2015 NDI 6WS Encryption

Disad

Top Shelf

1NC Shell (Encryption)

Snowden revelations is creating a commercial market for
encryption and other security technologies
Doctorow 14 (Cory-Technology columnist for the Guardian and Co-Editor of
Boing Boing, a technology blog, What happens with digital rights management in
the real world? The Guardian, 2/5/14,
http://www.theguardian.com/technology/blog/2014/feb/05/digital-rightsmanagement)
revelations of the NSA whistleblower Edward Snowden have changed the global
conversation about privacy and security. According to a Pew study from last autumn, most
American Internet users are now attempting to take measures to make their
computers more secure and keep their private information more private.
It's hard to overstate how remarkable this is (I devoted an entire column to it in December).
For the entire history of the technology industry, there was no appreciable
consumer demand for security and privacy. There was no reason to believe that spending
The

money making a product more secure would translate into enough new users to pay for the extra engineering work

With the shift in consciousness redounding from the Snowden files, we

have, for the first time ever, the potential for commercial success based
on claims of security. That's good news indeed because computer
security is never a matter of individual action. It doesn't matter how
carefully you handle your email if the people you correspond with are
sloppy with their copies of your messages. It's a bit like public health: it's important to
make sure you have clean drinking water, but if your neighbours don't pay
attention to their water and all get cholera, your own water supply's purity won't keep you
safe.
it entailed.

Surveillance reform tricks the public into believing that their

communications are now private-destroys consumer market for
privacy and encryption technology
Greenwald 14 (Glenn-Journalist and Constitutional Lawyer, the first person
Snowden contacted in the 2013, CONGRESS IS IRRELEVANT ON MASS
SURVEILLANCE. HERES WHAT MATTERS INSTEAD, The Intercept, 11/19/14,
https://firstlook.org/theintercept/2014/11/19/irrelevance-u-s-congress-stopping-nsasmass-surveillance/)
the last place one should
look to impose limits on the powers of the U.S. government is . . . the U.S.
government. Governments dont walk around trying to figure out how to limit their own power, and thats
particularly true of empires. The entire system in D.C. is designed at its core to prevent real
reform. This Congress is not going to enact anything resembling
fundamental limits on the NSAs powers of mass surveillance . Even if it somehow
did, this White House would never sign it. Even if all that miraculously
happened, the fact that the U.S. intelligence community and National Security State
operates with no limits and no oversight means theyd easily co-opt the entire
All of that illustrates what is, to me, the most important point from all of this:

reform process. Thats what happened after the eavesdropping scandals of the mid-1970s led to the
establishment of congressional intelligence committees and a special FISA oversight courtthe committees were
instantly captured by putting in charge supreme servants of the intelligence community like Senators Dianne
Feinstein and Chambliss, and Congressmen Mike Rogers and Dutch Ruppersberger, while the court quickly

Ever since the Snowden

public opinion (in both the U.S. and globally) began radically changing,
the White Houses strategy has been obvious. Its vintage Obama: Enact
something that is called reformso that he can give a pretty speech
telling the world that he heard and responded to their concernsbut that
in actuality changes almost nothing, thus strengthening the very system he
can pretend he changed. Thats the same tactic as Silicon Valley, which also
supported this bill: Be able to point to something called reform so they can
trick hundreds of millions of current and future users around the world into
believing that their communications are now safe if they use Facebook, Google, Skype
and the rest. In pretty much every interview Ive done over the last year, Ive been asked why there
havent been significant changes from all the disclosures. I vehemently
disagree with the premise of the question, which equates U.S. legislative
changes with meaningful changes. But it has been clear from the start
that U.S. legislation is not going to impose meaningful limitations on the
NSAs powers of mass surveillance, at least not fundamentally. Those limitations are going to
became a rubber stamp with subservient judges who operate in total secrecy.
reporting began and

come fromare now coming from very different places

Encryption and other defensive strategies are necessary to

combat cyberattacks- current infrastructure is all offense no
defense
Doctorow 6/20 (Cory-Co-Editor of Boing Boing, a technology blog, citing Bruce
Schneider-acclaimed security expert, Schneier: China and Russia probably did get
the Snowden leaks by hacking the NSA, Boing Boing, 6/20/15,
http://boingboing.net/2015/06/20/schneier-china-and-russia-pro.html)
Schneier argues that China and Russias spy agencies are full of infowar
ninjas whove been hacking away at the NSAs repositories for years, and
that there is likely a steady flow of secrets that are exfiltrated by the
agencies. He says that he thinks successful hack-attacks against the NSA are
much more likely than Chinese and Russian spooks coming up with some
kind of magic crypto-cracking ability (especially as Snowden didnt even bring
the docs with him to Russia). There is a lot of evidence for this belief. We know
from other top-secret NSA documents that as far back as 2008, the agencys
Tailored Access Operations group has extraordinary capabilities to hack into
and exfiltrate data from specific computers, even if those computers are
highly secured and not connected to the Internet. These NSA capabilities are
not unique, and its reasonable to assume both that other countries had similar
capabilities in 2008 and that everyone has improved their attack
techniques in the seven years since then. Last week, we learned that Israel
had successfully hacked a wide variety of networks, including that of a major
computer antivirus company. We also learned that China successfully hacked US
government personnel databases. And earlier this year, Russia successfully
hacked the White Houses network. These sorts of stories are now routine.

Which brings me to the second potential source of these documents to foreign

intelligence agencies: the US and UK governments themselves. I believe that both
China and Russia had access to all the files that Snowden took well before
Snowden took them because theyve penetrated the NSA networks where
those files reside. After all, the NSA has been a prime target for decades.
Those government hacking examples above were against unclassified
networks, but the nation-state techniques were seeing work against
classified and unconnected networks as well. In general, its far easier to
attack a network than it is to defend the same network. This isnt a
statement about willpower or budget; its how computer and network security work
today. A former NSA deputy director recently said that if we were to score cyber
the way we score soccer, the tally would be 462456 twenty minutes into
the game. In other words, its all offense and no defense.

