Simon Jenkins
The surveillance bill has had a rough passage so far.
Today the spooks were under pressure from left and right. Libertarians,
nerds and the big computer firms were up in arms.
The sceptred isle was up
against the Spectred isle. So MI6 sent for Bond.
The BBC and the Times suddenly “managed to secure” exclusive
stories about the wonderful world of secret intelligence, shamelessly pegged to
the première of the film.
The Times offered a gushing prospectus of work inside GCHQ.
The BBC’s Frank Gardner sat, obsequious, in a darkened room and asked faceless
voices what it was like being “the real James Bond”.
It was like a spoof
promotion video for the Stasi.
Secret security can only build its legitimacy on trust.
Britons have granted their security establishment that trust for the past half
century, despite it being sometimes betrayed in return. Burgess and Maclean, Philby and Spycatcher, Iraq and Snowden revealed
a secret service unable to police or account for its errors.
When under
pressure, it merely pressed the “feel very afraid” button and scared public and
politicians to do its will.
Today’s bill seeks to “widen the
access of police and security services” to personal electronic data. The
intention is odd since, as Snowden revealed, they have enjoyed such access for
years.
Any reasonable person can agree that intruding on digital communication
is needed in modern security. The issue, which the security lobby never
addresses, is where should be the boundaries of such intrusion and who should
“monitor the monitors”.
Individuals in a free society
have a right to assume their privacy means something, and that government and
the law will protect them against “unwarranted surveillance” by third parties,
including the state.
Confidentiality in human relations is integral to personal
freedom.
The job of ministers is to guard
that integrity against the always incremental demands of the police and
security services.
One reason is that in the past those services have simply
disregarded oversight, whether in letter or in spirit. Ministers have become
lobbyists for this disregard.
I am not aware of any recent minister standing up
to the bullying of Big Security, as ministers (such as William Whitelaw)
certainly did in the past.
The bill proposes some new “safeguards” for digital
surveillance that goes beyond anything elsewhere in Europe or America.
The
police will not have a “blanket right” to spy on emails and social media. Did
they ever? There are vague punishments for public officials who abuse their
power to intrude. Are there none now? There will be judges, not just ministers,
to oversee warrants or classes of warrants.
Despite the fearmongers, Britain
faces no threat to its territory or political stability, nothing that remotely
justifies the massive intrusion into privacy originally sought by GCHQ and the
police.
Today’s threat is from fanatics and criminals who want to shoot people
and explode bombs – extremely dangerous but not a state threat.
The question
is, does this require Britons to have their every phone call, email and browser
record stored, scanned, registered and, inevitably, shared with spies, the
police and – whatever anyone says – a wide range of public officials?
Nor is the intrusion itself the
whole issue, though President Obama’s intelligence review commission said such
“bulk harvesting” yielded no noticeable increase in public safety.
The issue is
whether licensed hacking by the state – requiring the penetration of
server encryption – does not make the state itself less secure.
Not a week passes without news of
some supposedly secure data store breaking down.
NHS patient data leaked,
police crime data leaked, TalkTalk, British Gas and Marks & Spencer
customer details all leaked. Adultery agencies are hacked.
Communications
between lawyers and clients are hacked. In 2009, defence ministry vetting
details of RAF officers were leaked.
The police have reportedly hacked into
journalists’ sources 600 times. If the government can hack citizens’ records,
citizens can hack them too, and hack what is hacked.
E-government is not
security but anarchy.
The real damage revealed by WikiLeaks and Snowden lay not
so much in their content as in the fact that it could so easily be
revealed by disloyal staff.
When thousands of people become privy to other
people’s secrets, those secrets become assets.
In Snowden’s case it was moral
outrage, not treachery or profit, which led him to blow his whistle. The two
million people privy to the WikiLeaks material might not all be so high-minded.
The only secure conclusion is
that nothing digital is secure, certainly nothing in the realm of government.
That is why any state override of encryption could ultimately prove as
dangerous to the state as to individual liberty.
Do we really want the police,
not just spies, to amass information on every citizen’s browser record?
The
fell cry of the dictator, that “the innocent have nothing to fear”, is already
being heard by government apologists. It has no place in a liberal democracy.
Surveillance there must be, but
its implications are so dangerous that it should be subject to the panoply of
oversight.
There is clearly a case for giving the new regime a trial, but it
must be in the fullest glare of publicity. This is a regime that has so far
failed the test of trust.
A great weight of responsibility is being placed by
the home secretary, Theresa May, on the judiciary, which the small print of the
bill suggests it is unlikely to bear.
Anyone who has dealt with past
judicial oversight of the security services will doubt whether British
judges will bring the spies under the lash of liberty.
In recent judgments,
such as on DNA data retention, the judges have sided with
the state against the citizen. Judges, like ministers, are dazzled by the James
Bond trope.
This is not just an updating of
surveillance but a major peacetime extension of state power over individuals.
The bulk harvesting of data and the compulsory breaching of corporate
encryption should require some great national emergency, and the most stern
oversight. Neither applies today.
In addition, what is proposed is likely to
prove as much a threat to state security as to personal liberty. When the state
turns hacker, everyone does.
This is a draft bill. Battle
royal should be joined over its amendment.
No comments:
Post a Comment