to spy agencies like the NSA. So far we have made a lot more progress in restraining law enforcements. But again most Americans are more likely to have interactions with spy agencies.

Index: Where does one draw the line between a certain amount of secrecy to protect the national interest of a nation for security purposes, and then something that boarders on a totalitarian government. And at the moment is the US government in the latter category?

Winzer: The problem of secrecy in a democracy is a very old one. We need to ask what happens when there is a conflict between self rule and self defence?Even in a democracy most of us believe that there are some legitimate secrets that have to do with national defence. So how do you bridge that gap? For the most part I think the way in which we have tried to bridge that gap has failed. We have intelligent committees in Congress that is supposed to rigorous oversight on behalf of all of us. But too often those members of Congress are most likely to rubber stamp and cheerlead for the intelligence agencies, rather than subjecting them to scrutiny.

Courts in the US for a long time now have not wanted to get their hands dirty on issues of national security. And more often than not they defer to the executive branch by saying that they are not experts on these issues. So for the ACLU, one of the very important safety-valves has been whistle blowers and a free press. There is never going to be a neat structural solution to the oversight programmes in democracies. It’s going to be a constant struggle. We need the Edward Snowden’s of this world and the hundreds of leakers whose names are never known. But who provide access that appears everyday in newspapers.

Index: How can we differentiate between government’s and companies spying on citizens. And which is worse in the long term?

Winzer: We need to understand what is at stake with each kind of collection. Sometimes they are linked.

To the extent that the government is able to get information from the companies. But in general governments have powers that corporations don’t have. Governments can take away your liberty and your life. They can target drone strikes. They can lock you up. So traditional civil libertarians and human rights activists are concerned about government surveillance programmes. Mainly because that is where the democratic harms occur and where people can lose their core rights.

Index: Since the Snowden revelations have come out: what do you think we have learned about the relationship between privacy and technology that we may have not have fully understood as a society before them?

Winzer: I would break up that “we” into two different groups. The various technology groups learned that their worst fears about government surveillance were not even close to what was actually going on. That the NSA and its partners far exceed what they knew was going on. And it woke them up to the actual threat model. And I hope what the general public has absorbed from the Ed Snowden affair is that we were asleep at the wheel. Now it wasn’t our fault. Our government didn’t only conceal this information from us they actively lied to us about it. Which is why I think Snowden was justified in doing what he did. But we now need to be much more active citizens in a democracy if we don’t want our society to be created in secret by spy agencies.

Index: What is your response to those who say that Edward Snowden is a traitor to the American people?

Winzer: People who believe that are not persuadable anyway. These are people who have spent their careers indoctrinated in the defence and intelligence agencies. In their view, he took upon himself to do this and the result of that was so damaging to their public reputations around the world. These are people who don’t consider themselves to be evil actors, but solid citizens and good bureaucrats. There has been times in our history, when it is necessary to break the law in order to vindicate it. For example in the founding of the United States, where people threw tea into Boston Harbour, to more recently in 1971 when a bunch of anti-war activists broke into an FBI office in Pennsylvania and stole all of the FBI files: leading to one of the most important periods of reform in the country’s history.

Index: So are people wrong to question Snowden’s judgment?

Winzer: People are free to question Edward Snowden’s judgment. But I hope by now they don’t question his motivations. He acted in every way that the public interest by setting guidelines for what they should and should not publish from the material. I believe he behaved in the most reasonable way that he could in these circumstances.

Moreover, I wonder would those people question the patriotism of our national security, people who went before our Congress and not only concealed from the public what they were doing, but also lied under oath about what they were doing. I wonder would those same people question the patriotism of the traditional oversight bodies that essentially didn’t do their job between the period between 9/11 and now.

Most people, including President Obama, have said that the debate we are having here in the US about privacy is an important one that will make us stronger. And there is no way that this debate would have happened without Edward Snowden’s actions.