A cyber-attack would trigger military retaliation and escalate

to nuclear war
Robert Tilford 12, Graduate US Army Airborne School, Ft. Benning, Georgia,
Cyber attackers could shut down the electric grid for the entire east coast 2012,
http://www.examiner.com/article/cyber-attackers-could-easily-shut-down-theelectric-grid-for-the-entire-east-coa ***we dont agree with the ableist language
a cyber attack that can take out a civilian power grid, for example
could also cripple (destroy) the U.S. military. The senator notes that is that the same power
grids that supply cities and towns, stores and gas stations, cell towers and heart
monitors also power every military base in our country. Although bases would be
prepared to weather a short power outage with backup diesel generators, within
hours, not days, fuel supplies would run out, he said. Which means military command and
control centers could go dark. Radar systems that detect air threats to our
country would shut Down completely. Communication between commanders and
their troops would also go silent. And many weapons systems would be left
without either fuel or electric power, said Senator Grassley. So in a few short
hours or days, the mightiest military in the world would be left scrambling to
maintain base functions, he said. We contacted the Pentagon and officials
confirmed the threat of a cyber attack is something very real. Top national
security officialsincluding the Chairman of the Joint Chiefs, the Director of the National Security Agency, the Secretary
of Defense, and the CIA Director have said, preventing a cyber attack and improving the nations
electric grids is among the most urgent priorities of our country (source: Congressional Record). So how
serious is the Pentagon taking all this? Enough to start, or end a war over it, for sure. A cyber attack today
against the US could very well be seen as an Act of War and could be met
with a full scale US military response. That could include the use of
nuclear weapons, if authorized by the President.
To make matters worse

2NC Uniqueness

2NC-Snowden Effect
Snowden revelations indicate a new movement towards
investment in security technologies-statistics prove
Doctorow 13 (Cory-Technology columnist for the Guardian and Co-Editor of
Boing Boing, a technology blog, We cannot afford to be indifferent to internet
spying, The Guardian, 12/9/13,
http://www.theguardian.com/technology/2013/dec/09/internet-surveillance-spying)
a study of
American Internet users' attitudes towards privacy. Broadly, they found that
Americans had recently taken extensive, affirmative steps to improve their
privacy, but had, generally speaking, failed. Their technology and their technical literacy were insufficient to
accomplish such a difficult end. They evinced a widespread view that privacy rules
were too loose. They reported many instances of bad consequences
arising from breaches of their privacy or the privacy of people close to
them. Not long after this report, Cassidy Wolf, this year's Miss Teen USA, made headlines after it was revealed
In September, the Pew Research Centre released Anonymity, Privacy, and Security Online,

that her computer had been taken over by a creep who took covert nude photos of her using its webcam, captured
her social media passwords, and demanded live sex shows or he would post the compromising photos to her online
accounts. Wolf went to the FBI, and they ran the creep to ground, only to discover that he had dozens of other

The Internet Engineering Task Force is promising to

encrypt the entire internet by default. Internet companies like Google and
Yahoo are stepping up the encryption within their networks . They're
rethinking their collusion with spy agencies having discovered that these agencies not
victims, including minor children.

only demanded the right to their spy-boxes in the data-centre, they also secretly tapped the fibre leading in and out

From here on in,

the market for privacy-preserving technology will only grow. From here on in, the
public pressure to rein in spy agencies and preserve privacy in law will
only mount. From here on in, the chorus of voices correcting the nothing-to-hides will only swell. From here
on in, the privacy-preserving design decisions in technology will only rise in
importance. The spies will keep spying. They will spy more. They will spy harder. They have proven
of it. More of us are increasingly aware of the risks of the privacy risks from technology.

themselves to be without any scruple and without any adult supervision. But their job gets a lot harder from here on

There is a moment out there for privacy activists to seize upon, a moment that privacy
entrepreneurs can capitalise upon, a moment that privacy-oriented lawmakers can make political
out.

hay from. It's up to us to make the most of it.

The Snowden Effect has allowed the security and encryption

industries to see unprecedented growth
P.A.M. 14 (Pictet Asset Management- Investment management firm part of the
independent wealth and asset manager group Pictet, News from the Advisory
Board Security Post-NSA leaks, a new cyber security landscape, Pictet Asset
Management, May 2014,
http://www.pictetfunds.fr/files/Focus_du_mois/Contributions/Pictet-Security_AdvisoryBoard_201405.pdf)
These

low-profile niche operators are cyber-security firms. Specialising in

antivirus, firewall, intrusion detection or encryption, such companies have played a key role in the expansion
of the technology by giving users - individuals and businesses - the confidence to shift more of their activities to the
cloud. But

recent events suggest these firms will not remain in the

background for much longer. While revelations of systematic spying by the US

National Security Agency appear to have damaged the reputation of the big tech companies operating the cloud,
they have had the opposite effect on cyber-security providers. The actions of NSA whistleblower Edward Snowden

have pushed cyber-security to the very top of the corporate agenda; the
sector is set to become both a source of innovation and a destination for
investment as a result. This is one of the topics discussed at the recent Advisory Board meeting of the
PictetSecurity fund, which invests in companies that offer innovative solutions to protect individuals, businesses and
governments. IT services have represented one of the main areas of investment since the funds inception in 2006.
The Snowden effect Snowdens revelations that US security agencies had obtained confidential data held by major
US tech companies threatened to irreversibly damage the cloud industry. Leaked documents showed that US and
British intelligence agencies had gained access to huge swathes of internet traffic - users personal data as well as
online transaction and emails stored on tech companies servers - as part of a clandestine data-mining program
named PRISM. Of equal concern were the methods used. It emerged that the NSA had been given complete control
over international encryption standards and that it had used supercomputers to break encryption. Even more
worrying were suggestions that NSA officials had collaborated with technology companies and internet service
providers enabling agencies to insert secret backdoors into commercial encryption software. Although big
technology firms denied they had knowingly provided the government with such backdoors, the revelations were
seen as a threat to the future growth of the cloud as it suggested companies could not safeguard the security and
privacy of their customers. In the immediate aftermath of the leaks, a report released by the Information
Technology and Innovation Foundation (ITIF), a non-partisan think tank based in Washington, estimated that
foreigners distrust in US cloud storage providers since the NSA spying scandal could cost such companies up to
USD35 billion in lost revenues by 2016. Forrester Research, an IT market research company, argued that losses
could top USD180 billion over the same period - a 25 per cent hit to overall IT service provider revenues. NSA leaks
unlock fast growth in the IT security sector Fast-forward nine months and a more nuanced picture is emerging, AB
participants heard. What our panel of security experts report is that while

the NSAs practices may have

have unlocked

undermined customer confidence, slowing the rate of cloud adoption, they

opportunities for security vendors. Security concerns move higher on corporate agenda
Snowdens revelations have made the cyber-security threat far more
visible, forcing companies to review how their data is stored. If IT security
professionals had long suspected that government agencies were involved in systematic electronic spying, there
was scant evidence available. But the Snowden leaks have revealed the full extent of NSA surveillance activities

cyber
security has evolved from a being compliance matter for IT specialists into a strategic
priority for corporations worldwide. The scandal has served as a trigger to
unlock corporate investment in cyber-security solutions. Cyber security companies
and brought to light the collaboration of US major tech companies. Such is the level of concern that

see investment boom Companies with data stored in clouds are upgrading their systems, and are increasingly
engaging the services of cyber-security providers. They are turning to the providers with the most innovative
solutions and in the IT security world, the companies with the hottest technologies are small, very dynamic start-

Revelations by Snowden of possible ties between tech firms and

government have made consumers suspicious that large US-based
companies could be beholden to intelligence agencies. As a result, it has
become easier for new, smaller security businesses to sell their solutions.
With spending on cyber-security rising, the sector has drawn the attention of investors.
ups.

