Permanent Vigilance: the autobiography of the most famous whistleblower of recent times

Cover of the book Vigilancia Permanente. Photo of El Cultural:

Starting in June 2013, various media outlets reported unauthorized mass surveillance activities carried out by US intelligence agencies, mainly the National Security Agency (NSA), directed against millions of people, both US citizens and those of other countries, including foreign authorities. The person responsible for such disclosure would be a young computer scientist - at the time 29 years old - NSA contractor, Edward Snowden, who after a rising career in the North American intelligence community exposed to the media and the international community the serious abuses these agencies were incurring.

Since then, the story of Snowden and his allegations has generated great interest. His complaints have given way to the publication of several academic and literary works, even going so far as to present in 2014 a documentary film, which would earn him an Academy Award [1]. Some specialists do not hesitate to identify Snowden's revelations as a milestone in the timeline, a before and after, from which it is possible to verify a lifestyle in which vigilance becomes a characteristic feature of our culture [ 2].

But until this moment, there was not a work that in all depth told us about this episode. It is true, Edward Snowden is assiduous in granting interviews, despite his sensitive situation of exile and clandestinity, but even putting all these interviews together, it is difficult to put together puzzle with the image that allows us to understand who Snowden is, what his motivations were, what kind of surveillance practices motivated him to make the disclosure and what are the characteristics and extent of such practices. The work comes precisely to clarify first hand all these doubts.

Permanent vigilance It is an autobiographical book. A good part of its chapters are dedicated to reconstructing Snowden's life, going through his childhood and adolescence, in North Carolina and Maryland, respectively; to the eaves of a family linked to the area of ​​intelligence and defense. In this intimate story that Snowden offers, his immersion, at an early age, in computer technologies and, in particular, the discovery of the internet, a space of true emancipation, characterized by stimulating creative developments, collaboration between Internet users and anonymity; and its gradual transition to become an increasingly controlled and predictable space.  

But the book is at the same time –why not affirm it- a kind of essay, which, without further pretensions, invites to revisit the notion of patriotism, to discuss the projection of security desire, the threats that new technologies pose to privacy of people and on the liberal-democratic system.

The abuses that Snowden denounces in great detail in the book are of various kinds. We could systematize these practices into three categories: first, direct forms of interception of communications and access to private data through the material intervention of submarine inter-oceanic fiber optic cables, through the installation of information interceptor devices. Second, public-private collaboration strategies between intelligence agencies and large telecommunications and technology companies (ie: Microsoft, Facebook, Google, Yahoo, Youtube, Skype, Apple, among others) for them to deliver data or metadata stored from your customers. Third, the use of malicious code (malware) sent to obtain control of part of the functions or of all the users' computer systems [3].

But this is not all, perhaps the most alarming features of these practices are linked to two common characteristics: that of being massive and indiscriminate, like a kind of trawling, on the one hand; and, on the other hand, that the personal data obtained was kept for indefinite periods of time, beyond a specific purpose, in the event that they could be useful at some point. On this last point, Snowden (2019: 230) refers that the NSA saying was that "there is no point in collecting anything unless it could be stored until it was useful, and there was no way to predict exactly when this would happen."

Although these practices, which were clearly illegal, generated a feeling of astonishment in the government and citizen authorities, when uncovered, the truth is that they were part of an emergency security policy, which tended to weaken all Fundamental guarantees, including privacy and privacy. With this we refer, of course, to the legal and political consequences of the attack on the Twin Towers on September 9, 2011 and to its most important normative correlate the Patriot Act, but, above all, to the political discourse of the "war on terror", which not only publicly legitimized the restriction of fundamental rights and the expansion of intelligence powers, but also encouraged military incursions into the Middle East, which with the Time proved to be based on false accusations by former North American President George W. Bush [4]. 

This work, which combines political rhetoric, legal norms and technological devices, achieved projection beyond the emergency that gave it life, surviving to this day. This is a statement that must be taken quite seriously, since it implies an unprecedented paradigm shift that departs from modernity's own liberal project, disfiguring the function of limits of individual rights against state power. And it is not only privacy that has suffered greatly in this unrestricted expansion of power, but also various related freedoms: of creed, expression, assembly, etc. What to speak of the principle of innocence, when the data of millions of people are collected, stored and consulted without even a reasonable basis for such treatment (probable cause).

Another worrying feature is that this system works through a public-private alliance that disfigures the traditional face of National Security, mutating into what has been characterized by Bigo (2001) as a "Moebius tape" where it is no longer possible to distinguish the international of the domestic, the public of the private [5]. Such a situation is problematic since - as Snowden himself warns - it is capable of generating a democratic tension, since both large technology and / or communications companies and intelligence agencies are entrenched and unelected powers that materially influence and control the exercise and extension of people's rights. 

But it would be unfair to ignore that after Snowden's revelations there has been a slow, but somewhat hopeful transit, around the recognition of the value of privacy and the need for its effective protection. In the European context, the promulgation of the General Data Protection Regulation (RGPD, 2016) that seeks to protect the personal data of the citizens of the European Community, including with respect to foreign companies, was significant. In the same itinerary, the relevant role that the Court of Justice of the European Union (CJEU) has played in the protection of privacy must be recognized, which has shown, on different occasions, its concern for massive and continuous surveillance practices in the territory of the European Community, leaving without effect regulations referring to the powers of the intelligence and criminal prosecution agencies of various European countries, similar to those of the NSA denounced by Snowden [6].  