This article was posted on Dec 29 2014 at indexoncensorship.org

Bunting and Effect: Reforming the Federal Intelligence Surveillance Court

07 May 14 | Digital Freedom, News and features, Politics and Society, United States

(Photo: Shutterstock)

The reforms to the intelligence community that have been advocated by US President Barack Obama are not being taken well in some circles. This is not necessarily because all members of that covert fraternity object to them. There has been, in fact, a general understanding that something had to be done in light of Edward Snowden’s revelations regarding dragnet surveillance. A fundamental feature of Obama’s reform agenda centres on a greater oversight role regarding surveillance applications assessed by the Foreign Intelligence Surveillance Court (FISC).

Former FISC Presiding Judge John Bates has given, in a fashion, support for proposals that would allow the appointment of a public advocate or lawyers acting in an amicus curiae role. Their role suggests, in spirit at least, a modest attempt to open an otherwise secret court process to scrutiny over surveillance applications, providing direction on privacy and specific legal points. “I think it could have some good elements if done correctly,” suggested the judge before a gathering at George Washington University Law School last Friday.

Reading between the lines, however, the judge is not glowing at the prospect of an increased work load, one affected without little benefit. For one, he claims that an outside advocate is, for the most part, needless in standard court deliberations (pen registers, trap-and-trace orders and individualised search warrants) under the Foreign Intelligence Surveillance Act of 1978. Furthermore, surveillance applications tended to be prosaic matters with specific individuals in mind, using such standards as probable cause that would only affect the privacy interests of an individual or set of individuals. Amicus advocates would busy the court without any benefit, they being, for the most part, unqualified to deal with the technical matters at hand.

Where such a “friend” of the court might have some bearing would be on concerns over bulk-collection of data, though the judge was again shaving much relevance over the move. Was this reform a genuine attempt to alter practice, or simply one designed to pacify “public perception”? Those on the FISC are more troubled than pleased.

Many of the concerns made by Judge Bates were outlined in his January 13 letter to Senator Dianne Feinstein, Chair of the Select Committee on Intelligence. It is worth reading carefully, given the role Bates has played as chief judicial officer over FISC matters. A vigorous, conceptual tussle between secret deliberations and transparency is undertaken, much of it fundamental over the role of the court in “oversight” matters.

If workloads were to increase, then this should be “accompanied by a commensurate increase in resources.” Adding a number of administrative subpoena-type cases in excess of 20,000 “would fundamentally transform the nature of the FISC to the detriment of its current responsibilities.” But even such an increase of work would not necessarily be remedied by the mere addition of personnel and resources. It would “prove disruptive to the Courts’ ability to perform their duties, including responsibilities under FISA and the Constitution to ensure that the privacy interests of United States citizens and others are adequately protected.”

Like it or not, Judge Bates suggests that the secrecy function of the FISC should continue. In this, the judge slips into his paternalistic voice, suggesting that publishing Court decisions for public consumption would limit rather than “enhance the public’s understanding of FISA implementation”. Unless classified information is provided with those decisions, confusion was bound to happen.

A real bruiser comes in his detailed observations over what role the public advocate would actually play in FISA proceedings. First and foremost, there will be no constructive adversarial role to speak of, as the advocate will be “unable to communicate with the target or conduct an independent investigation”. Privacy protection will not be assured by involvement of the advocate in “run-of-the-mill FISA matters” and might “undermine the Courts’ ability to receive complete and accurate information on the matters before them.”

Much of the concern stems from who has the authority over appointments. A court appointed advocate might well be more palatable for judges, but it will hardly satisfy the privacy reformists, who wish to open the FISC door to some form of public accountability. But according to Judge Bates, a “standing advocate with independent authority to intervene at will could actually be counterproductive” while a court appointee may well maximise assistance while minimising disruption. He also fears the “constitutional” implications of the move.

Some of Bates’ concerns on the public advocate may be uncalled for. They are already considered in the Leahy/Sensenbrenner and Blumenthal bills. Both make the point that the special advocate only appear in set cases, and never in those touching on individualised search warrants. They would only deal with novel matters affecting subjects of surveillance targeting persons outside the United States (FISA, s. 702) and American subjects under s. 215 of the USA PATRIOT Act.