Intense interest in the sector has helped fuelled a buoyant IPO market and robust share price performance;
companies operating in the sector of cloud security, data management or encryption have attracted particularly

which has
seen a wave of consolidation in recent months as these young security
companies make attractive acquisition targets for their larger rivals
strong demand. Rising valuations may be a reflection of the heated competition in the sector,

(RSA/Silvertail, Cisco/Sourcefire, F5 Networks/Versafe).

Snowden leaks has private users concerned for their own

security
Raistrick 13 (Security administrator for Palo Alto Networks, Is Your Organisation
Edward Snowden Proof? Business Computing World, 7/1/13,

http://www.businesscomputingworld.co.uk/is-your-organisation-edward-snowdenproof/)
From a national security point of view, the post-mortem of Snowdens leak
is where attention should be most keenly focused, to determine the veracity of his
statements. But if the claims turn out to be true, it does not automatically mean that other organisations are prone
to the same breaches. Generally speaking, the more powerful an application is, the more tightly it is segmented,
monitored, and controlled. The same is true of security administrators themselves. The more power they are
provided, the more their duties need to be segmented, monitored, and controlled. In the case of Ed Snowden, we
have a very privileged administrator accessing very powerful applications common practice would be to watch

the access to sensitive information comes down to

company mindset. In many cases, companies simply think of security as
blocking attacks as opposed to the process of securing their information.
him like a hawk. Ultimately

Blocking the attack is obviously a critical part of the equation, but it has to be tied into the context of the data itself,

The NSA leak is a

perfect example of what can happen when very powerful applications and
powerful users are not controlled sufficiently. A modern solution to a modern problem
With vast amounts of privileged and sensitive data stored on company
networks and pervasive threat vectors that want to steal that data,
businesses require a segmented approach to security that monitors all users,
content and applications that are present on the network. Its an approach some
companies have been reluctant to grasp but, given the revelations of the past few weeks, the
consequences of not taking appropriate measures should be far more of a
concern.
the applications that serve that data, and the people that use those applications.

Snowden revelations have started a new market for encryption

technology- even if the technology isnt 100% effective
Reuters 14 (Reuters-New Agency, Snowden leaks a boon for the digital security
market, Business Tech New Zealand, 8/6/14,
http://businesstech.co.za/news/internet/64984/snowden-leaks-a-boon-for-the-digitalsecurity-market/)
concerns about the U.S. governments secretive surveillance
programs exposed by Edward Snowden have spawned a slew of encryption
products and privacy services that aim to make electronic spying more
difficult. Two products brought out in the past five weeks illustrate the rapid development of the new
Public

marketplace: Blackphone, a handset which started shipping on June 30 for $629, and Signal, a free app that

They are among an array of offerings to

emerge since Snowden, a former National Security Agency contractor, last year leaked documents that
appeared on the iPhone app store last week.

showed the U.S. government harvested enormous amounts of data from the likes of Google Inc, Yahoo Inc, Microsoft
Corp, AT&T Inc and Verizon Communications Inc. Though they have different business philosophies, target markets

companies behind Blackphone and Signal share an underlying

encryption technique, world-class cryptographers, and an antigovernment stance. In an environment of increasingly pervasive surveillance, we want to make it as
and tactical approaches, the

easy as possible for anyone to be able to organize and communicate securely, Signal maker Open Whisper
Systems wrote on its blog. Secure communications will be a major topic at two key hacking conferences in Las
Vegas this week: Black Hat, which is aimed at professionals, and Def Con, which attracts many amateurs.
Blackphone uses software from one of its backers, Silent Circle, that allows users to send encrypted voice calls and
texts to one another. Silent Circles software is already available for iPhone and Android phones, but the company
says Blackphone is more secure because it uses a new operating system based on Android that makes it harder
for hackers to take control of the phone and eavesdrop. Silent Circle recently expanded its service by allowing
encrypted calls to landlines. That feature has helped its sales rate triple in the past three months, said Silent Circle
Chief Revenue Officer Vic Hyder. He declined to give subscriber figures but said Chevron Corp and Walt Disney Co

were among the companys major corporate customers. Supported mainly by grants, Signal maker Open Whisper
Systems was co-founded by security researcher Moxie Marlinspike and already has a compatible Android version
called RedPhone. The company said Signal had 70,000 downloads on the first day. Marlinspike said the company
may charge in the future for extra services, but the basic functions of the app should remain free forever. Open
Whisper Systems is a project rather than a company, and the projects objective is not financial profit, he wrote on
his personal blog. An encrypted chat service popular with security professionals is Wickr. The free service relies on
heavy encryption that is considered unbreakable for the foreseeable future if implemented correctly. Wickr does not
use the open-source software that is the industry standard, which means security experts cannot inspect its
software code. But Wickr says it will soon post results of security audits by well-regarded firms, and it is offering
a$200,000 reward for anyone who breaks its system. Wickr Chief Executive Nico Sell, a longtime official at Def Con,

Civil liberties
enthusiasts have welcomed the proliferation of new privacy-protecting
software and services, but some law enforcement and intelligence agents are concerned that they
said she plans to add a desktop version of Wickr soon. Law enforcement concerns

make it more difficult for agents to intercept communications. Its a significant problem, and its continuing to get
worse, Amy S. Hess, executive assistant director of the Federal Bureau of Investigation, told the Washington Post.

Experts said it was unlikely that any

communications system can be 100 percent safe from government
interception. The goal for some users would be simply to make it
expensive for the authorities to eavesdrop on them without good reason.
An FBI spokeswoman declined to elaborate.

2NC- Silicon Valley Innovation

The encryption renaissance is here because of NSA
surveillance-Silicon valley are all using new innovative ways to
counter surveillance and pushing encryption innovationcurtailing surveillance reverses that
Marten 14 (Donn-Blogger for Carrying a Flag, an anti-surveillance blog, NSA
Reform is Dead: Tech Companies Must Act to Protect Us Now, Carrying a Flag,
6/7/14, http://carryingaflag.blogspot.com/2014/06/nsa-reform-is-dead-techcompanies-must.html)
Not that it is surprising that the NSA Stasi is protected by a firewall of entrenched and corrupt members of our
pathetic excuse for a legislative branch - the US Congress remains the number one enemy of the American people -

any sort of effective reform in the aftermath of the Snowden leaks

has always been dead on arrival. The USA Freedom Act seemed to be a perfect counterpart to the
and that

fascist USAPATRIOT Act when it was introduced, with the backing of US Representative James Sensenbrenner who
was largely responsible for the latter monstrosity but as the establishment stalled enough time had passed for it to
be gutted. The intelligence committee chairpersons of the House and Senate, respectively the right-wing talk radio
bound fanatic Mike Rogers and the always ghastly Dianne Feinstein would be there to protect the warrentless mass
surveillance and data-mining in all of its Constitution trashing glory because the protection of criminality is the main

