The first example is Apple’s new “Warrant Canary” clause. It works like this: there’s a section in their periodically-released transparency report that states very clearly that
Apple has never received an order under Section 215 of the USA Patriot Act. We would expect to challenge such an order if served on us.
This report is re-issued periodically. Apple may receive a gag-protected demand for user data at some point, and not be able to say anything about it, but if this happens we can expect this clause to vanish from future transparency disclosures. If it’s gone, Big Brother came calling.
The even better example is how furious and enraged Google’s security team is about the disclosure that the NSA was listening on their internal traffic. As a result, they’ve encrypted every bit of that traffic, which renders the NSA’s taps worthless:
We designed this system to keep criminals out. There’s no ambiguity here. The warrant system with skeptical judges, paths for appeal, and rules of evidence was built from centuries of hard won experience. When it works, it represents as good a balance as we’ve got between the need to restrain the state and the need to keep crime in check. Bypassing that system is illegal for a good reason.
Unfortunately we live in a world where all too often, laws are for the little people. Nobody at GCHQ or the NSA will ever stand before a judge and answer for this industrial-scale subversion of the judicial process. In the absence of working law enforcement, we therefore do what internet engineers have always done – build more secure software. The traffic shown in the slides below is now all encrypted and the work the NSA/GCHQ staff did on understanding it, ruined.
Thank GOD for Snowden’s disclosures.