Despite increasingly heated rhetoric from opponents of government surveillance, a recent survey shows that most Americans would be okay with many kinds of Internet snooping as long as the snoopers told them first.
The results showed “a surprising willingness by participants to accept the inspection of encrypted traffic, provided they are first notified,” according to the researchers behind the survey, which was titled “At Least Tell Me.”
Although the respondents put up with surveillance, half of them said that they believed it constituted an invasion of privacy.
Surveillance tools can create security vulnerabilities that permit hacking, illegal spying, privacy violations, and identity theft. But around 75 percent of respondents agreed that Internet service providers should be allowed to surveil traffic as long they notified users and received consent.
Most respondents also agreed that employers should be able to monitor the encrypted Internet connections of employees even without notification or consent, especially when an employee used a company computer. There was less agreement when it came to employees using personal devices; approximately a third of respondents opposed surveillance in that case.
In other situations—using the Internet at schools, in libraries, and on public Wi-Fi—most respondents said that surveillance was fine as long as they were told that it was happening.
The one exception to the overall trend in the survey involved warrantless government surveillance, but even that issue exposed a sharp divide.
Half of respondents objected outright to such spying. But 10 percent accepted it without qualification, another 10 percent said it was acceptable with notification, and a quarter of respondents said it was acceptable with consent.
The survey asked specifically about TLS interception proxies, software that intercepts and examines encrypted Internet traffic. Such proxies are used for protecting computers against malware, identity theft, and surveillance. Anyone with enough money can buy a TLS proxy. The same technique can be replicated with fake security certificates, rogue authorities, or clever attacks.
Despite accepting surveillance in a number of situations, 60 percent of respondents said that they would react negatively if they discovered that a network they currently use employed TLS proxies.
“I would be angry and would feel that organization violated my trust,” one anonymous responder said. “I would wonder what information that organization had been collecting on me and what they planned to do with it. If it was my employer, I also would think that organization did not trust me and would consider working somewhere else.”
Most respondents said that trade-offs often made surveillance acceptable because it could help schools and workplaces while defending against hackers.
The researchers described “confusion, doubt, worry, equivocation, and reasoned conclusions” among the participants as they wrestled with the big questions of privacy and security.
“I think it is perfectly acceptable for organizations (companies, schools, libraries, etc.) to use TLS proxies because it protects their computers,” one participant wrote.
“It keeps hackers from getting to sensitive or confidential information of the organization. In addition, it blocks harmful viruses that can cause a lot of damage and expense in repair. It can also keep individuals from accessing websites (employees from playing online games or minors from accessing pornography). It is perfectly reasonable for companies to employee this device for these purposes when an individual is using their computer. We should not expect privacy when we are using someone else’s computer.”
Approximately 90 percent of the survey’s 1,976 respondents were American. The researchers conducted the survey online earlier this year. Respondents skewed toward young adult, single, childless males, most of whom considered themselves Internet security savvy.
Photo via jDevaun.Photography/Flickr (CC BY ND 2.0)