The USA Freedom Act, in its watered down version which

not
only preserves the powers of the NSA but now provides them with official
cover. The Freedumber Act is the Obama administration's wet dream as it would allow the narcissistic one to
reason why the got their gigs in the first place.

prolific security blogger Marcy Wheeler of Emptywheel has brilliantly pegged as the USA Freedumber Act

present himself as a champion of the American people by fixing the system and the business of getting all of the
phone calls, financial data, images, book purchases, associations, family information, political affiliation, blog traffic,
internet searches, sexual orientation, religious preferences, text messages and thousands of other data points to
sock away in their massive storage facilities like the one out in Utah. Then Obama can get about the business of
avenging the injury to his ego when Vladimir Putin prevented a war in Syria and Russia provided asylum to Snowden
saving him from a US torture chamber and starting a new cold war which will ensure that military contractor money
rolls in for the next election cycles. Barring the promised bombshell revelations from journalist Glenn Greenwald which are taking forever and making many (although not myself, at least not yet) nervous that he sold out to
billionaire Pierre Omidyar and that the real stuff is never going to see the light of day - are so shocking as to make

the great hope at this point is having to hope that Silicon

Valley will come to the rescue. The NSA rampage has permanently
tarnished the image of American big tech to the point that the only
rational thing - at least from a business standpoint and these area after all businesses - is to improve
their own security in order to prevent or at least make it more difficult for
the government goons to penetrate their networks and customer
communication activity. This is currently in process and will continue to evolve as the
US government has chosen to continue the programs rather than lose
precious time between now and the day that the order comes down to use
the data to go after those who are deemed to be threats to state power.
serious reform possible

According to a New York Times article entitled "Internet Giants Erect Barriers to Spy Agencies" that was published

Googles main campus here, engineers for the company are

accelerating what has become the newest arms race in modern
technology: They are making it far more difficult and far more expensive
for the National Security Agency and the intelligence arms of other
governments around the world to pierce their systems. As fast as it can, Google
is sealing up cracks in its systems that Edward J. Snowden revealed the N.S.A. had
brilliantly exploited. It is encrypting more data as it moves among its servers and helping
on Friday: Just down the road from

customers encode their own emails.

Facebook, Microsoft and Yahoo are taking similar

steps.

After years of cooperating with the government, the immediate goal now is to thwart Washington as
well as Beijing and Moscow. The strategy is also intended to preserve business overseas in places like Brazil and
Germany that have threatened to entrust data only to local providers. Google, for example, is laying its own fiber
optic cable under the worlds oceans, a project that began as an effort to cut costs and extend its influence, but
now has an added purpose: to assure that the company will have more control over the movement of its customer

the era of quiet cooperation is over.

Telecommunications companies say they are denying requests to
volunteer data not covered by existing law. A.T.&T., Verizon and others say that compared with a year ago,
they are far more reluctant to cooperate with the United States
government in gray areas where there is no explicit requirement for a
legal warrant. AND Eric Grosse, Googles security chief, suggested in an interview that the N.S.A.s own
behavior invited the new arms race. I am willing to help on the purely defensive side of
things, he said, referring to Washingtons efforts to enlist Silicon Valley in cybersecurity efforts. But signals
intercept is totally off the table, he said, referring to national intelligence gathering. No hard feelings, but my
job is to make their job hard, he added. There is naturally the standard fear-mongering by the US
data. A year after Mr. Snowdens revelations,

government and the implied threat of terrorist attacks is tech companies do not allow the NSA to proceed with
impunity. The NYT piece cites an Obama administration official who invokes the 9/11 card once again: Robert S. Litt,
the general counsel of the Office of the Director of National Intelligence, which oversees all 17 American spy
agencies, said on Wednesday that it was an unquestionable loss for our nation that companies are losing the
willingness to cooperate legally and voluntarily with American spy agencies. Just as there are technological gaps,

there are legal gaps, he said, speaking at the Wilson Center in Washington, that leave a lot
of gray area governing what companies could turn over. In the past, he said, we
have been very successful in getting that data. But he acknowledged that for now, those days are over, and he
predicted that sooner or later there will be some intelligence failure and people will wonder why the intelligence
agencies were not able to protect the nation. Companies respond that if that happens, it is the governments own
fault and that intelligence agencies, in their quest for broad data collection, have undermined web security for all.
BINGO on that last statement - the government to this day has yet to fire anyone who was on the job and failed to
protect the nation on the morning of September 11, 2001 - why is that? Power will not be surrendered willingly and

there is ZERO chance for legitimate and serious reform of the

unconstitutional practices of the NSA within the government it is
incumbent on the tech companies to do what they can to go into a
defensive mode and internet users to look into getting some serious
encryption software installed.
at this point, as

2NC Link

2NC- Consumer Security Link

Ending surveillance is a shell game luring consumers into a
false sense of security
Peterson 15 (Andrea- Technology policy reporter for the Washington Post, Its
nearly two years after Snowden and privacy advocates are divided on how to fix
NSA spying, Washington Post, 4/29/15, https://www.washingtonpost.com/blogs/theswitch/wp/2015/04/29/its-nearly-two-years-after-snowden-and-privacy-advocatesare-divided-on-how-to-fix-nsa-spying/)
Without those limits, ending 215 might result in a sort of "shell game,"
where the government replaces one authority with another, according to Julian
Sanchez, a senior fellow at the Cato Institute. There's also a provision built into the current Patriot Act
that would allow for 215 to continue to be used for ongoing investigations
even after it sunsets, as reported by the New York Times last year. Such a provision might
be used to continue the bulk phone records program because some
government enterprise-level investigations, such as those into major
terror groups, can go on for a decade or more, according to Geiger and Sanchez. "The
truth is that neither the USA Freedom Act nor the expiry of Section 215
would end the governments mass-surveillance program s," said the ACLU's Jaffer. But
actually forcing a sunset on 215 would send "an important message" against spying programs, he argued. Some

the bill might actually give the government expanded spying

powers, even if it moves direct control of Americans' bulk phone records
out of government hands, because of the breadth of data that service
providers might be forced to turn over in response to a request. "In a way, it's
kind of like PRISM," the program revealed by Snowden where major tech companies turned over the
critics also worry

content of online communications to the NSA, said longtime independent surveillance researcher Marcy Wheeler. "It

pushes things to providers: Everyone gets immunity, but it doesn't add to

the privacy." Passing the bill, she argues, might also make it harder to get
movement on more comprehensive reforms because tech companies, who
have been a major political force on this issue, will be able to already
point to changes they helped win. "Companies are provided monetary
incentive to spy and share that information with the government and
blanket liability once they do under USA Freedom -- even if that breaks that law," said Sascha Meinrath, the
director of X-lab, an independent tech policy institute previously associated with New America. " Once
companies receive that, they'll have almost no reason to weigh in on
meaningful surveillance reform."

