Archive for the 'Privacy' Category

How to spy on every American

[link] Saturday, August 3rd, 2013

Simple. Just do three-hop analysis.

Deputy Director John C. Inglis told Congress last week that the agency conducts “three-hop” analysis.

Three-hop (also known as “three degree”) analysis means:

The government can look at the phone data of a suspected terrorist, plus the data of all of the contacts, then all of those peoples contacts, and all of those peoples contacts.

This means that a lot of people could be caught up in the dragnet:

If the average person calls 40 unique people, three-hop analysis could allow the government to mine the records of 2.5 million Americans when investigating one suspected terrorist.

Given that there are now approximately 875,000 people in the government database of suspected terrorists – including many thousands of Americans – every single American living on U.S. soil could easily be caught up in the dragnet.

For example, 350 million Americans divided by 2.5 million Americans caught up in dragnet for each suspected terrorist, means that a mere 140 potential terrorists could lead to spying on all Americans. There are tens of thousands of Americans listed as suspected terrorists … including just about anyone who protests anything that the government or big banks do.

Why (most) Brits don’t seem to be overly concerned about NSA snooping

[link] Saturday, July 27th, 2013

I had an inquiry yesterday from a German journalist asking whether it was true that British people are less concerned than Germans are about the Snowden revelations, and if so why.

Here’s my reply:

Dear [xxx]

1. I think it’s broadly true that, in general, the British public is less concerned about the NSA/Snowden revelations than is the case in Germany. That, at any rate, is the conclusion I draw from the only national opinion polling data I’ve seen — conducted by YouGov and published online.

My reading of the survey results is that

  • the great British public isn’t very worked up about the issues.
  • British people are pretty resigned to being surveilled.
  • My reasons for thinking this:

  • When asked whether the law should be changed to give the security services easy access to phone and online activity, 51% thought that would be going too far, but 39% thought it would be a good idea.
  • When asked how much personal data people thought the security services already had access to, 44% replied “almost everything in practice” and 48% thought that the security services had “wide access to a lot” of personal information.
  • People seem to be slightly supportive of Snowden’s whistleblowing. Just over half (52%) said that he had done the right thing, while 37% thought he had been wrong to do it.
  • On the question of whether Snowden should be prosecuted, people are evenly divided (43% each way).
  • Finally, and perhaps most revealingly, when people were asked if they were surprised by the revelations that Britain’s government surveillance organisation GCHQ had also been monitoring Internet traffic, only 2% said that they had been “very surprised”, 14% were “somewhat surprised” but 83% said that they had been “not at all surprised”.
  • 2. The interesting question, of course, is why the British view differs from that of Germans. Here I can only offer a few speculations.

  • It is partly a reflection the conviction (some would call it a delusion?) that Britain enjoys a “special relationship” with the US, and that this means Britons tend to be more tolerant of US excesses than they are of the excesses of other nations (e.g. Russia or France).
  • There is undoubtedly a special relationship between the security agencies of the UK (GCHQ) and the US (NSA). Some people see this as a continuation of the World War II intelligence-sharing arrangements between the two countries. Cynics see it as an attempt by an economically-enfeebled country to maintain a seat at the “top table” by being useful to the Americans. (Some commentators interpret the British government’s determination to renew its submarine nuclear ‘deterrent’ as an analogous case of “imperial afterglow” — the reluctance to concede that Britain is now just a middle-rank power.) One of my academic colleagues who is an expert in computer security occasionally refers dismissively to GCHQ as “an overseas franchise of the NSA”.
  • The problem of the “Two Cultures” (science and technology). The British public — and particularly its mass media — seems remarkably ignorant about science and technology. Critically, this is also true of British legislators. Of the 600+ MPs in the House of Commons, for example, only three have research degrees. As a result, lay people — and legislators — think that anything connected with computer technology is essentially incomprehensible and best left to experts.
  • Britain has no recent historical experience of being invaded, and so the culture has no clear understanding of the consequences of intensive surveillance technology and records falling into the “wrong” hands.
  • Yours sincerely


    Nothing to hide so nothing to fear? Oh, yeah?

    [link] Friday, July 26th, 2013

    One of the most infuriating episodes of the NSA/Snowden/Tempora story was Foreign Secretary William Hague’s patronising little speech to the Commons, arguing that “if you have nothing to hide then you have nothing to fear”. I had a go at this in a direct way, but felt that the Hague view (which is widespread, nay ubiquitous, among our ruling elites) needs a more considered, philosophically-informed riposte. And, lo and behold, up it comes on OpenDemocracy, in the form of a terrific interview with Quentin Skinner, the historian and political philosopher, in which he discusses various conceptions of liberty.

