GCHQ: I’m not charmed yet….

A little over a week ago, GCHQ gave us a show. A giant poppy, part of the 2014 Armistice Day appeal. It was spectacular – and, for me at least, more than a little creepy.

GCHQ poppy

The poppy display seems to have been part of something bigger: the term that immediately sprang to mind was ‘charm offensive’. GCHQ has, over the last year or so, been trying to charm us into seeing them as purely positive, despite the revelations of Edward Snowden. They’re trying to appear less secretive, more something to be admired and supported than something to be concerned about and made accountable. The poppy was an open symbol of that. Look at us, GCHQ seemed to be saying, we’re patriotic, positive, part of what makes this country great. Support us, don’t be worried about it. Love us.

I assume that the speech by Robert Hannigan, the new Director of GCHQ, was intended to be part of that charm offensive. For me, however, it had precisely the opposite effect. The full speech was published in the FT here – but I wanted to pick out a few points.

Privacy an absolute right?

The first, which made the headlines in the Guardian and elsewhere, is Hannigan’s statement that ‘privacy is not an absolute right’. He’s right – but we all know that, even the staunchest of privacy advocates. Privacy is a right held in balance with other rights and needs – with freedom of expression, for example, when looking at press intrusions, with the duty of governments to provide security and so forth. That’s explicitly recognised in all the relevant human rights documents – in Article 8 of the European Convention of Human Rights, for example, it says of the right to a private life that:

“There shall be no interference by a public authority with the exercise of this right except such as is in accordance with the law and is necessary in a democratic society in the interests of national security, public safety or the economic well-being of the country, for the prevention of disorder or crime, for the protection of health or morals, or for the protection of the rights and freedoms of others”

So we already know that privacy is not an absolute right – so why is Hannigan making the point? It’s hard to see this as anything but disingenuous – almost as though he wants to imply that foolish privacy advocates want to help terrorists by demanding absolute privacy. We don’t. Absolutely we don’t. What we want is to have an appropriate balance, for the interference in our privacy to be lawful, proportionate and accountable. At the moment, it’s not at all clear that any of that is true – there are legal challenges to the surveillance, deep doubts as to its proportionality and little evidence that those undertaking the surveillance are properly accountable. On the accountability front, it’s interesting that he should make such a speech at a time when the Intelligence and Security Committee of Parliament, are undertaking a consultation – it made me wonder whether he’s trying to steer the committee in a particular direction.

Facebook – a tool for terrorists?

The other headline from the speech is the way Hannigan seems to be attacking Facebook and others for being too helpful to terrorists – which is an interesting reverse from the more commonly held view that they’re too helpful to the authorities. The argument seems to go that the ‘old’ forms of terrorists, exemplified by Al Qaeda, use the ‘dark web’, while the ‘new’ forms of terrorists, exemplified by IS, are using the social media – Facebook, Twitter and so forth. It’s an interesting point – and I’m sure there’s something in it. There’s no doubt that ‘bad guys’ do use what’s loosely called the dark web – and the social media activities of ‘bad guys’ all around the world are out there for all to see. Indeed, that’s the point – their visibility is the point. However, on the face of it, neither of those ‘facts’ support the need for the authorities to have better, more direct access to Facebook and so forth. Neither, on the face of it, is any justification for the kinds of mass data gathering and surveillance that seem to be going on – and that GCHQ and others seem to be asking us to approve.

By its very nature, the ‘dark web’ is not susceptible to mass surveillance and data gathering – so requires a more intelligent, targeted approach, something which privacy advocates would and do have no objection to. Social media – and Facebook in particular – don’t need mass surveillance either. To a great extent Facebook is mass surveillance. All that information is out there – that’s the point. It’s available for analysis, for aggregation, for pretty much whatever the authorities want it. And if Hannigan imagines that the secret activities of IS and others are undertaken on Facebook he’s more naive than I could imagine anyone in the intelligence services could be – they can’t have chosen to use Facebook and Twitter instead of using the dark web, but in addition to it. The secret stuff is still secret. The stuff on Facebook and Twitter is out there for all to see.

What’s more, there are already legal ways to access those bits of Facebook and Twitter than are not public – which is why the authorities already request that data on a massive scale.

Charming – or disarming?

Hannigan must know all of this – so why is he saying it? Does he think that the charm offensive has already worked, and that the giant GCHQ poppy has convinced us all that they’re wonderful, patriotic and entirely trustworthy? They may well be – I’m no conspiracy theorist, and suspect that they’re acting in good faith. That, however, is not the point. Trust isn’t enough here. We need accountability, we need transparency, we need honesty. Checks and balances. Not just charm.

Samaritans Radar: misunderstanding privacy and ‘publicness’

The furore over the launch of the Samaritans Radar app has many dimensions: whether it’s ethical, whether it will help, whether it will chill – putting vulnerable people off using Twitter, whether it’s legal – there are huge data protection issues – are just a start. Many excellent pieces have been written about it from all these angles, and they almost all leave me thinking that the whole thing is misconceived, however positive its motivations may be.

I’m not going to go over much of these, but want to look at one particular angle where it seems to me that the creators of the app have made a fundamental misunderstanding. To recap, once someone authorises the Samaritans Radar app, that app will automatically scan the tweets of all the people that person follows, looking for signs in those tweets of potentially worrying words or phrases: triggers that suggest that the tweeter may be at risk. The tweeter does not know that their tweets are being scanned, as it’s only the person who’s authorised the app whose consent has been sought – and it’s important to remember that we don’t generally have control over who follows us. Yes, we can block people, but that often seems an overly aggressive act. I very rarely block, for example.