2NC- Circumvention Link

Legal solutions to surveillance fail- governments will
circumvent encryption is the only effective way to combat
surveillance
Ingham 15 (Lucy-Editor for Factor Magazine-consumer technology and science
magazine, also cites Edward Snowdens presentation at Londons FutureFest in
March 2015, EDWARD SNOWDEN ON THE FUTURE OF SURVEILLANCE, Factor
Magazine, 5/25/15, http://factor-tech.com/feature/edward-snowden-on-the-future-ofsurveillance/)
While there are continued efforts to bring an end to mass surveillance
through legal means, most recently with the ruling in a New York federal appeals court that the
collection of Americans metadata and phone records is unlawful, there is scepticism that
governments will ever fully stop mass surveillance due to its tremendous
spying benefits. Were losing leverage. Governments are increasingly
gaining more power and we are increasingly losing our ability to control
that power and even to be aware of that power, he says. Although he is keen to remind
everyone that he is just the mechanism of disclosure, Snowden does have some ideas about
how we can turn the tables. Fundamentally, changes to the fabric of the
Internet, our methods of communication, can enforce our rights, they can
enforce our liberties, our values, on governments, he says. Increasingly all of our
elected officials are pulled from the same class By leaning on companies, by leaning on
infrastructure providers, by leaning on researchers, graduate students,
postdocs, even undergrads to look at the challenges of having untrusted
Internet, we can restructure that communications fabric in a way thats
encrypted. And by encrypted I mean the only people who can read and
understand the communications across those wires are the people at the
two distant ends. This is called end-to-end encryption, and what were doing there is
making it much more difficult to perform mass surveillance. Not only does he
believe this is the way forward, but suspects that this will be the likely scenario as we seek to resolve this issue. I
think it is more likely than not that the technical side of the argument will come in, because its much
easier, I think, to protect communications rather than it is to enforce legislation
in every country in the world. LONG ROAD AHEAD However, the future is likely to be
fraught with challenges as we seek to put an end to mass surveillance ,
Snowden warns. I think were going to see disasters on both sides , I think were going to see it
exploited callously and relentlessly by governments to purposes that
undermine the progress of the publics interest in favour of the elites
interests, he says. And when we have these people representing everyone in our society, millions of people,
the question becomes, are we really going to get policies that reflect the broad
social interests, the broad public interests, or more of class interests ?
However, this does not mean we should give up, and simply ignore mass surveillance
as we get on with our daily lives. We have to at least say that this is happening. We cant wish it
away, we cant say that its something that its not. We have to confront the reality of our
world, and make the hard decisions about which way we want to move
forward, he advises.

There is no possible ability for actual privacy reformlegislation is like rearranging chairs on the titanic
Stanley 15 (Mark-Director of Communications and Operations at Demand
Progress DEMAND PROGRESS AND CREDO MOBILE BLAST USA FREEDOM ACT,
Demand Progress, 4/28/15, http://demandprogress.tumblr.com/post/117623640615/demand-progress-and-credo-mobile-blastusa-freedom)
A vote for a bill that does not end mass surveillance is a vote in support of
mass surveillance. The way to end mass surveillance is to end mass
surveillance. Everything else is window dressing. Rather than reauthorizing section 215, Congress should let
this dangerous provision expire and pass much-needed reforms, including ending mass surveillance under section
702 of the FISA Amendments Act, Executive Order 12333 and other authorities, and enhancing Congressional
oversight of secret intelligence agencies. CREDO and Demand Progress would support legislation enshrining the
reforms demanded in this just-released letter, signed by 60 organizations, businesses, and prominent national
security whistleblowers. http://demand-progress.tumblr.com/post/117018009995/letter-to-congress-end-masssurveillance Furthermore, the organizations support likely efforts to amend the legislation to ban warrantless
wiretapping of U.S. persons. Its

like rearranging the chairs on the deck of the

Titanic, said Becky Bond, Vice President of CREDO Mobile. As a telecom that can be compelled to participate in
unconstitutional government surveillance, we can tell you that the latest version of the USA
FREEDOM Act is just a diversion to take the heat off our out-of-control
surveillance state. Thats why CREDO Mobile opposes this proposal to reauthorize section 215 of the USA
PATRIOT Act. This bill purports to ban certain acts under narrow authorities
but it doesnt ban those behaviors outright. Nor does it increase
meaningful oversight of the NSA. If theres one thing we know about the
NSA, its that it will stretch the law to its limits , said David Segal, Executive Director of
Demand Progress. If this bill passes, the NSA will continue unaddressed
surveillance programs and will secretly torture the English language to
devise novel justifications for spying on Americans we wont even know
the details until a new whistleblower comes forward a decade or two from
now.

2NC Impacts

Impact Magnifier-Cyber Security

Cyberattacks are highly likely- even small attacks will
overwhelm the US
Gady 15 (Franz-Stefan-associate editor for the Diplomat and Senior Fellow with
the EastWest institute, Russia Tops China as Principal Cyber Threat to US, The
Diplomat, 3/3/15, http://thediplomat.com/2015/03/russia-tops-china-as-principalcyber-threat-to-us/
While I cant go into detail here,

the Russian cyber threat is more severe than we had

previously assessed, the director of national intelligence, James Clapper, told the Senate Armed
Services Committee during the 2015 presentation of the Worldwide Threat Assessment of the U.S. Intelligence

The report lists sophisticated cyberattacks as the principle

national security threat facing the United States. Cyber threats to U.S.
national and economic security are increasing in frequency, scale,
sophistication, and severity of impact, the assessment notes. Russia is singled out as
one of the most sophisticated nation-state actors in cyberspace. The report notes
that Russias Ministry of Defense is establishing its own cyber command,
responsible for conducting offensive cyber activities (similar to the United States
Community.

