LIBE Committee Inquiry on Electronic Mass Surveillance of EU Citizens, European Parliament, 30th September 2013
Annie Machon was an intelligence officer for the UK’s MI5 in the 1990s, before leaving to help blow the whistle on the crimes and incompetence of the British spy agencies. As a result she and her former partner had to go on the run around Europe, live in exile in France, face arrest and imprisonment, and watch as friends, family and journalists were arrested.
She is now a writer, media commentator, political campaigner, and international public speaker on a variety of related issues: the war on terrorism, the war on drugs, the war on whistleblowers, and the war on the internet. In 2012 she started as a Director of LEAP in Europe (www.leap.cc).
Annie has an MA (Hons) Classics from Cambridge University.
Meaningful parliamentary oversight of intelligence agencies, with full powers of investigation, at both national and European levels.
These same democratic bodies to provide a legitimate channel for intelligence whistleblowers to give their evidence of malfeasance, with the clear and realistic expectation that a full inquiry will be conducted, reforms applied and crimes punished.
Institute a discussion about the legal definition of national security, what the real threats are to the integrity of nation states and the EU, and establish agencies to work within the law to defend just that. This will halt international intelligence mission creep.
EU-wide implementation of the recommendations in the Echelon Report (2001):
to develop and build key infrastructure across Europe that is immune from US governmental and corporatist surveillance; and
“Germany and the United Kingdom are called upon to make the authorisation of further communications interception operations by US intelligence services on their territory conditional on their compliance with the ECHR (European Convention on Human Rights).”
The duty of the European parliament is to the citizens of the EU. As such it should actively pursue technology policies to protect the privacy and basic rights of the citizens from the surveillance of the NSA and its vassals; and if it cannot, it should warn its citizens abut this actively and educate them to take their own steps to protect their privacy (such as no longer using certain Internet services or learning to use privacy enhancing technologies). Concerns such as the trust Europeans have in ‘e-commerce’ or ‘e-government’ as mentioned by the European Commission should be secondary to this concern at all times.
Without free media, where we can all read, write, listen and discuss ideas freely and in privacy, we are all living in an Orwellian dystopia, and we are all potentially at risk. These media must be based on technologies that empower individual citizens, not corporations or foreign governments. The Free Software Foundation has been making these recommendations for over two decades.
The central societal function of privacy is to create the space for citizens to resist the violation of their rights by governments and corporations. Privacy is the last line of defense historically against the most potentially dangerous organisation that exists: the nation state. Therefore there is no ‘balance between privacy and security’ and this false dichotomy should not be part of any policy debate.
Despite being a classicist not a geek by training, this sounds like I know what I’m talking about, right? Well somewhat to my own surprise, I do, after years of exposure to the “hacktivist” ethos and a growing awareness that geeks may our last line of defence against the corporatists. In fact, I recently did an interview on The Keiser Report about the “war on the internet”.
Officially, Telstra is implementing this capability to protect those fragile business flowers (surely “broken business models” — Ed) within the entertainment and copyright industries — you know, the companies who pimp out creative artists, pay most of them a pittance while keeping the bulk of the loot for themselves, and then whine about how P2P file sharing and the circulation and enjoyment of the artists’ work is theft?
But who, seriously, thinks that such technology, once developed, will not be used and abused by all and sundry, down to and including our burgeoning police state apparatus? If the security forces can use any tool, no matter how sordid, they will do so, as has been recently reported with the UK undercover cops assuming the identities of dead children in order to infiltrate peaceful protest groups.
Writer and activist, Cory Doctorow, summed this problem up best in an excellent talk at the CCC hackerfest in Berlin in 2011:
The shredding of any notion of privacy will also have a chilling effect not only on the privacy of our communications, but will also result in our beginning to self-censor the information we ingest for fear of surveillance (Nazi book burnings are so 20th Century). It will, inevitably, also lead us to self-censor what we say and what we write, which will slide us into an Orwellian dystopia faster than we could say “Aaron Swartz”.
As Columbian Professor of Law, Eben Moglen, said so eloquently last year at another event in Berlin — “freedom of thought requires free media”:
Two of my favourite talks, still freely available on the internet. Enjoy.