The logic behind the Samaritans Radar approach to privacy is simple: tweets are ‘public’, therefore they’re fair game to be scanned and analysed. Their response to suggestions that this might not be right is that people always have the option of making their twitter accounts private – thus effectively locking themselves out of the ‘public’ part of Twitter. On the surface this is logical – but only if you think that ‘private-public’ is a two-valued, black-and-white issue. Either something is ‘public’ and available to all, or it’s ‘private’ and hidden. Privacy, both in the ‘real’ world and on Twitter, doesn’t work like that. It’s far more complex and nuanced than that – and anyone who thinks in those simple terms is fundamentally misunderstanding privacy.

The two extremes are fairly obvious. If you sit in a TV studio on a live programme being broadcast to millions, everything you say is clearly public. If you’re in a private, locked room with one other person, and have sworn them to secrecy, what you say is clearly private. Between the two, however, there is a whole spectrum, and defining precisely where things fit is hard. You can have an intimate, private conversation in a public place – whispering to a friend in a pub, for example. Anyone who’s been to a football match, or been on a protest march, knows theoretically that it’s a public place, but might well have private conversations, whether wisely or not. Chatting around the dinner table when you don’t know all the guests – where would that fit in? In law, we can analyse what we call a ‘reasonable expectation of privacy’, but it’s not always an easy analysis – and many people who might be potentially interested in the Samaritans should not be expected to understand the nuances of the law, or even the technicalities of Twitter.

On Twitter, too, we have very different expectations of how ‘visible’ or obscure what we tweet might be. We’re not all Stephen Fry, with millions of followers and an expectation that everything we write is read by everyone. Very much the opposite. We know how many followers we have – and some might assume, quite reasonably, that this is a fair representation of how many people might see our Tweet. It’s very different having 12 followers to having 12 million – and there are vastly more at the bottom end. Indeed, analysis at the end of 2013 suggested that 60% of active Twitter accounts have fewer than 100 followers, and 97% have fewer than 1000. That, to start with, suggests that most Twitter users might quite reasonably imagine that their tweets are only seen by a relatively small number of people – particularly as at any time only a fraction of those who follow you may be online and bother to read your tweet.

Further, not all tweets are equally visible – and experienced tweeters should know that. There are ways to make your tweets a little more intimate, and ways to make them more easily visible. If you tweet in response to someone, and leave their twitter tag at the start of the tweet, it will only appear on the timelines of people that follow both you and the person you are responding.  That’s why people sometimes put a ‘.’ in front of the tag.

A tweet like this, for example, would only be immediately visible to myself and the first tweeter named, and people who follow both of us, which is not likely to be a very large number.

Screen Shot 2014-11-01 at 09.44.00

If I had put a ‘.’ (or indeed any other characters) in front of @ABeautifulMind1, it would have been visible to all of the 9,000+ people who follow me. I made the decision not to do that – choosing to limit the visibility of the tweet. Having a semi-private conversation in a very public forum. Of course other people could find the tweet, but it would be harder – just as other people could hear a conversation on a public street, but it would be harder.

You can do the reverse, and try to make your tweet more rather than less visible. Adding a hashtag, for example, highlights the tweet to people following that hashtag – live tweeting my anger at BBC Question Time by adding the hashtag #bbcqt, for example. I could mention the name of a prominent tweeter, in the hope that they would read the tweet and choose to re-tweet it to their thousands or millions of followers. I could even ‘direct-message’ someone asking them to retweet my tweet as a special favour. All of these things can and do change the visibility – and, in effect, the publicness of the tweet.

Some people will understand all this. Some people won’t. Some people will have the two-valued idea about privacy that seems to underlie the Samaritans Radar logic – but, by both their thoughts and their actions, most people are unlikely to. We don’t all guard our thoughts on Twitter – indeed, that’s part of its attraction and part of its benefit for people with mental health issues, or indeed people potentially interested in the services of the Samaritans. Many people use twitter for their private conversations in the pub – and that’s great. Anyone who uses Twitter often, and anyone with any understanding of vulnerable people should know that – and see beyond the technical question of whether a tweet is ‘public’ or not.

The Samaritans responded to some of these questions, after their initial and depressing ‘you can lock your account’ response, by suggesting that people could join a ‘white list’ that says their tweets should not be scanned by Samaritans Radar – but that doesn’t just fail to solve the real issue, it might even exacerbate them. First of all, you have to be aware that you’re being scanned in order to want to be on the white list. Secondly, you’re adding yourself to a list – and not only is that list potentially vulnerable (both to misuse and to being acquired, somehow, by people with less than honourable motives), but the very idea of being added to yet another list is off-putting in the extreme. Anyone with negative experiences of the mental health services, for example, would immediately worry that being on that list marks you out as ‘of interest’. We don’t like lists, and with good reason.

At the very least, the system should be the other way around – you should have to actively ‘opt-in’ to being scanned. Having an opt-in system would be closer to the Samaritans’ role: the person would say ‘please, watch me, look after me’, as though they were phoning Samaritans. Even then, it’s far from perfect, as a decision to let people watch you at one point may not be relevant later. People’s minds change, their sensitivity changes, their level of trust changes. They should be able to revoke that decision to be watched – but even making them do that could be a negative. Why should it be up to them to say ‘stop scanning me’? With sensitive, vulnerable people, that could be yet another straw on the camel’s back.

Personally, I’d like the Samaritans to withdraw the app and have a rethink. This isn’t just a theoretical exercise, or a bit of neat technology – these are real issues for real people. It needs sensitivity, it needs care, it needs a willingness to admit ‘Oh, we hadn’t realise that, and we were wrong.’ With Samaritans Radar, I think the Samaritans have really got it wrong, in many ways. The privacy and publicness issue is just one of them. It does, however, add weight to the feeling that this whole idea was misconceived.