Along these lines, the recent legal initiative of the State of California - a place where an important part of technology companies are based - known as California Consumer Privacy Act, which comes to recognize various rights to the holders of the data, namely: information, purpose, modification and deletion of the data [7]; protection that, although incomplete, is close to what is recognized in the European Continental system as basic principles of the right of informative self-determination.

In Chile, on the other hand, regulation is clearly unsatisfactory. However, the Political Constitution of Chile recognizes in article 19 N ° 4, together with the protection of private life, the protection of “personal data” [8] and of having it for several years now - even before the unveiling of Snowden- with a Personal Data Protection Law [9], such regulation becomes a kind of formal declaration of rights, in view of the absence of key elements in such a regulation, which allows offering effective protection of the informative self-determination. In effect, it is a legislation that did not create an administrative regulatory body, did not establish a suitable complaint procedure and omitted to have a catalog of administrative offenses and penalties; in other words, it is, in simple terms, a “law without teeth”. It remains then to wait - with some impatience at this point - the result of the reform projects in the current legislative discussion [10]. 

But despite these advances, more reactive than preventive, the way to go is still long. Especially of legislative integration in Latin America, since privacy protection proves to transcend borders. Similarly, our societies must be able to answer questions powerful posed by Snowden's work: To what extent can we sacrifice privacy for security without losing meaning? Is it admissible that the State hack? What limits should we impose on surveillance activities? How can we build a free and secure internet for Internet users?

Permanent vigilance, is a stimulating and indispensable work for technology lovers, which highlights the dystopian stamp of our present. The work takes on unusual relevance today, given that in the face of a new emergency -this time of a sanitary type- new mass surveillance practices have been launched. It seems counterintuitive in the face of such an emergency to put respect for privacy first and is probably not appropriate. But, the lesson that leaves us Permanent vigilance is that emergencies at some point end while extraordinary powers persist. We can see how different governments monitor the spread of the pandemic through sophisticated monitoring and biometric technologies (ie: cameras with facial recognition); It would be delusional to think that once this emergency is over, these expensive devices will stop being used just like that. The warning is clear, let's not stumble this time over the same stone ...


The following edition of the work has been used for this review: Snowden, Edward (2019) Permanent vigilance. Barcelona: Editorial Planeta, 445 pp. 

[1] We refer to this with the documentary entitled “Citizenfour” (2014) directed by Laura Poitras. For more details:

[2] For David Lyon, one of the most recognized specialists in the field of surveillance studies (surveillance studies), The surveillance culture it becomes visible from the turn of the century (XXI), especially after the policies that followed “9/11”, and its contours become perfectly clear after the revelations made by Snowden, in 2013. Cf .: Lyon, David (2019) The culture of surveillance. London: Polity, p. 9.

[3] Take for example the malicious program OPTICNERVE, able to save images of people's cameras every five minutes, while making video calls: Snowden, ob cit., p. 344. 

[4] The war incursion of the United States and some of its allies against Iraq, in 2003, was justified, before the International Community (ie: Resolution 1414 of the United Nations Security Council) by the allegation that the Saddam Hussein maintained weapons of mass destruction, allegations which later proved to be false. In this regard: "The Iraq War: at first it was a lie ...", Deutsche Welle: (18/04/2020); "The lies of the Iraq War that continue to cause harm today", El Mundo: (18 / 04 / 2020).

[5] Bigo, Didier (2001) "The Möbius ribbon of Internal and External Security (ies)". In: Indentities, borders, orders. Rethinking International Relations Theory, Vol. 18. Minneapolis: University of Minnesota Press.

[6] In particular, the case is iconic Digital Rights Ireland - Seitlinger and others v. Irish Data Protection Commissioner, by means of which the CJEU annulled Directive 2006/24 / EC of the European Parliament, of 15/03/2006, on the conservation of traffic data and location of electronic communications, which sought to guarantee the availability of such data for purposes for the prevention, investigation, detection, and prosecution of crimes related to organized crime and terrorism; in a regime of indeterminacy and massiveness, which allowed the massive conservation of data of millions of users, for up to 24 months. On that occasion, the CJEU annulled said opinion, considering that continuous and massive surveillance of this type was disproportionate (Judgment of the CJEU, April 8, 2014, Case No. 293/12 and No. 594/12, particularly sections No. 37 and 58).

[7] On this point, the following note can be reviewed: "California Consumer Privacy Act (CCPA)", The Crypto Legal: (19 / 04 / 2020).

[8] Such recognition was the result of the amendment introduced by Law 21.096 that entered into force on June 16, 2018.

[9] We refer to this with Law 19.628, "Law on the protection of privacy", which entered into force on 17-02-2012.

[10] With this we refer to the projects on personal data that seek to replace Law 19.628, contained in the bulletins N ° 11.144 and N ° 11.092, consolidated, of the National Congress. 

- Advertising Notice-
Samuel Malamud
Lawyer. Bachelor of Law and Social Sciences (Universidad Central de Chile). Master in Criminal Law (University of Seville), Postgraduate Degree in Cybersecurity (University of Chile), Diploma in Human Rights (University of Zaragoza). Professor of Criminal Law (Universidad Mayor). Lawyer of the Advisory Unit of the South Metropolitan Regional Prosecutor's Office. Currently a PhD student in Law at the University of Buenos Aires.


1,954Happy fans


*All fields are required
es Spanish