Cyber Command). The report says that Russias cyber command will also be responsible, again similar to its U.S.
counterpart, for attacking enemy command and control systems and conducting cyber propaganda operations.

unspecified Russian cyber actors have developed the capability

to target industrial control systems and thereby attack electric power
grids, air-traffic control, and oil and gas distribution networks. However, the
Furthermore,

report points out that the United States will not have to fear debilitating strategic cyberattacks on a large scale:
Rather than a Cyber Armageddon scenario that debilitates the entire U.S. infrastructure, we envision something

We foresee an ongoing series of low-to-moderate level cyber attacks

from a variety of sources over time, which will impose cumulative costs on
U.S. economic competitiveness and national security. The assessment also provided
different.

a hint that we may see an increase in naming and shaming campaigns, similar to the cyber espionage charges
against five Chinese military officials accused of hacking into U.S. companies back in May 2014. The report argues
that the muted response by most victims to cyber attacks has created a permissive environment in which low-level
attacks can be used as a coercive tool short of war, with relatively low risk of retaliation. In addition, the report
notes that identification of perpetrators has become a lot easier in the last few years. Perhaps this is the reason
why the U.S. intelligence community chose to go public at this stage. U.S. intelligence agencies have known for

Russia is a much more capable adversary in cyberspace than China

and that Moscow employs more sophisticated and stealthier cyberattack
methods. The threat from China is overinflated, (and) the threat from Russia is underestimated, Jeffrey Carr,
years that

head of the web security firm Taia Global and author of the book Inside Cyber Warfare, emphasized in an interview
last year. Carr added: Russia certainly has been more active than any other country in terms of combining cyberattacks, or cyber-operations, with physical operations. The Russia-Georgia war of 2008 was a perfect example of a
combined kinetic and cyber operation. And nobody else has ever done that China has never done anything like
that. In another article back in 2014, Carr stated that the United States has neglected to keep track of Russias
ever growing cyber power. If you want to properly assess a threat, you need to understand your adversarys intent,
capability and opportunity, Carr wrote. The U.S. government has not kept current on Russian technical
advancements which means that we cannot estimate capability accurately. Back in 2010, in a report for the
EastWest Institute, my colleague Greg Austin and I proposed cyber military exercises between the United States
and Russia as a vehicle for trust building. While the idea may seem far-fetched, it perhaps might have allowed for
both countries to become more familiar with each others capabilities and helped reduce tensions. This could have

it is
almost impossible to stop the spread of sophisticated attack tools in
cyberspace or to keep them secret for too long. In his article The Democratization of
happened without reducing ones side capability for waging cyber war. Bruce Schneier emphasizes that

Todays NSA secrets

become tomorrows Ph.D. theses and the next days hacker tools.
Cyberattack he laconically summarizes the predicament of cyber warriors:

Innovation I/L
Investment in IT security is key to technological innovationspecifically cloud computing
P.A.M. 14 (Pictet Asset Management- Investment management firm part of the
independent wealth and asset manager group Pictet, News from the Advisory
Board Security Post-NSA leaks, a new cyber security landscape, Pictet Asset
Management, May 2014,
http://www.pictetfunds.fr/files/Focus_du_mois/Contributions/Pictet-Security_AdvisoryBoard_201405.pdf)
the industry is witnessing a profound shift in the
behaviour of cloud users, who are now focusing less on protecting
infrastructure but more on protecting data. A new privacy industry is
emerging as a result, with demand rising for technology to browse the
web privately and encrypt emails, mobile phone calls and text messages.
The NSAs mass surveillance programme has accelerated the development of a range of
tools for individuals and corporate users, from NSA-proof messaging apps to Boeings Black
In the view of experts on the AB panel,

phone, an Android phone for government agencies and contractors which will self-destruct if its hardware is
tampered with. This is just as well, since most of the data-gathering capabilities detailed by Snowden may be

Prospects look especially bright for providers of

smart cyber-security solutions, as individuals and businesses continue to
face increasingly complex cyber threats. Snowdens revelations of the existence of masssurveillance programmes has generated interest in the security industry all levels. Once a grudge
purchase that was considered a drain on resources, IT security in its new
incarnation is now viewed as delivering added value to buyers, and
putting them back in control. Cyber-security is intrinsically linked to the
long-term technological trends shaping our society, from cloud computing
to mobile devices and big data. IT security providers can give companies
the confidence they require to embrace these new technologies - one
positive development investors can give Snowden credit for.
available commercially within five years.

Competitiveness I/L
Snowden leaks have set off a gold rush for security companies
increasing competitiveness
Ungerleider 14 (Neal-reporter for Fast Company, MANDIANT AND THE
CYBERSECURITY GOLDRUSH, Fast Company, 1/7/14,
http://www.fastcompany.com/3024445/mandiant-and-the-cybersecurity-goldrush
2014 was celebrated in the cybersecurity world with a massive, billon-dollar acquisition. Mandiant, a security firm
best known for conducting forensics on alleged Chinese military attacks against the New York Times, was acquired

If you happen to run a security firm or have

equity in one, congratulations: The next year is going to be all about
acquiring cybersecurity firms, and it's largely the result of one Edward
Snowden. Snowden's revelations of omnipresent American government data
vacuuming of the entire digital world, and not just of foreign militant or government targets,
accelerated larger trends in the security sphere. Large and midsized companies realized
by security software provider FireEye.

that for cybersecurity, they'd have to go it alone: Closer ties between tech firms and the government could hurt
foreign sales due to non-U.S. consumers fearing U.S.-based companies are in cahoots with American intelligence
agencies. There were even post-Snowden fears by foreign-owned companies working on American soil that the NSA
might be spying on them as well. These weren't just idle fears; Reuters recently offered good evidence that security
firm RSA let the NSA put a backdoor in one of their software tools as part of a secret $10 million contract. In 2013
and 2014, it's deeply out of fashion to discuss increased collaboration between the government and cybersecurity

For said security firms, this means a gold rush of mergers and
acquisitions. The combination of a higher volume of digital attacks, more
clients being aware of the need to protect themselves, and government
paranoia means security companiesmany of which are on the small sideare in a good
place to be purchased for large sums of money. Mandiant, many of whose
employees reportedly come from the intelligence community, was acquired for more than $1
billion in cash and stock. They're only the latest in a string of cybersecurity
acquisitions over the past year. Websense was acquired this past spring, IBM acquired financial
firms.

security firm Trusteer last summer, and Cisco acquired SourceFire in July for a reported $2.7 billion dollars.

Acquisitions in the billions of dollars are relatively commonplace in the

security world because of the organizations that use their services:
Fortune 500 companies are willing to dig deep in their pockets to keep
away white collar criminals and other digital intrudersjust think of how Target's
public image suffered as a result of their data breach . The trend of
acquisitions is likely to continue; Gartner Research analyst Lawrence Orans told me in a telephone
conversation that "there are a lot of small companies in various segments of the security market, defending and
protecting against advanced persistent threats (APTs) ... and you'll see a lot more consolidation there. You'll see the

He added that smaller and mid-sized companies

will be using outside cybersecurity services as well. "Smaller to mid-size
companies will have to rely on third-party services, because defending
against APTs and targeted attacks is a complicated area that they don't have
time or resources to bring their people up to speed. Large companies will develop
expertise and invest internally in security." Either way, this means security firms are in a
prosperous position right now.
larger players acquiring smaller players."