I have great pleasure in launching my new, bespoke website — made for me by Sander Venema, the founder of Asteroid Interactive in the Netherlands.
This is a new company that really listens to what you want, both in terms of design and the back-end system, and I cannot recommend them enough.
So what did I want and why?
First of all, I wanted to get out of the USA domain-name hegemony. Recently the US has been increasingly flexing its legal muscles internationally. It is now claiming global dominion over all the old domains originally set up in its territory: .com, .org, .net, .info, you name it.
And it does not matter if you are are a citizen of another country, living in another country, your website is hosted on another country’s servers, and you have nothing whatsoever to do with the good ol’ US of A: if you use one of these domain names, the US government can pull the plug on your site, with no warning and no redress. This has already started to happen.
So I am now safely ensconced in Switzerland — notably the only country not to take down the Wikileaks website in 2010, despite massive global push-back from the US et al. Switzerland still seems to be taking basic human rights seriously.
The US continually bleats on about the “free market”, so let’s vote with our wallets and remove our custom beyond its pernicious reach.
Secondly, I also wanted to walk the walk and move on to an open source platform and CMS (the software that makes it easy to publish without typing a lot of HTML by hand). This is the only way to ensure that you are not dependent on closed, proprietary software companies, which can be legally pressurised by nasties like the NSA or GCHQ into implanting convenient little “back doors” to spy on or manipulate your data. I made this move on my laptop years ago and have since enjoyed at least a relative sense of security.
And finally, my old site was looking messy — so much information, so little time.……
It needed a revamp, and I hope you find this site more user-friendly, and that you can find the information you want quickly. Please feel free to comment, or email me with any thoughts or suggestions.
I think Sander has come up with a beautiful design. The building in the banner incorporates an image of the old Stasi HQ in Berlin. I like the idea — an image of a panoptic police state that seemed brutally immutable, but that has now just.… gone.
It’s going to be a busy month for talks — I’ll be in Amsterdam with the Dutch (digital) civil rights organisation, Bits of Freedom, on 16th September. I use the brackets consciously, as I don’t personally see a distinction between rights in the physical or digital world — the underlying principles are the same.
BoF is doing great work, so anyone within striking distance of Amstie please come along, not only for the talk, but for what also promises to be a great social evening!
If you can’t make that night, I seriously recommend coming along to a BoF dinner on 24th September, where the guest of honour is acclaimed journalist, blogger and author, Cory Doctorow. I had the pleasure of meeting up with him a couple of years ago in London — an extremely switched on man.
I really, really enjoyed his digital activists’ handbook — sorry, novel — “Little Brother”, ostensibly aimed at the young adult market. But, hey, we’re all young at heart, and this book is spot on!
The US government has apparently been getting its knickers in a twist about the excellent Wikileaks website. A report written in 2008 by US army counter-intelligence analysing the threat posed by this haven for whistleblowers has been leaked to, you’ve guessed it, the very subject of the report.
Wikileaks was set up three years ago to provide a secure space for principled whistleblowers around the world to expose corruption and crimes committed by our governments, intelligence agencies and mega-corporations. The site takes great care to verify the information it publishes, adheres to the principle of exposing information very much in the public interest, and vigorously protects the identify of its sources.
By doing so, Wikileaks plays a vital part in informing citizens of what is being done (often illegally) in their name. This free flow of information is vital in a democracy.
Well, no government likes a clued-up and critical citizenry, nor does it like to have transparency and accountability imposed on it. Which led to the report in question.
As I have written before ad nauseam, whistleblowers provide an essential function to the healthy working of a democracy. The simplistic approach would be to say that if governments, spies and big corporations obeyed the law, there would be no need for whistleblowers. However, back in the real, post-9/11 world, with its endless, nebulous “war on terror”, illegal wars, torture, extraordinary rendition and Big Brother surveillance, we have never had greater need of them.
