I watched and listened to the ‘open’ evidence session of the Intelligence and Security Committee (‘ISC’) yesterday with a sense of sadness more than anything else. It was of course entirely predictable that the session would primarily be about putting as positive as possible a spin on the surveillance activities of the intelligence services but even so I found myself disappointed. The ISC is as close as we currently get to something that scrutinises the activities of the intelligence services – but on the basis of what we saw yesterday they are neither capable of such scrutiny nor to they have the desire to provide it. ‘Supine’ was the word that sprang immediately to mind.
Malcolm Rifkind, chairing the committee, seemed determined that the only result of the session would be vindication of the intelligence services – and demonstrated only that he does not understand why people are concerned, and why they are right to be concerned. The rest of the committee, all of whom have effectively been personally selected by the Prime Minister, were little better – and some were even worse. The way that Hazel Blears in particular practically purred her appreciation of the wonderful job being done by the heads of GCHQ, MI5 and MI6 was deeply depressing to anyone who hoped that this would be the beginning of a new era of openness by the intelligence community. Instead, it seemed that they were determined to continue to misinform and mislead the public.
It’s the metadata, stupid…
A couple of things stood out. One was that, yet again, that old chestnut ‘we’re not reading your emails or listening to your phone calls’ was wheeled out by the spy chiefs – and no-one on the committee picked them up on it. No-one who understands anything about internet surveillance has an image of old-style spies sitting in darkened rooms with headphones on listening to our every word. It’s not the ‘content’ of the phone calls or the emails that matters so much – it’s the metadata, the information that surrounds the calls, the emails, the web-browsing that really counts. That meta data gives different information about the subject than the contents – but in many ways much better information, more analysable information, more nuanced information. It is much more useful for profiling, for predicting activities, for tracking and so forth. The intelligence chiefs know that very well – and yet they continue to bring out the ‘not listening to your phone calls or reading your emails’ line again and again. The committee ought to know this too – and ought to have called the intelligence chiefs out on it. They didn’t – whether because they don’t understand or because they don’t want to rock the boat it’s hard to tell. Perhaps both.
Surveillance happens at the data gathering stage
The other key aspect of the surveillance that wasn’t touched upon is when the surveillance happens – at the gathering stage, or at the accessing stage. Again, I’m not sure that the committee understood the importance of this distinction, but it’s an absolutely crucial one. The current system assumes that gathering data on all of us is absolutely fine – indeed, that’s the basic premise of the surveillance systems they appear to use, and was the essence of the Communications Data Bill that was defeated last year. Hoover up as much data as possible, then put the checks and balances, the controls, at the access stage. That, however, is a wholly flawed approach if privacy is to be taken at all seriously. It leaves the systems and the data open to abuse, to function creep, to hacking, to human error – and indeed to leaks like the one performed by Edward Snowden that the spy chiefs deplored so vehemently.
The European Court of Human Rights recognised this – in the notable case S and Marper v. the United Kingdom, they concluded that “the mere retention and storing of personal data by public authorities, however obtained, are to be regarded as having direct impact on the private-life interest of an individual concerned, irrespective of whether subsequent use is made of the data.” They are right – and if the neither the ISC nor the spy chiefs know or understand this that is deeply disappointing. If they know it, and don’t see how it applies to their surveillance activities that is even more disappointing. If they do see how it applies, and fail to mention it, that’s still worse.
Needles in Haystacks
The ‘needles in haystacks’ analogy was made a number of times during the session, and it is indeed apposite – but to me it has very different implications to those drawn by the spy chiefs. They don’t seem to understand some key aspects of the old proverb. For a start, needles aren’t generally found in haystacks – and that the point of the proverb is that trying to find a needle in a haystack is a thankless task, and one doomed to failure. More importantly, however, they don’t seem to understand that their approach is what builds the haystack in the first place! It’s the universal rather than targeted surveillance model that generates that huge haystack.
For me, that’s the real point of the proverb – and it applies directly here. If you set yourself a thankless, impossible task, the question you should be asking is whether there might be another way, a better way, to solve the problem. Perhaps you can get another needle from somewhere else. Perhaps you can use another tool instead of the needle. Perhaps the task isn’t worth doing anyway. Perhaps counter-terrorism can be done in cleverer, subtler, less privacy invasive ways.
That question – whether there is an alternative – didn’t seem to enter the minds of any of the members of the ISC yesterday. Whether it has entered the minds of the spy chiefs is another matter – if it has, they certainly didn’t want to mention it. Indeed, finding any kind of suggestion of an alternative to the current approach in yesterday’s open session was as hard as finding a needle in a haystack….