Judge Bates’ overview suggests that some reforms to the hearing and granting of surveillance applications are not only modest but cosmetic, in so far as they hope to improve privacy protections. The impact will be to actually hamper judicial oversight, rather than improve it. The adversarial element that would improve representation would actually be absent, despite the presence of the public advocate, making the reform one of bluff rather than effect. No change, however, would have been intolerable.

Speaking to a gathering of national security lawyers organised by the American Bar Association, Judge Bates had a prediction. “My guess is nothing will happen legislatively until after the mid-term elections – if then.” There will be congressional disagreements about matters of form and substance. If care is not taken, enacted reforms may well be the bunting without the product.

This article was published on April 7, 2014 at indexoncensorship.org

Private surveillance firms: Profits before freedom

11 Apr 14 | Digital Freedom, News and features

(Illustration: Shutterstock)

State surveillance has been much publicised of late due to Snowden’s revelations, but allegations against the NSA and GCHQ are only one aspect of the international industry surrounding wholesale surveillance. Another growing concern is the emergence and growth of private sector surveillance firms selling intrusion software to governments and government agencies around the world.

Not restricted by territorial borders and globalised like every other tradable commodity, buyers and sellers pockmark the globe. Whether designed to support law enforcement or anti-terrorism programmes, intrusion software, enabling states to monitor, block, filter or collect online communication, is available for any government willing to spend the capital. Indeed, there is money to be made – according to Privacy International, the “UK market for cyber security is estimated to be worth approximately £2.8 billion.”

The table below, collated from a range of sources including Mother Jones, the Electronic Frontier Foundation, Bloomberg, Human Rights Watch, Citizen Lab, Privacy International and Huffington Post, shows the flow of intrusion software around the world.

Surveillance Company	Country of Origin	Alleged Countries of Use
VASTech	South Africa	Libya (137)
Hacking Team	Italy	Azerbaijan (160), Egypt (159), Ethiopia (143), Kazakhstan (161), Malaysia (147), Nigeria (112), Oman (134), Saudi Arabia (164), Sudan (172), Turkey (154), Uzebekistan (166)
Elbit Systems	Israel	Israel (96)
Creative Software	UK	Iran (173)
Gamma TSE	UK	Indonesia (132)
Narus	USA	Egypt (159), Pakistan (158), Saudi Arabia (164)
Cisco	USA	China (175)
Cellusys Ltd	Ireland	Syria (177)
Adaptive Mobile Security Ltd	Ireland	Syria (177), Iran (173)
Blue Coat Systems	USA	Syria (177)
FinFisher GmbH	Germany	Egypt (159), Ethiopia (143)

Note: The numbers alongside the alleged countries of use are the country’s ranking from 2014 Reporters without Borders World Press Freedom Index 2014.

While by no means complete, this list is indicative of three things. There is a clear divide, in terms of economic development, between the buyer and seller countries; many of the countries allegedly purchasing intrusion software are in the midst of, or emerging from, conflict or internal instability; and, with the exception of Israel, every buyer country ranks in the lower hundred of the latest World Press Freedom Index.

The alleged legitimacy of this software in terms of law enforcement ignores the potential to use these tools for strictly political ends. Human Rights Watch outlined in its recent report the case of Tadesse Kersmo, an Ethiopian dissident living in London. Due to his prominent position in opposition party, Ginbot 7 it was discovered that his personal computer had traces of FinFisher’s intrusion software, FinSpy, jeopardising the anonymity and safety of those in Ethiopia he has been communicating with. There is no official warrant out for his arrest and at the time of writing there is no known reason in terms of law enforcement or anti-terrorism legislation, outside of his prominence in an opposition party, for his surveillance. It is unclear whether this is part of an larger organised campaign against dissidents in both Ethiopia and the diaspora, but similar claims have been filed against the Ethiopian government on behalf of individuals in the US and Norway.

