After Paris: More Intelligence, not More Surveillance

It is sadly symbolic that the amazing rally in support of freedom of speech and tolerance in the wake of last week's murders in Paris was immediately appropriated by grandstanding politicians whose own records for both these areas are often appalling. The EU's ministers for the interior were hardly better. In their joint statement [.pdf], they trotted out the usual platitudes about their "unfailing attachment to the freedom of expression, to human rights," and then go on to propose new measures attacking both:

We are concerned at the increasingly frequent use of the Internet to fuel hatred and violence and signal our determination to ensure that the Internet is not abused to this end, while safeguarding that it remains, in scrupulous observance of fundamental freedoms, a forum for free expression, in full respect of the law. With this in mind, the partnership of the major Internet providers is essential to create the conditions of a swift reporting of material that aims to incite hatred and terror and the condition of its removing, where appropriate/possible .

"Partnership" is the standard code for "do it voluntarily, or else we will bring in legislation and you'll regret it"; "swift reporting" means that people's freedom of expression and privacy will be ignored, and probably that this will be done without any kind of judicial oversight. In the UK, where surveillance legislation is so outdated that online snooping is conducted in a largely unbridled fashion, and without meaningful oversight, cynical opportunism was quick to raise its head. Here's a rather remarkable comment from the head of MI5, made shortly after the recent attacks:

MI5 has no desire to seek sweeping powers for their own sake or loosen our long-held commitment to necessity and proportionality. You should not imagine that MI5 is always arguing for new powers or more tools – sometimes we’ve advised that further powers are not necessary.

This was in a speech in which he naturally called for further powers, saying:

We all value our privacy – and none of us want it intruded upon improperly or unnecessarily. But I don’t want a situation where that privacy is so absolute and sacrosanct that terrorists and others who mean us harm can confidently operate from behind those walls without fear of detection.

By an amazing coicidence, David Cameron - whose hypocrisy regarding freedom of speech is greater than most - has been saying the same thing:

the question is are we going to allow a means of communications which it simply isn’t possible to read. My answer to that question is: no, we must not. The first duty of any government is to keep our country safe. The attacks in Paris demonstrated the scale of the threat that we face and the need to have robust powers through our intelligence and security agencies in order to keep our people safe.

But what Cameron conveniently overlooks is that those attacks in Paris actually demonstrate the opposite: that mass surveillance is not the solution, as Paul Bernal explains in a blog post:

Firstly, ... France already has extensive surveillance powers. It already has ID cards. It already has more privacy invasions than we in the UK have – and we have a huge amount. That surveillance, those privacy invasions, didn’t stop the shooting in Paris. Why, therefore, would we believe that similar powers would work better in the UK? Because our police and intelligence services are somehow ‘better’ than the French? To say that’s an unconvincing argument is to put it mildly.

Secondly, and more importantly, it looks almost certain that the perpetrators of the atrocity were already known to the police and intelligence services. They had been identified, and noted. Just as the murderers of Lee Rigby had been identified. And the men accused of the Boston bombings. The intelligence services already knew who they were – so to suggest that more dragnet-style mass surveillance would have helped prevent the atrocity would simply be wrong. Let me say it again. We knew who they were. We didn’t need big-data-style mass surveillance to find them – and that’s supposed to be the point of mass surveillance, insofar as mass surveillance has a point.

This is the extraordinary thing about mass surveillance. Every time it fails, its supporters use it as evidence that we must have more (even though blanket surveillance is no longer possible in the EU.) If something doesn't work, you shouldn't do more of it, but something different and more effective. One of the striking things to emerge from the report on intelligence matters relating to the murder of Fusilier Lee Rigby, which I wrote about back in November, was that the UK intelligence services simply didn't have enough people to follow up all the leads they had. So the idea that we need *more* surveillance data, more false positives, more leads to follow up, is clearly folly.

But you don't have to take my word for this. Coleen Rowley is an FBI whistleblower with experience of how even more extensive spying is conducted by the US. Here's what she has said on the subject of data gathering:

I fear that terrorists will succeed in carrying out future attacks - not despite the massive collect-it-all, dragnet approach to intelligence implemented since 9/11, but because of it. This approach has made terrorist activity more difficult to spot and prevent.

And she goes on to point something that is obvious to anyone not trying to use these events to bolster their position:

After Edward Snowden described just how massive and irrelevant the US and UK monitoring had become, people started to grasp the significance of the saying: "If you’re looking for a needle in a haystack, how does it help to add hay?"

This pursuit of *total* information - Cameron's idea that there must not be a single document that the intelligence services cannot read - is blinding the authorities to the fact that they *already* have far more data than they have had in the past (which is why they cannot cope with it), simply because the data flows across the Internet have increased so much. Even if they only capture 90% of today's flows, it is hugely more than the 100% they may have had 10 years ago. What they need to concentrate on is coming up with better ways of using that 90%, rather than obsessing about getting 100% - and destroying civil liberties in this country and elsewhere in the process.

Finally, there is another fundamental error underlying the UK government's policy in this area, already pointed out by many others, but still largely ignored. By constantly playing up possible threats, and dubbing these criminal acts as "terrorism", governments give the perpetrators exactly what they want: priceless publicity, and validation that they are "special people", feared by entire nations like nothing else on earth.

This is exactly wrong: we should refuse to treat these acts as "special", refuse to call criminals and murderers anything but those names. Instead, we should "keep calm, and carry on", just as people did not just 70 years ago, but also more recently, when the UK had to face a far more serious threat from the IRA's bombings. Now, it seems, the authorities want us to forget what the British people achieved when they did indeed keep calm, and carried on, and want us to allow the UK government to bring in its next tranche of profoundly illiberal and anti-democratic surveillance measures and destroy yet more of that precious and dwindling legacy.

Follow me @glynmoody on Twitter or, and +glynmoody on Google+


Copyright © 2015 IDG Communications, Inc.

8 highly useful Slack bots for teams
Shop Tech Products at Amazon