Abstract
A woman stands by a memorial to the victims of the Bastille Day attack in July 2016 in Nice. IS claimed responsibility for the deaths of 84 people on France’s national holiday
CREDIT: Valery Hache/AFP/Getty Images
Author and journalist
It is a government’s job to provide security, but it is increasingly the public’s choice whether to accept the level of surveillance of phone calls and text messages that modern security services claim is necessary. If large-scale surveillance is accepted, as it presently is, with little dissent, it is the government’s duty, and indeed a public duty to ensure that the intelligence agencies are explicitly part of the democratic order.
France, Germany, Canada and Australia all passed strong anti-terrorist laws last year, increasing the scope of surveillance and making arrests easier. Japan set up an anti-terrorist unit and strengthened its intelligence gathering capabilities. The UK will probably pass the Investigative Powers Act this year. These initiatives are not confined to democracies: both China, in 2015, and Russia, in 2016, also passed anti-terrorist legislation. The legislation was a first in China’s case: both countries now require companies to store and release communications metadata.
Protests in Europe, particularly in Germany, against the US National Security Agency’s surveillance methods after they were revealed by whistleblower Edward Snowden, have given way to a much more powerful desire from people for protection against terrorist attacks.
Polls in most Western countries record increased distrust of all Muslims. It has been Donald Trump’s strongest card in his bid for the presidency fuelled by a more insistent fear of being assaulted, injured or murdered in a plane, a train or on the street. More protection means more surveillance. More surveillance means more of each individual’s information being more accessible to more intelligence agencies.
The former US Undersecretary of Defense for Policy, Michelle Flournoy, recently wrote that opinion in European states, once sceptical or even contemptuous of the American war on terror and annoyed by the Edward Snowden and NSA revelations that the USA was spying on its allies “has swung dramatically toward security… in a Europe under regular attack by IS, more data collection and more information sharing, not less, appear to be the order of the day.”
The Snowden-NSA revelations centred on the issue of privacy. They revealed that the NSA, and Britain’s Government Communications Headquarters were capable of monitoring all communications traffic within their states, and abroad. The security agencies search the metadata – the data giving times, place, frequency, contacts rather than message content – for links between “persons of interest”. Though a few parliamentarians and officials were aware of these programmes and investigative journalism in the USA had begun to prise out some details, the huge document dump from the NSA made the scale of the monitoring vividly clear.
Privacy and its breaches have been at the core of arguments over the use of the internet since its early days. Battles were and still are waged over encryption, with academics, cypherpunks, who advocate for strong cryptography, and the Silicon Valley behemoths on one side, and the state in various guises on the other. Encryption is designed to keep messages and stored information private: the NSA, with other listening agencies, need to be able to break encryption to make sense of possibly dangerous linkages and conversations.
Academics and the cypherpunks, of whom Julian Assange was one before he founded the website Wikileaks, fought bitterly with the CIA for the right to use unbreakable encryption, a struggle later joined by some of the world’s richest corporations, like Apple, Google and Facebook, all straining to convince their customers that they could protect their privacy. The journalist Misha Glenny has observed that “as governments and corporations amass ever more personal information about their citizens or clients, encryption is one of the few defences left to individuals to secure their privacy. It is also an invaluable instrument for those involved in criminal activity on the web”. That includes the branch of criminality known as terrorism.
Snowden, with his closest allies, including the journalist Glen Greenwald and the filmmaker Laura Poitras, were militants for privacy and against the intrusion of the state. Greenwald, the most proactive of the group, regarded the semi-secret mass monitoring in the US and the UK as a fundamental betrayal, rendering governments illegitimate and bequeathing to journalism the necessary task not just of mainstream sceptical reporting but of aggressive unmasking of organisations that had forfeited any right to public trust. This is also a long-time belief of Julian Assange too.
The alarm that the contents of the published NSA files caused has proven for most people transient: the fear of more concentrated terrorism has been much more powerful. The security services, always popular in the US and the UK, are even enjoying more support than usual in France, though support tempered by their failure to spot and stop the Paris attacks of 2015, and the Nice carnage and the murder of a Rouen priest in July 2016.
