(Surveillance) Times have Changed
It was only a year ago when the UK Home Office repeatedly made statements about how their capability to collect intelligence was degrading, and how new laws such as the Communications Data Bill were necessary to protect citizens.
In hindsight, given the revelations about the UK domestic mass surveillance programs, these once desperate cries for more crime- and terrorism-fighting tools now look like nothing more than attempts to illegitimately spy more on all citizens. Quotes from those debates look rather different now.
Unable to access
“The Agencies require access to communications data – in certain tightly controlled circumstances and with appropriate authorisation – in the interests of national security. We recognise that changing technology means that the Agencies are unable to access all the communications data they need, that the problem is getting worse, and that action is needed now.”1
Edward Snowden’s documents show otherwise.
“Each day, the document says, 1–2bn records were added,” to the Five Eyes (Australia, Canada, New Zealand, the UK, and the USA) Xkeyscore databases.2
Despite this, we hear this from the Intelligence Services Committee:
“The UK is not alone in facing the problem of the deteriorating access to communications data. We have held conversations with some of our 5-Eyes counterparts who are clearly facing the same issues, as are our European allies.” … “The UK is amongst countries such as France and Denmark which have therefore chosen to take both a forward-looking and a transparent approach in seeking to introduce new legislation.” 3
We have concerns that the “forward-looking and a transparent approach” was neither of those things, given what the world found out about the UK’s vast spying regime only months later.
The 25% gap
The Snowden revelations makes the claims about a 25% of communications data being unavailable to authorities even more ludicrous.
Here’s Charles Farr, the UK’s Director of the Office for Security and Counter-Terrorism: “Perhaps I can talk a bit about the methodology of the 25%, if you are interested. This is not a figure that we have plucked out of thin air. We arrived at this figure by two routes: what I would call loosely a bottom-up route and a top-down route. The bottom-up route, the detail of which we have given to the Intelligence and Security Committee” 4
Another one of Farr’s quotes, worth looking at again, was when he was speaking about requests for an individual’s data: “How broad could a request be? Could a request be, for example, to get all the information from every subscriber to a service for a period of a week? Would that be possible within the current law? Charles Farr: No.” 5
From Snowden’s releases, we have found out the answer: Yes. The Government can do just this when it comes to accessing metadata, but they only do for 3–5 days of content.
Public awareness and Whistleblowing
“There is already a complaints procedure that people can take forward, if they feel that their data has been misused, so there is already a complaints path for people to use. I am not sure that adding a Parliamentary complaints path would necessarily add anything extra to the system.” 6
"The complete absence of any detail about the data to be covered by the Bill is giving rise to considerable concern in Parliament and from the general public. We have been given detailed evidence as to which areas will and will not be covered and, moreover, which particular types of communications are currently causing the greatest problems. This is highly classified material and could not be made public without damaging the operational capabilities of the Agencies. However, we note that the Joint Committee has been given a very broad indication of the categories of CD that comprise the current gap and which will therefore be covered by the Bill. This is in the form of three broad sets of data: IP address subscriber details; data identifying which internet services or websites are being accessed; and data from overseas CSPs. This information was originally classified as ‘Restricted’ by the Home Office (the official definition of which includes information which, if made public, may be prejudicial to the investigation of crime, or risk reducing operational effectiveness or security). We questioned whether the generic nature of these categories of data would really cause such damage. 7
“There is a balance to be struck between that potential damage, and the damage which would be caused by the failure to generate sufficient confidence in the Bill which might then jeopardise its passage through Parliament. We therefore welcome the fact that the Home Office has now placed this information in the public domain." 8
None of this secrecy is new: “Minister[s] have not been above signing public immunity certificates like confetti. I heard of one such certificate being issued in respect of a traffic incident in Nottingham. " 9
Here’s Daniel Ellsberg, possibly the United States’ most famous whistleblower, about Snowden’s releases and whistleblowers:
“It will always be the case that much is classified that need not be classified. But that’s not the real problem. The real problem is how much is classified that needs not to be classified if we want to be a democracy… In short, we have a great deal of secrecy on exactly what the public needs to know. And what Snowden has revealed is exactly in that category.”
Crowds and Debate
“Charles Farr: … If you have the right kind of data, issues of anonymisation cease to be a significant problem.” 10
But, it’s quite clear that much of the surveillance was done with specific targets in mind: “A separate document displayed communication patterns between Brazilian President Dilma Rousseff and her top advisers” 11
Blundered Intelligence actions gave popularisation of the term “economical with the truth” in a court room by a former Cabinet Secretary. In time, that lead to the 1988 Security Service Act (MI5), and the 1994 Intelligence Services Act (MI6/GCHQ), the committee debates of which have been locked in Parliament’s Archives for 19 years - until now.
This debate has been replayed over and over again – 18 months ago, in 2009, 1998, depending on how you count. But however it is counted, we require the truth to be told to Parliament.
With prophetic foresight, the ISC report noted “Any proposals to intrude into the lives of citizens will, understandably, prove controversial and will, rightly, provoke debate.” 12
But, when that debate started to play out based on facts beyond the Government’s control, the comment was: “You’ve had your debate. There’s no need to write any more.” 13