Rather than ensuring the highest standards of legality and probity in public life, it is far simpler for the powers that be to demonise the whistleblower — a figure who is now (according to the Executive Summary of the report) apparently seen as the “insider threat”. We are looking at a nascent McCarthyism here. It echoes the increasing use by our governments of the term “domestic extremists” when they are talking about activists and protesters.
There are laws to protect whistleblowers in most areas of work now. In the UK we have the Public Interest Disclosure Act (1998). However, government, military, and especially intelligence professionals are denied this protection, despite the fact that they are most often the very people to witness the most heinous state abuses, crimes and corruption. If they try to do something about this, they are also the people most likely to be prosecuted and persecuted for following their consciences, as I described in a talk at the CCC in Berlin a couple of years ago.
Ideally, such whistleblowers need a protected legal channel through which to report crimes, with the confidence that these will be properly investigated and the perpetrators held to account. Failing that, sites like Wikileaks offer an invaluable resource. As I said last summer at the Hacking at Random festival in NL, when I had the pleasure of sharing a stage with Wikileaks founder Julian Assange, I just wish that the organisation had existed a decade earlier to help with my own whistleblowing exploits.
The Official Secrets Act (1989) in the UK, is drafted to stifle whistleblowers rather than protect real secrets. Such laws are routinely used to cover up the mistakes, embarrassment and crimes of spies and governments, rather than to protect national security. After all, even the spooks acknowledge that there are only three categories of intelligence that absolutely require protection: sensitive operational techniques, agent identities and ongoing operations.
This US counter-intelligence report is already 2 years old, and its strategy for discrediting Wikileaks (by exposing one of their sources pour encourager les autres) has, to date, manifestly failed. Credit is due to the Wikileaks team in out-thinking and technologically outpacing the intelligence community, and is a ringing endorsement for the whole open source philosophy.
I’ve said this before, and I shall say it again: as our countries evolve ever more into surveillance societies, with big brother databases, CCTV, biometric data, police drones, voting computers et al, geeks may be our best (and last?) defence against emerging Big Brother states.
So the spooks are yet again trying to recruit IT professionals. MI6 is currently advertising for a, quote, “world class enterprise architect”, but is offering a salary significantly below the market rate. MI5 is constantly on the lookout for IT staff –as recent adverts in the press will attest.
My sense is that the agencies are still desperately playing IT catch-up. In the 1990s, when I worked as an intelligence officer, we were still writing out everything longhand and getting our secretaries to type it up – with all the attendant typos, revisions and delays. Information databases, such the system codenamed Durbar, which held the terrorist records, could only be accessed via 1970s, beige, monitor-and-keyboard, all-in-one computers.
In the early 1990s MI5 did try to develop its own information management system from scratch, rightly thinking that buying off-the-shelf from an American megacorp was probably not good security. However, MI5 management still thought IT was a low priority – despite the fact the efficient processing of information should have been the core work. So, the agency paid significantly below the market rates for IT professionals, and posted mainstream intelligence officers, with no project management experience, to run the department for 2 year periods. Needless to say, moral was rock-bottom. The IT bods were unmotivated, the IOs demoralised at being posted to a career graveyard slot and the unwieldy system, codenamed Grant, never got off the ground.
In the middle of the decade MI5 in desperation bought an off-the-shelf package which was based on Windows 95. Even then officers had to fight to have access to a terminal to do their work. And, of course, Windows is not known as the most stable or secure system available. I also heard recently that MI5 is still using this proprietary software, and thinks that it can protect its information systems by patching up security problems. It gives one such faith that MI5 can really protect this country from terrorist attack.
But this leads us onto a more serious issue regarding our national sovereignty. What the hell is our government doing, shovelling billions of pounds every year over to USIT companies to pay for licences that then permit our government departments to use their software packages? And with the current concerns about terrorism and the subsequent datamining activities of a paranoid US administration, how can we be sure that the NSA is not sneaking a peek at the work of our security forces via back doors in this software?
So, to protect our sovereignty, as well as develop our knowledge base and grow our economy, why does the UK government not encourage all government agencies and departments to switch from proprietary to open source software? After all, many other countries around the world are already doing this for precisely these reasons.
No doubt it’s that pesky “special relationship” kicking in again.….