We can now assume the seriousness of the terrorists’ ambitions; their possible acquisition of weapons of mass destruction; the attraction they have for some, especially the young, largely within Muslim communities; and their deliberate efforts to worsen relations between the settled and recent immigrant populations. As Philip Bobbitt, US author of Terror and Consent: the Wars for the Twenty-First Century, has written: “terrorism itself might become a threat to the legitimacy of those states that depend upon the consent of the governed”. A failure to stop or at least moderate terrorist attacks will make a democratic and civil society less democratic and civil.
A population made fearful and angry by constant terrorist attacks is one which becomes careless of democratic procedure and the rights of minorities. We do need the secret services, and we need them to be both in the front line against that threat, as well as fully and explicitly within the institutions of the democratic state. The fear that the security services can run names of individuals through their programmes without prior evidence of their danger can only be answered by trust in the agencies that they do not use the metadata examined for other than operational reasons.
Leaders of security services profess a strong attachment to the open society, to liberal freedoms and the rule of law. In his last speech before he retired Sir Iain Lobban, the former head of GCHQ, said: “We do what we do precisely to safeguard the kind of society that has a free press.” He added: “We both seek the truth; and to get it, we both have to shine a light into dark and often dangerous places, places where we aren’t exactly welcome.” As we saw in Nice and Orlando, the perpetrators left little evidence that they were contemplating attacks. Security will never be wholly effective, but the agencies’ claim is that the more links are made, the more likely it is that preventive action can be taken. That fact dictates strong and expert oversight of the agencies and clear sanctions within the agencies against any officers found to have misused the information gathered. Centres concerned with freedom of speech, the media, civil rights and civic engagement must see it as their duty to bring the security agencies into a conversation on how best to fulfill their responsibilities to protect, while ensuring that agencies take steps to make sure that their work is understood by citizens, whether secret or not.
Surveillance of our private messages must be scrupulously confined to that which is necessary for the provision of a secure society. A conversation of this kind has been limited so far, but the central position the intelligence agencies now occupy, the resources they demand and the power of their oversight requires a new settlement with the societies they protect.
Privacy and Encryption: How I Protect Myself and Others
Jennifer Schulte is a human rights researcher and social scientist with over a decade of experience. She researches sexual violence, surveillance and censorship in Africa. Feeling threatened by the ultra-conservative Salafists in Egypt in 2012, she left for London, then Iceland where she met someone working with Wikileaks. They told her to get an XMPP account for secure messaging. She soon began encrypting her communications. Below, she talks about why.
How do you protect your digital privacy?
If I’m having a private meeting, we probably won’t bring our phones, and we’ll talk in a park. I rely on a mix of analogue and digital tactics; varying routines, keeping people on a need-to-know basis, passing messages through trusted third parties, not writing everything down until it’s safe, not digitising field notes until you are out of a country, not using smart phones for calls and texts. And I always keep in mind that some countries have laws against using strong encryption software.
Why did you start to learn about strict information security practices?
Anyone who works on gender-based violence knows that privacy can save lives. It’s absolutely required to protect the people we serve. If I inadvertently leak information because I can’t handle my digital security, then I can put lives at risk. At a training session I gave recently in eastern Europe, I was not surprised to hear that safe houses in the country do not allow smartphones. They knew that GPS and other technologies have introduced new risks. Phones infected with spyware can give you away to someone who is trying to hunt and kill you.
Do you think privacy is dead?
If you say privacy is dead, whose privacy are you talking about? Activists in Johannesburg need privacy in order to organise their protests. A lot of human rights organising in Ethiopia explicitly happens away from phones and the internet because of longstanding awareness of mass and targeted surveillance by an authoritarian state. When I was working in the camps on the Somali border, the government insisted that I take what they called a “colleague”, who was a spy, into my human rights interviews with Somali refugee girls. I passed out large sheets of paper with coloured markers and had the girls draw for an hour, a research method called safety-mapping and storytelling. The girls drew in almost complete silence while the spy was in the room. After an hour, the spy seemed to lose interest, maybe she thought that I was doing an art project. As soon as she left the room, the girls started talking. The floodgates opened up about abductions and rapes in the hills.