    When asked about surveillance, he said this:

    The idea that there is no problem with surveillance as long as you have nothing to hide simply points to the complacency of the liberal view of freedom by contrast with the republican one. The liberal thinks that you are free so long as you are not coerced. The republican agrees, of course, that if you are coerced then you are not free. But freedom for the republican consists not in being free from coercion in respect of some action, but rather in being free from the possibility of coercion in respect of it.

    When William Hague told the House of Commons that no one has anything to fear so long as they have done nothing wrong he was missing an absolutely crucial point about freedom. To be free we not only need to have no fear of interference but no fear that there could be interference. But that latter assurance is precisely what cannot be given if our actions are under surveillance. So long as surveillance is going on, we always could have our freedom of action limited if someone chose to limit it. The fact that they may not make that choice does not make us any less free, because we are not free from surveillance and the possible uses that can be made of it. Only when we are free from such possible invasions of our rights are we free; and this freedom can be guaranteed only where there is no surveillance.

    I think it very important that the mere fact of there being surveillance takes away liberty. The response of those who are worried about surveillance has so far been too much couched, it seems to me, in terms of the violation of the right to privacy. Of course it’s true that my privacy has been violated if someone is reading my emails without my knowledge. But my point is that my liberty is also being violated, and not merely by the fact that someone is reading my emails but also by the fact that someone has the power to do so should they choose. We have to insist that this in itself takes away liberty because it leaves us at the mercy of arbitrary power. It’s no use those who have possession of this power promising that they won’t necessarily use it, or will use it only for the common good. What is offensive to liberty is the very existence of such arbitrary power.

    The situation is made much worse once you come to know — as all of us now know — that we are in fact subject to surveillance. For now there is a danger that we may start to self-censor in the face of the known fact that we may be being scrutinised by powerful and potentially hostile forces. The problem is not that we know that something will happen to us if we say certain things. It’s that we don’t know what may happen to us. Perhaps nothing will happen. But we don’t know, and are therefore all too likely to keep quiet, or to self-censor. But these are infringements of liberty even according to the liberal account. Surely the liberal and the republican can agree that, if the structures of power are such that I feel obliged to limit my own freedom of expression, then my liberty has to that degree been undermined.

    Before visiting the UK, reset your phone to factory settings

    [link] Thursday, July 18th, 2013

    Visitors may not know this, but maybe they should.

    Officers use counter-terrorism laws to remove a mobile phone from any passenger they wish coming through UK air, sea and international rail ports and then scour their data.

    The blanket power is so broad they do not even have to show reasonable suspicion for seizing the device and can retain the information for “as long as is necessary”.

    Data can include call history, contact books, photos and who the person is texting or emailing, although not the contents of messages.
    David Anderson QC, the independent reviewer of terrorism laws, is expected to raise concerns over the power in his annual report this week.

    He will call for proper checks and balances to ensure it is not being abused.

    Technology vs. Democracy

    [link] Wednesday, July 10th, 2013

    I participated in an interesting discussion last night at the Frontline Club on the topic of “privacy vs. security: have we got the balance right?” It was chaired by the BBC’s urbane Mark Urban. The other panellists were Professor Helen Margetts of the Oxford Research Institute, John Kampfner, former Editor of the New Statesman and now a consultant to Google, and Sir Malcolm Rifkind, a former Foreign Secretary and now Chairman of the Commons Intelligence Committee which is currently looking into the Snowden revelations and their implications (if any) for the UK.

    It was an enjoyable discussion with a packed and attentive audience. Malcolm Rifkind did a predictably good job of defending the proposition that the UK is doing a reasonable job of ensuring that its spooks obey the laws that apply to them (specifically the Intelligence Services Act, the Regulation of Investigatory Powers Act and the Human Rights Act — though he said relatively little about the HRA). What he didn’t address — because it’s not in his Committee’s remit, was my question about whether GCHQ is a competent outfit which gives value for the oceans of public money that it consumes. And nobody really addressed my biggest concern, which is whether the level of comprehensive surveillance that we now have is, in the end, compatible with a democratic, open society.

    Just before embarking on this post, a link popped up in my Twitterstream. It led to an astonishing post on the Economist blog. It’s entitled “America versus Democracy” and starts from the observation that FISC, the secret court that supposedly authorises NSA surveillance, has effectively become a parallel Supreme Court, because it is making law relating to the Fourth Amendment (which is the one that supposedly regulates the state’s ability to intrude on citizens’ privacy). And it’s doing this lawmaking entirely in secret.

    But then the post begins to explore the implications of this.

    That all the people of the Earth, by dint of common humanity, are entitled to the protections of democracy is an inspiring principle. However, its foreign-policy implications are not really so clear. To those of us who are sceptical that America has the authority to intervene whenever and wherever there are thwarted democratic rights, the advocates of democracy-promotion offer a more businesslike proposition. It is said that authoritarianism, especially theocratic Islamic authoritarianism, breeds anti-American terrorism, and that swamp-draining democracy-promotion abroad is therefore a priority of American national security. If you don’t wish to asphyxiate on poison gas in a subway, or lose your legs to detonating pressure-cookers at a road-race, it is in your interest to support American interventions on behalf of democracy across the globe. So the story goes.