Aff Answers

US Cyber capability sufficient

The US will overcome a cyber attack- offensive capability is too
strong
Sotteck 15 (T.C-Writer for the Verge, New Snowden documents show that the
NSA and its allies are laughing at the rest of the world, The Verge, 1/17/15,
http://www.theverge.com/2015/1/17/7629721/nsa-is-pwning-everyone-and-havinga-chuckle-about-it)
A team of nine journalists including Jacob Appelbaum and Laura Poitras have just published
another massive collection of classified records obtained by Edward
Snowden. The trove of documents, published on Der Spiegel, show that the National
Security Agency and its allies are methodically preparing for future wars
carried out over the internet. Der Spiegel reports that the intelligence agencies are
working towards the ability to infiltrate and disable computer networks
potentially giving them the ability to disrupt critical utilities and other
infrastructure. And the NSA and GCHQ think they're so far ahead of everyone
else, they're laughing about it. We already know that the US is already
capable of launching complex digital attacks that can cause physical
damage to its enemies. A computer virus known as Stuxnet, discovered in 2010, was
deployed as part of a joint operation between the US and Israel that
ravaged Iran's Natanz nuclear facility, destroying many of the country's
nuclear centrifuges. Since then, the NSA's top brass has boasted of newer
and more powerful digital weapons. THE NSA AND GCHQ ARE CRACKING
JOKES ABOUT PWNING EVERYONE

NSA is way ahead of everybody else in offensive capability

RT 15 (Russian Times, NSA develops cyber weapons, attacker mindset for
domination in digital war Snowden leaks, Russian Times, 1/17/15,
http://rt.com/news/223731-nsa-digital-war-snowden)
Mass surveillance by the NSA was apparently just the beginning. The
agency is now preparing for future wars in cyberspace, in which control
over the internet and rival networks will be the key to victory, documents
leaked by Edward Snowden reveal. The National Security Agencys aim is to be
able to use the web to paralyze the enemys computer networks and all
infrastructures they control including power and water supplies,
factories, airports, and banking systems, Der Spiegel magazine wrote after
viewing the secret files. The publication stresses that international conventions
regulating the new digital weapons of the 21st century are almost nonexistent, and the only law that applies in the field is the survival of the
fittest."

Encryption Doesnt Solve Attacks

Encryption is insufficient at preventing attacks-Sony Proves
Rubens 15 (Paul-Reporter for BBC tech, Cybersecurity: Defending
'unpreventable' cyber attacks, BBC.com, 2/3/15,
http://www.bbc.com/news/business-31048811)
The Sony hackers are likely to have damaged Sony's reputation significantly by
leaking some of the confidential email exchanges that they stole. One measure that Mr Holland suggests
companies adopt to prevent this is to reduce their "embarrassment
footprint" by ensuring that unnecessary data is deleted promptly so that
there is less for hackers to steal. "Companies can certainly have too much data,
and they need to identify the data they don't need and kill it ," he says. This
leaves many companies with something of a dilemma, because of the growing
popularity of big data analysis. Big data projects require that data is collected and stored rather
than deleted so it can be analysed to uncover previously unknown patterns, trends and correlations. "The problem

infrastructure is that all the data is in one basket," says Mr Holland. "In
if a hacker could compromise the big data container they could
get everything." Key to the door The use of encryption to protect data from
intruders is also important, but Anton Chuvakin, a security expert at Gartner, points out that when
hackers get on to a network and aren't detected quickly there's a risk that
they will be able to steal the keys required to decrypt any data they steal.
with big data

many companies,

"The problem is that encryption is very easy, but key management is hard. How do you manage the keys so that
they are always available to every legitimate user that needs them, but never available to criminals?" Nonetheless,

encryption - and other security measures such as network segmentation - are valuable
because they make things harder for hackers. They present obstacles which, while not
insurmountable, hamper their progress. "What companies need to be doing
is switching away from trying to prevent hackers from getting into their
networks," Mr Chuvakin says. null Encrypted data is opened using a key - if hackers
get into your network, how do you stop them getting hold of it while
ensuring staff have access? "Thinking about how they can slow hackers
down so they can catch them is much more sensible. If hackers steal your encrypted
he believes that

data but then have to spend three days searching for your encryption keys then you have a much better chance of

This begs the question of how companies can detect

sophisticated hackers intruding on their networks: current anti-virus and
intrusion detection systems are clearly not powerful enough to prevent
Sony-style attacks, Mr Chuvakin says.
detecting them."

Encryption cant overcome other alt causes that lead to

attacks
Martins 14 (Flavio-VP of Operations at DigiCert, named by the HuffPost as top
Customer Experience Pro, Enterprise Defense From Security Threats, Cyber
Attacks, and Data Leakage, DigiCert Blog, 8/18/14,
https://blog.digicert.com/enterprise-defense-vulnerabilities-cyber-attacks-databreaches/)
the sheer growth in the volume of hacking
attempts that enterprises face today are reaching epidemic proportions.
Defending enterprises against threats, attacks, and user mistakes that
The growing complexity of these attacks and

leak sensitive corporate data requires us to take a broader look at the

concept of vulnerabilities, so that we can understand why attackers are
able to compromise software and infiltrate corporate networks. Basically,
vulnerabilities enterprises face today include one or more of the following: Weak passwords Incorrect configuration
of a system Unpatched software Unqualified or untrained users Insufficient security measures Incorrect operational

Enterprise vulnerabilities, network

weak points, and data security depend on a system to manage these
potential threats, including managing proper access to network resources
and mitigating the capability of internal and external user mistakes.
Responding to Internal and External Data Security Threats The worlds largest oil producer, Saudi company
Aramco, was forced to shut down operations following a devastating virus
that erased data from tens of thousands of network resources (reports state
procedures Ineffective or no BYOD policy implementation

nearly 75% of its enterprise resources were affected). This incident should be a wake up call for enterprises
throughout the world that internal and external data security is critical to ongoing business operations. The Aramco

The
Target data breach that exposed millions of customer financial records
appears to have been triggered by stolen 3rd party contractor login
credentials. Managing data security in enterprises requires the proper approach to data security and
incident is reported to have been started by an internal individual with extended access to the network.

vulnerability management by identifying possible vectors, classifying the existing threats to enterprise data, and
limiting the access to information and resources internally and externally in the organization. 4 Key Areas for

Enterprise vulnerabilities can be found in a number of

areas in the organization. Information threats come in physical and digital
form. Among them include: Hardware Vulnerabilities Unprotected storage
in a hardware system could lead to vulnerabilities. Managed PKI is used more and more often to help
Enterprise Data Vulnerability

hardware vendors deploy digital certificates for hardware device security. Along with certificate-based security for
data encryption and access control, administrators should also consider the role that BYOD policies should play in
their organization to protect network resources from external, possibly compromised devices infecting network

Software Threats With proper, regular audits and testing of

software, vulnerabilities can easily be found. Enterprises should carefully consider what
resources.

software users can install on corporate systems and only trust software from reputable vendors. Microsoft has gone
a step further in helping enterprises deal with the growing data security threat by requiring all third party
developers of Windows applications to use an EV Code Signing SSL Certificate for any Windows-based application.
The EV certificate verification process requires application developers to go thorough background identity checks,
filtering out malware developers and also preventing the unauthorized repackaging of popular software.

