European Parliament LIBE Inquiry on Electronic Mass Surveillance of EU Citizens

Below is some back­ground mater­i­al from my sub­mis­sion to the European Parliament’s LIBE Com­mit­tee on the implic­a­tions of the NSA scan­dal.

Here is a video link to the hear­ing.

LIBE Com­mit­tee Inquiry on Elec­tron­ic Mass Sur­veil­lance of EU Cit­izens, European Par­lia­ment, 30th Septem­ber 2013

Bio­graphy:

Annie Machon was an intel­li­gence officer for the UK’s MI5 in the 1990s, before leav­ing to help blow the whistle on the crimes and incom­pet­ence of the Brit­ish spy agen­cies.  As a res­ult she and her former part­ner had to go on the run around Europe, live in exile in France, face arrest and impris­on­ment, and watch as friends, fam­ily and journ­al­ists were arres­ted.

She is now a writer, media com­ment­at­or, polit­ic­al cam­paign­er, and inter­na­tion­al pub­lic speak­er on a vari­ety of related issues: the war on ter­ror­ism, the war on drugs, the war on whis­tleblowers, and the war on the inter­net.  In 2012 she star­ted as a Dir­ect­or of LEAP in Europe (www​.leap​.cc).

Annie has an MA (Hons) Clas­sics from Cam­bridge Uni­ver­sity.

Back­ground mater­i­al:

Recom­mend­a­tions:

  • Mean­ing­ful par­lia­ment­ary over­sight of intel­li­gence agen­cies, with full powers of invest­ig­a­tion, at both nation­al and European levels.
  • These same demo­crat­ic bod­ies to provide a legit­im­ate chan­nel for intel­li­gence whis­tleblowers to give their evid­ence of mal­feas­ance, with the clear and real­ist­ic expect­a­tion that a full inquiry will be con­duc­ted, reforms applied and crimes pun­ished.
  • Insti­tute a dis­cus­sion about the leg­al defin­i­tion of nation­al secur­ity, what the real threats are to the integ­rity of nation states and the EU, and estab­lish agen­cies to work with­in the law to defend just that. This will halt inter­na­tion­al intel­li­gence mis­sion creep.
  • EU-wide imple­ment­a­tion of the recom­mend­a­tions in the Ech­el­on Report (2001):
  1. to devel­op and build key infra­struc­ture across Europe that is immune from US gov­ern­ment­al and cor­por­at­ist sur­veil­lance; and
  2. Ger­many and the United King­dom are called upon to make the author­isa­tion of fur­ther com­mu­nic­a­tions inter­cep­tion oper­a­tions by US intel­li­gence ser­vices on their ter­rit­ory con­di­tion­al on their com­pli­ance with the ECHR (European Con­ven­tion on Human Rights).”
  • The duty of the European par­lia­ment is to the cit­izens of the EU.  As such it should act­ively pur­sue tech­no­logy policies to pro­tect the pri­vacy and basic rights of the cit­izens from the sur­veil­lance of the NSA and its vas­sals; and if it can­not, it should warn its cit­izens abut this act­ively and edu­cate them to take their own steps to pro­tect their pri­vacy (such as no longer using cer­tain Inter­net ser­vices or learn­ing to use pri­vacy enhan­cing tech­no­lo­gies). Con­cerns such as the trust Europeans have in ‘e-com­merce’ or ‘e-gov­ern­ment’ as men­tioned by the European Com­mis­sion should be sec­ond­ary to this con­cern at all times.
  • Without free media, where we can all read, write, listen and dis­cuss ideas freely and in pri­vacy, we are all liv­ing in an Orwellian dysto­pia, and we are all poten­tially at risk. These media must be based on tech­no­lo­gies that empower indi­vidu­al cit­izens, not cor­por­a­tions or for­eign gov­ern­ments. The Free Soft­ware Found­a­tion has been mak­ing these recom­mend­a­tions for over two dec­ades.
  • The cent­ral soci­et­al func­tion of pri­vacy is to cre­ate the space for cit­izens to res­ist the viol­a­tion of their rights by gov­ern­ments and cor­por­a­tions. Pri­vacy is the last line of defense his­tor­ic­ally against the most poten­tially dan­ger­ous organ­isa­tion that exists: the nation state. There­fore there is no ‘bal­ance between pri­vacy and secur­ity’ and this false dicho­tomy should not be part of any policy debate.

The End of Privacy and Freedom of Thought?