FinFisher GmbH states on its website that “they target individual suspects and can not be used for mass interception.” Without further interrogation into the end-use of its customers, there is nothing available to directly corroborate or question this statement. But to what extent are private firms responsible for the use of its software by its customers and how robustly can they monitor the end-use of its customers?

In the US Electronic Code of Federal Regulations, there is a piece of guidance entitled Know Your Customer. This outlines steps to be undertaken by firms to identify what the end-use of its products is. This is a proactive process, placing the responsibility firmly with the seller to clearly identify and act on abnormal circumstances, or ‘red flags’. The guidance clearly states that the seller has a “duty to check out the suspicious circumstances and inquire about the end-use, end-user, or ultimate country of destination.”

Hacking Team has sold software, most notably the Remote Control System (RCS) to a number of countries around the world (see above). Citizen Lab, based out of the University of Toronto, has identified 21 countries that have potentially used this software, including Egypt and Ethiopia. In its customer policy, Hacking Team outlines in detail the lengths it goes to verify the end-use and end-user of RCS. Mentioning the above guidelines, Hacking Team have put into practice an oversight process involving a board of external engineers and lawyers who can veto sales, research of human rights reports, as well as a process that can disable functionality if abuses come to light after the sale.

However, Hacking Team goes a long way to obscure the identity of countries using RCS. Labelled as untraceable, RCS has established a “Collection Infrastructure” that utilises a chain of proxies around the world that shields the user country from further scrutiny. The low levels of media freedom in the countries purportedly utilising RCS, the lack of transparency in terms of the oversight process including the make-up of the board and its research sources, as well as the reluctance of Hacking Team to identify the countries it has sold RCS to undermines the robustness of such due diligence. In the words of Citizen Lab: “we have encountered a number of cases where bait content and other material are suggestive of targeting for political advantage, rather than legitimate law enforcement operations.”

Many of the firms outline their adherence to the national laws of the country they sell software to when defending their practices. But without international guidelines and alongside the absence of domestic controls and legislation protecting the population against mass surveillance, intrusion software remains a useful, if expensive, tool for governments to realise and cement their control of the media and other fundamental freedoms.

Perhaps the best way of thinking of corporate responsibility in terms of intrusion software comes from Adds Jouejati of the Local Coordination Committees in Syria, “It’s like putting a gun in someone’s hand and saying ‘I can’t help the way the person uses it.’”

This article was posted on 11 April, 2014 at indexoncensorship.org

Index Freedom of Expression Awards: Digital activism nominee Edward Snowden

19 Mar 14 | Awards, Digital Freedom, News and features, United States

In 2013, National Security Agency contractor Edward Snowden leaked thousands of documents detailing US government surveillance to the press, igniting a global debate on the ways authorities can watch citizens’ communications.

Snowden was one of tens of thousands of people who had access to data collected by the NSA.

The revelations detailed the extent of the PRISM programme, which allows NSA agents and contractors to view any user’s metadata based on a number of search terms. This warrantless surveillance is seen as a breach of the US’s fourth amendment, which guarantees the right to privacy.

Snowden also revealed details of the UK’s TEMPORA programme, which intercepts data carried on fibre optic cables to allow agents to monitor communication, again without a warrant.

After leaking 58,000 files, he fled from his home in Hawaii to Hong Kong, and from there to Moscow, where he found himself stranded after the US government revoked his passport.

Snowden’s revelations have shown the lack of scrutiny and oversight intelligence agencies face. Equally worrying has been the willingness of the UK government to try to intimidate the Guardian, with veiled threats of prosecution after it published a mere fraction of the information contained in the leaked files.

As a whistleblower, Snowden has in fact helped make the world more secure by highlighting the potential abuse of monitoring capabilities and there have been calls to grant him asylum in the European Union. Above all else, he has got the world talking about what privacy and free expression mean in an age when surveillance has never been easier.