Network Risks Administrators must protect network systems, because

without this protection any system is susceptible to vulnerabilities . The data
between communications channels in a network must always be encrypted. Administrators should also work with
vulnerability scanning and monitoring services to ensure that proper encryption has been set up and that security

Cyber Attacks Following a

vulnerability located in your system, the next step is a cyber-attack. Using
a malicious code, a cyber-attack will change the data or the system code.
This causes an interruption which exposes data and leaves your system
open to cyber crimes. In order to pull off a successful attack, the network
and source of data are penetrated by the attacker. Unmonitored systems that are
settings are properly configured and known vulnerabilities are addressed.

susceptible to known security vulnerabilities are a prime target for cyber criminals and hackers. The free cloud
security monitor Certificate Inspector, for example, can identify potential system security problems like weak keys,
outdated ciphers, or even expired certificates. Cert Inspector utilizes a unique, proprietary algorithm to grade
certificate installations and also server configurations by connecting to a public website online. It also offers internal

All of the findings are stored in a secured

account, never revealed on any public site, and administrators can quickly
set up ongoing system checks to automate vulnerability detection for their
network resources. Responding to Data Security Demands Employees should receive
agents for scanning internal network resources.

frequent, ongoing training on data protection and data management

policies. Web users must maintain strong passwords, ignore emails from
unknown sources, and be continually reminded of best practices to ensure
personal and data security online. Attackers have become very
sophisticated in their cyber-attack methods and are using new, improved,
and innovative methods to gain access to your confidential information.
Organizations need to always be vigilant and take security precautions to protect
themselves, their data, and their users from the growing threats,
vulnerabilities, data breaches, and cyber attacks.

Security investment is ineffective at preventing cyber attacks

Saran 6/23 (Cliff-Writer for Computer Weekly, Stop indulging in cyber security
technology without a clear business case, Computer Weekly, 6/23/15,
http://www.computerweekly.com/news/4500248601/Stop-indulging-in-cybersecurity-technology-without-a-clear-business-case
Throwing more resources at IT security may not be the best way to tackle
cyber crime, according to a report by Ernst & Young. In a survey of 250 financial institutes, EY found that
28% of respondents were most likely to see the biggest threat emanating from external hackers. The survey found
that a significant proportion of finance professionals also saw threats coming from technical systems vulnerability
(23%) and employees (21%). In the Cybersecurity: Balancing risks and controls for finance professionals report,
Richard Brown, a partner in EYs IT Risk and Assurance practice, said: The first step is to understand the business
risks associated with the cyber threat. IT exists to enable the organisation not as an end in itself. Once

organisations have identified the business risks that are causing concern,
then they can target their security investment appropriately. There is also
a cost-benefit discussion to be held achieving maximum security may
require a disproportionate spend. The report warned that some of the
digital security offered by IT departments may become misaligned with
organisational priorities. Security has become synonymous with
compliance, and response frameworks have been too focused on
technology and bolt-on upgrades. Lines of accountability may be unclear,
particularly in terms of who is responsible for a response to a breach .
Boardrooms increasingly recognise this isnt just a matter for technologists, but for them too, said Brown.

NSA Surveillance
Allowing the NSA to continue to spy just means they
circumvent new encryption
Bamford and De Chant 15 (James and Tim-Reporters for PBSs NOVA,
Exclusive: Edward Snowden on Cyber Warfare, NOVA Next, 1/8/15,
http://www.pbs.org/wgbh/nova/next/military/snowden-transcript/)
Its becoming less
and less the National Security Agency and more and more the national
surveillance agency. Its gaining more offensive powers with each passing
year. Its gained this new Cyber Command thats under the director of NSA that by any measure should be an
entirely separate organization because it has an entirely separate mission. All it does is attack. And
What we see more and more is sort of a breakdown in the National Security Agency.

thats putting us, both as a nation and an economy, in a state of permanent vulnerability and permanent risk,
because when we lose a National Security Agency and instead get an offensive agency, we get an attack agency in
its place, all of our eyes are looking outward, but theyre not looking inward, where we have the most to lose. And
this is how we miss attacks time and time again. This results in intelligence failures such as the Boston Marathon
bombings or the underwear bomber, Abdul Farouk Mutallab (sic). I n

recent years, the majority of

terrorist attacks that have been disrupted in the United States have been
disrupted due to things like the Time Square bomber, who was caught by a
hotdog vendor, not a mass surveillance program, not a cyber-espionage
campaign. So when we cannibalize dollars from the defensive business of
the NSA, securing our communications, protecting our systems, patching
zero-day vulnerabilities, and instead were giving those dollars to them to
be used for creating new vulnerabilities in our systems so that they can
surveil us and other people abroad who use the same systems. When we
give those dollars to subvert our encryption methods so we dont have any
more privacy online and we apply all of that money to attacking foreign
countries, were increasing the state of conflict, not just in diplomatic terms, but in terms of the threat to our
critical infrastructure.

AT: Snowden Effect

Snowden Effect is actually detrimental to US Tech Industry
Peterson 15 (Sam-Writer for the Daily Caller, Snowden Leaks Costing US Tech
Companies BILLIONS Abroad, The Daily Caller, 6/9/15,
http://dailycaller.com/2015/06/09/snowden-leaks-costing-us-tech-companies-billionsabroad/)
The American technology industry is losing billions of dollars abroad
because Edward Snowden leaked NSA documents in 2013, according to a
report by the Information Technology & Innovation Foundation . In 2013, when
Snowden first began releasing NSA documents, ITIF speculated that U.S.
firms could lose anywhere between $21.5 billion and $35 billion in the
coming years, mainly due to lose of trust in foreign markets. ITIFs most
recent report states losses will go beyond the initial $35 billion prediction. The
U.S. governments failure to reform many of the NSAs surveillance
programs has damaged the competitiveness of the U.S. tech sector and
cost it a portion of the global market share, the report reads. The leaked NSA
documents not only placed government employees at risk, but also impacted large
American corporations like Boeing. In December 2013, Boeing lost a contract to
Saab AB to replace Brazils aging fighter jets due to concerns over NSA activities,
according to the report. China has had one of the strongest responses to the release
of NSA documents, tightening their already strict policies. China also opened an
initiative called De-IOE, which stands for IBM, Oracle and EMC to convince its
state-owned banks to stop buying from these U.S. tech giants. When historians
write about this period in U.S. history it could very well be that one of the
themes will be how the United States lost its global technology leadership
to other nations, ITIF wrote.