The role of Computer Internet Exchanges (CIX) has come to some prominence following the Edward Snowden revelations of the US’s National Security Agency surveillance. The debate, Monika Ermert noted in her conclusion, would not have been happening without the Snowden revelations.
And while even traffic that goes through a CIX can never be 100 percent safe from surveillance, data travelling through networks within one country is as safe as can be, depending on what the government and security agencies allow.
This was a point made on day two of Domain Pulse in Salzburg Friday during a panel discussion on “Infrastructure in focus of intelligence service: Internet Exchanges.”
Operators of CIX’s though cannot be certain they aren’t a target of surveillance, Christian Panigl from AcoNet who is responsible for the Vienna Internet Exchange (VIX) said. But anything that happens in public or online can be tapped, whether it be conversations in a café or online.
But surveillance agencies outside Germany do not have the right to tap what businesses and citizens are doing online within Germany, Michael Rotert from the German internet association eco and the operator of DE-CIX said.
DE-CIX though has a subsidiary operating within the US, and the issue was raised as to whether pressure could be brought to bear on the German parent to allow surveillance. But Rotert said if this occurred, rather than acquiesce to the surveillance they would close the US operations. And no assistance would be given to assist security agencies abroad in monitoring what happens within Germany.
But while pressure from abroad to reveal information that passes through the DE-CIX would be rebuffed, it doesn’t mean US security agencies couldn’t eavesdrop on what is passing through the US subsidiary. The DE-CIX is powerless to stop another organisation renting hosting space within the same facility neighbouring the DE-CIX’s subsidiary and using their powers to monitor information.