I saw this chilling report in my Twit­ter feed today (thanks @Asher_Wolf): Tel­stra is imple­ment­ing deep pack­et inspec­tion tech­no­logy to throttle peer to peer shar­ing over the inter­net.

Des­pite being a clas­si­cist not a geek by train­ing, this sounds like I know what I’m talk­ing about, right?  Well some­what to my own sur­prise, I do, after years of expos­ure to the “hackt­iv­ist” eth­os and a grow­ing aware­ness that geeks may our last line of defence against the cor­por­at­ists.  In fact, I recently did an inter­view on The Keiser Report about the “war on the inter­net”.

Offi­cially, Tel­stra is imple­ment­ing this cap­ab­il­ity to pro­tect those fra­gile busi­ness flowers (surely “broken busi­ness mod­els” — Ed) with­in the enter­tain­ment and copy­right indus­tries — you know, the com­pan­ies who pimp out cre­at­ive artists, pay most of them a pit­tance while keep­ing the bulk of the loot for them­selves, and then whine about how P2P file shar­ing and the cir­cu­la­tion and enjoy­ment of the artists’ work is theft?

But who, ser­i­ously, thinks that such tech­no­logy, once developed, will not be used and abused by all and sun­dry, down to and includ­ing our bur­geon­ing police state appar­at­us? If the secur­ity forces can use any tool, no mat­ter how sor­did, they will do so, as has been recently repor­ted with the UK under­cov­er cops assum­ing the iden­tit­ies of dead chil­dren in order to infilt­rate peace­ful protest groups.

Writer and act­iv­ist, Cory Doc­torow, summed this prob­lem up best in an excel­lent talk at the CCC hack­er­fest in Ber­lin in 2011:

The shred­ding of any notion of pri­vacy will also have a chilling effect not only on the pri­vacy of our com­mu­nic­a­tions, but will also res­ult in our begin­ning to self-cen­sor the inform­a­tion we ingest for fear of sur­veil­lance (Nazi book burn­ings are so 20th Cen­tury).  It will, inev­it­ably, also lead us to self-cen­sor what we say and what we write, which will slide us into an Orwellian dysto­pia faster than we could say “Aaron Swartz”.

As Columbi­an Pro­fess­or of Law, Eben Moglen, said so elo­quently last year at anoth­er event in Ber­lin — “free­dom of thought requires free media”:

Two of my favour­ite talks, still freely avail­able on the inter­net. Enjoy.

Mediafabric talk, Prague, October 2011

Last Octo­ber I had the pleas­ure of speak­ing at the excel­lent Medi­afab­ric con­fer­ence in Prague.  The focus of my talk was the future of intel­li­gence, whis­tleblow­ing and journ­al­ism.

The event was organ­ised by Source­fab­ric, an inter­na­tion­al organ­isa­tion that provides open source tools and solu­tions for journ­al­ists, so it was an eclect­ic and stim­u­lat­ing crowd of journ­al­ists, geeks, hack­tav­ists and design­ers.   So well done and thank you to the organ­isers.

Here’s the video:

Speaking at Mediafabric Conference, Prague, 21 October

SF_brandmark_small

Off tomor­row to speak at the Medi­afab­ric con­fer­ence in Prague. 

Should be a good one — all about the media, journ­al­ists, tech­no­lo­gists, design­ers, hack­ers,  and all points in between!

The con­fer­ence has been organ­ised by Source­fab­ric, and there will be live stream­ing here.

The Ghost of Daniel Ellsberg

Pentagon_papers This is an excel­lent art­icle from a European tech­no­logy strategist and futur­ist.  It suc­cinctly sums up all that is wrong with the old media’s cov­er­age of the Wikileaks story over the last year, where people obsess about the tech­no­logy, the web­site and the per­son­al life of Juli­an Assange.

As the art­icle says, we should be focus­ing on the core issues: illeg­al wars, war crimes, murder, tor­ture, cor­por­ate and polit­ic­al cor­rup­tion, and dip­lo­mat­ic dupli­city.

Let’s address the mes­sage, not attack the mes­sen­ger, and cer­tainly not the medi­um.

 

 

CCTV doesn’t prevent crime

So, the argu­ment about CCTV and our big broth­er soci­ety rumbles on. A seni­or police­man, Detect­ive Chief Inspect­or Mick Neville of the Visu­al Images, Iden­ti­fic­a­tions and Detec­tions Office (Viido) at New Scot­land Yard, has been quoted as say­ing that only 3 per cent of crimes have been solved by CCTV evid­ence. Des­pite the UK hav­ing the highest per cap­ita num­ber of CCTVs in the world, this brave new world has failed to make us safer.

