Online snooping: a lesson from history
Mass surveillance, Issue 1417
After finally admitting the existence of BPDs last year, MI5 gave “the electoral roll, telephone directories or travel-related data” as examples. It now emerges they go rather further than that, with routine requisitioning of innocent people’s medical records, communications with their lawyer, financial data and even the petitions they’ve signed.
“Some of this data is publicly available, some of it is purchased and some of it is acquired covertly,” reads a newly disclosed MI6 note. This was news even to members of the government committee currently scrutinising the bill, whose work is due to conclude on 5 May.
The problem for the government is twofold: it is trying to introduce new snooping powers and to legitimise techniques it’s been using illegally for years, all without actually revealing what those techniques are.
Firstly, it legalises the secret activities of GCHQ that were revealed by CIA whistleblower Edward Snowden – described as “equipment interference” in the bill, but better known to the rest of us as hacking.
The bill obliges tech companies to help them with this hacking, through “the removal of electronic protection applied by a relevant operator to any communication or data”. But it doesn’t make it clear whether companies could be forced to remove end-to-end encryption. If, as seems likely, they could, British internet users are in for a shock. If all devices are made deliberately crackable, eventually all devices will be cracked – either by criminals or by other governments such as China. Internet banking will no longer be safe and nor will anything else online. In practice, rather than endangering the security of their users worldwide, companies like Apple might well decide to stop selling products in the UK.
And with British-made tech products mandated to be hackable, nobody abroad will want to buy ours.
Bulk surveillance and 9/11
The second strand of the bill is mandatory bulk surveillance of the internet activity of the entire population. Broadband companies are to be required to monitor and record every single website anybody visits and keep the details for a year. Not only GCHQ but also organisations from HM Revenue & Customs to the Food Standards Agency will have rights of access. Councils will be able to spy on parents in case they are lying about living within a school catchment area, for example.
Perhaps the most important aspect of this bulk surveillance is that even many spooks themselves think it may make their job harder. Parliament’s intelligence and security committee, chaired by former attorney-general Dominic Grieve, concluded that much of the bill was “inconsistent and largely incomprehensible” and recommended the provisions allowing for bulk equipment interference be removed.
Bill Binney, a former official with the US National Security Agency, explained to the committee that he resigned a month after 9/11 because he was certain their bulk surveillance programme was actually the reason the attack hadn’t been prevented.
He and a team had developed a system targeting only known suspects, those communicating with them and people communicating with suspicious geographic areas such as the mountains of Afghanistan or terrorist websites, which was rejected. Later analysis found that it would have flagged up the fact that the NSA had data on al-Qaeda that hadn’t been shared with the FBI or other intelligence bodies. But thanks to the agency opting for bulk collection instead, it was all overlooked.
More top stories in the latest issue:
Express hack Greg Swift, fresh from his paper’s rabid Brexit campaign, will have to change his tune pretty ‘swiftly’ as the PM’s new deputy spokesman.
Despite Barack Obama’s support for a new EU-US trade partnership over a UK-US deal, negotiations for the contentious TTIP remain shambolic.
How Neil Bennett, the man spinning for Deutsche Borse’s merger with the London Stock Exchange, campaigned against the deal as a City hack.
The small print at the end of the Sunday Times Rich List reveals an embarrassing reduction in fortunes for one US citizen, a Mr R. Murdoch.