    However, the unstated story goes, it is equally important that American democracy not get out of hand. If you don’t want your flight to La Guardia to end in a ball of fire, or your local federal building to be razed by a cataclysm of exploding fertiliser, you will need to countenance secret courts applying in secret its own secret interpretation of hastily drawn, barely debated emergency security measures, and to persecute with the full force of the world’s dominant violent power any who dare afford a glimpse behind the veil.

    You see, democracy here at home must be balanced against the requirements of security, and it is simply too dangerous to leave the question of this balance to the democratic public. Open deliberation over the appropriate balance would require saying something concrete about threats to public safety, and also about the means by which those threats might be checked. But revealing such information would only empower America’s enemies and endanger American lives. Therefore, this is a discussion Americans can’t afford to have. Therefore, the power to determine that this is a discussion the public cannot afford to have cannot reside in the democratic public. That power must reside elsewhere, with the best and brightest, with those who have surveyed the perils of the world and know what it takes to meet them. Those deep within the security apparatus, within the charmed circle, must therefore make the decision, on America’s behalf, about how much democracy—about how much discussion about the limits of democracy, even—it is safe for Americans to have.

    That’s the argument I was trying to make last night, but much more eloquently stated. It’s why this stuff really matters.

    On the way home on the train, I was reading the New Yorker, still one of the great treasures of journalism, when I came on a cartoon. It shows two NSA operatives sitting before a wall of computer monitors. “After we read every e-mail that’s ever been written”, one is saying to the other, “I’m gonna start on that new Dan Brown novel”.

    First arrest filmed using the unbearable unwearable

    [link] Tuesday, July 9th, 2013

    Yeah. And now you know why I’ve no desire to go to Atlantic City. The noise! And the people!

    The unbearable wearable

    [link] Monday, July 8th, 2013

    Great blog post by about Google Glass by Jason Calcanis.

    I’ve run into several friends wearing Google Glass in the past three months, and I have three words of advice for them:

    Take. Them. Off.

    First, you look like an idiot.

    Second, you’re killing the party.

    Third, are you recording me right now?!?

    Great, illuminating post. Worth reading in full.

    Caught in the trap

    [link] Sunday, June 16th, 2013

    This morning’s Observer column.

    Watching William Hague doing his avuncular routine in the Commons on Monday, I was reminded of the way establishment figures in the 1950s used to reassure hoi polloi that they had nothing to worry about. Everything was in order. The Right Chaps were in charge. Citizens who had done nothing wrong, declared Uncle Hague, had nothing to fear from comprehensive surveillance.

    Oh yeah? As Stephen Fry observed in an exasperated tweet: “William Hague’s view seems to be ‘we can hide a camera & bug in your room & if you’ve got nothing to hide, what’s the worry?’ Hell’s teeth!”

    Hell’s teeth indeed. I can think of thousands of people who have nothing to hide, but who would have good reasons to worry about intrusive surveillance. Journalists seeking to protect their sources, for example; NHS whistleblowers; people seeking online help for personal psychological torments; frightened teenagers seeking advice on contraception or abortion; estranged wives of abusive husbands; asylum seekers and dissident refugees; and so on.

    In a way, Hague’s smug, patronising tone was the least troubling aspect of the NSA/GCHQ story…

    Politician makes elementary schoolboy error

    [link] Thursday, March 7th, 2013

    Verily, you couldn’t make this up.

    A Conservative councillor is being urged to resign after he branded coffee shop staff ‘bone idle bitches’ who ‘needed a good beating’.

    Peter Chapman took to social networking site Facebook to complain after he received slow service in a Costa Coffee.

    He posted a message slating the members of staff at the branch in Dorchester, Dorset.

    His message read: ‘Terminally slow (and bad) service from the bone idle bitches at Costa Dorchester today, they all need a good beating.’

    Visitors to his personal Facebook page were horrified by his remarks and are now urging Mr Chapman to resign from Weymouth and Portland Borough Council.

    Mr Chapman, who has been a councillor for five years, has since tried to back-track from his comments which he said were made in jest.

    He said: ‘My Facebook status is private and that comment was not made in public.’

    Repeat after me: anything published on a social network is public, no matter what your settings say.

    Alan Westin RIP

    [link] Sunday, February 24th, 2013

    Alan Westin, the legal scholar who transformed our understanding of privacy, has died. His definitiion of privacy (in Privacy and Freedom, 1967) — as the ability to control how much about ourselves that we reveal to others — is still the best definition we have.