A few oth­er police forces, and nat­ur­ally the secur­ity com­pan­ies flog­ging the kit, say that CCTV has at least dra­mat­ic­ally reduced oppor­tun­ist­ic crimes. Who should we believe?

What can­not be dis­puted is the fact that there are well over 4,000,000 CCTVs in this coun­try, and the organ­isa­tion, Pri­vacy Inter­na­tion­al, assesses that we are the most watched cit­izenry in Europe.

While some law-abid­ing cit­izens say they feel intim­id­ated by CCTV and how the inform­a­tion could poten­tially be mis­used, most people seem not to care. In fact, the major­ity appar­ently feel safer if they can see CCTV on the streets, even if this per­vas­ive sur­veil­lance has in no way dis­cour­aged crimes of viol­ence. So why this gap between per­cep­tion and real­ity?

One of my pet the­or­ies has always been to blame Big Broth­er. No, not the book. I have always been flum­moxed by the pop­ular­ity of the TV show and the pleth­ora of real­ity TV spin-offs. My instinct­ive reac­tion was that it was sim­il­ar to being “groomed” to accept round-the-clock intru­sion into our per­son­al lives. More than accept – desire it. The clear mes­sage is that such sur­veil­lance can lead to instant fame, wealth and access to the Z-list parties of Lon­don. And for that we are sleep-walk­ing into a real Orwellian night­mare.

Slightly flip­pant the­or­ies aside, it is inter­est­ing that one of the most cited examples of the need for CCTV was the Bish­opsgate bomb­ing in Lon­don in 1993. In this case a lorry bomb, filled with a tonne of home made explos­ive (HME) was det­on­ated in the heart of the city of Lon­don by the IRA. One per­son was killed, many were injured, and hun­dreds of mil­lions of pounds worth of dam­age was caused, not to men­tion the fact threat the IRA scored a huge pub­li­city coup.

But this had noth­ing to do with the lack or oth­er­wise of CCTV in the streets of the City. It was an intel­li­gence fail­ure, pure and simple.

This attack could and should have been pre­ven­ted. It occurred while I was work­ing in MI5, and it was widely known in the ser­vice at the time that the bomber should have been arres­ted six months before dur­ing a sur­veil­lance oper­a­tion. Des­pite the fact that he was seen check­ing out anoth­er lorry bomb in stor­age, he was allowed to walk free and escape to the Repub­lic of Ire­land due to pro­ced­ur­al cock-ups. Months later, he returned to the City and bombed Bish­opsgate.

By rely­ing increas­ingly on tech­no­lo­gies to pro­tect us, we are fol­low­ing in the foot­steps of the Amer­ic­ans. They have always had an over-reli­ance on gad­gets and giz­mos when seek­ing to invest­ig­ate crim­in­als and ter­ror­ists: satel­lite track­ing, phone taps, bugs. But this hoover­ing up of inform­a­tion is nev­er an adequate replace­ment for pre­cise invest­ig­at­ive work. Plus, any crim­in­al or ter­ror­ist worth their salt these days knows not to dis­cuss sens­it­ive plans elec­tron­ic­ally.

Scat­ter-gun approaches to gath­er­ing intel­li­gence, such as blanket sur­veil­lance, still at this stage require human beings to pro­cess and assess it for evid­en­tial use. That, accord­ing to DCI Neville, is part of the prob­lem. There is just too much com­ing in, not enough staff, insuf­fi­cient co-oper­a­tion between forces, and the job lacks per­ceived status with­in the police.

The oth­er prob­lem of an over-reli­ance on tech­no­logy is that it can always be hacked. The most recent hack­ing has broken the RFID chips that we all carry in our pass­ports, Oyster cards and the planned ID cards. New tech­no­lo­gies can­not guar­an­tee that our per­son­al data is secure, so rather than pro­tect­ing us, they make us more liable to crimes such as iden­tity theft.

So once again nation­al and loc­al gov­ern­ment bod­ies have rushed to buy up tech­no­logy, without fully think­ing through either its applic­a­tion or its use­ful­ness. And without fully assess­ing the implic­a­tions for a free soci­ety. Just because the tech­no­logy exists, it does not mean that it is fit for pur­pose, nor that it will make us safer.