The tragic news from Paris shook the world, and has led to an urgent reconsideration of how we can safeguard our citizens’ security. Less than two weeks after the announcement of Theresa May’s Investigatory Powers Bill, the horrific events of Paris still cannot be used as a means to justify it.
“Computers are central to our everyday lives. Big data is reshaping the way we live and work. The internet has brought us tremendous opportunities to prosper and interact with others. But a digital society also presents us with challenges. The same benefits enjoyed by us all are being exploited by serious and organised criminals, online fraudsters, and terrorists. The threat is clear. In the past 12 months alone, six significant terrorist plots have been disrupted here in the UK, as well as a number of further plots overseas. The frequency and cost of cyber-attacks is increasing, with 90% of large organisations suffering an information security breach last year.” Theresa May
The Bill was justified by the Rt Hon Theresa May MP as necessary to ensure that “law enforcement and the security and intelligence agencies have the powers they need to keep us safe”. But does this Bill really succeed in keeping us safe, and if so, at what cost?
Here are the key points that the bill lays out:
- web and phone companies to store records of websites visited by every citizen for 12 months.
- makes explicit in law for the first time security services’ powers for the bulk collection of large volumes of personal communications data.
- security services and police to be legally able to hack into and bug computers and phones, with new legal obligation on companies to assist.
- Internet and phone companies to be required to maintain “permanent capabilities” to intercept and collect the personal data passing over their networks.
This does not simply give the intelligence agencies the power to monitor their citizens, but can also be used to justify the criminalisation of services such as Whatsapp and Snapchat, and to justify companies being forced to hand over all data to the intelligence agencies. But is this really an issue?
Does it matter? The argument being, if we have nothing to hide, we have nothing to fear.
However as Heather Brooke of The Guardian argued, “This snooper’s charter makes George Orwell look lacking in vision.” The bill is a fundamental attack on our rights. We do not have to justify our rights, including that of privacy. Indeed, contrary to our judicial system, essentially we are no longer innocent until proven guilty, we are now all treated as suspects, guilty until proven otherwise, within the “ultimate panopticon”.
Moreover this article would aver that the impacts of ubiquitous surveillance are far further reaching. Apple’s Tim Cook, concerned about the resultant loss of trust in businesses, declared that the company “believe very strongly in end-to-end encryption and no back doors … [and] don’t think people want [Apple] to read their messages. We don’t feel we have the right to read their emails.” As well as damaging the relationship between firms and society, surveillance promotes distrust between the public and the state, while breeding conformity to social norms, and forcing us to ‘self-govern’.
This can be directly damaging to society, causing innovation to falter as people become less willing to take risks. Moreover surveillance impairs mental health and performance, leading to heightened levels of stress, fatigue and anxiety, and removing anonymity and confidentiality in the online world.
Besides the expense of running mass surveillance programs, the fact that these programs can so easily be abused, and the unquantifiable costs of destroying trust in various tech businesses (especially from foreign users and customers), the bill is fundamentally flawed. The meretricious expansion of the law to give greater powers to monitoring our internet data is misguided. Through services such as Virtual Proxy Networks (VPNs) or Tor, any individual can bypass the law, by masking their connection to the Internet Service Provider (ISP). Indeed through such services we as citizens may take back our right to privacy. Pushing more and more traffic to the ‘Dark Web’, will only make it harder to identify those who are using these services in nefarious ways.
In a statement from Downing Street, the Prime Minister expressed solidarity with France and warned that “however much we prepare, we in the UK face the same threat”. Despite extra security, the possibility of an attack remains highly likely. Consequently the answer is not to treat everyone as suspects, but to continue functioning as normal.
By proposing this bill the intelligence community is in fact weakening our national security by installing backdoors that malicious users can and will find and exploit. The more we subject innocent people to eavesdropping on the Internet and other communications technologies, the less secure we are from eavesdropping by others. Our choice isn’t between a digital world where GCHQ can or can’t eavesdrop, but between a digital world that is vulnerable to all attackers, and one that is (more) secure for its users.
Surveillance advocates would posit that their goal is security. Yet the “solution” offered by this Bill hasn’t made us any more secure… it has made us less secure.
No doubt in a world of unprecedented data and information online, and in the wake of recent events, we must reconsider how we consider our national security. However this Bill has been created without truly understanding technology or the internet. It does no more than legitimise mass surveillance. In the words of Snowden, “It is the most intrusive and least accountable surveillance regime in the West.”
The Conservative government is seeking to enforce these new measures, whilst simultaneously looking to reduce the scope of the Freedom of Information Act. Unfortunately the act as it is already doesn’t cover individual MPs. Thus data transparency will only be one-way. Privacy remains reserved for the very people who are obliged to be accountable to the public. But now that Snowden’s claims have now been publicly verified, simply through being aware that we’re being monitored, we can start to resist, and take back our privacy.
(Disclaimer – This article was written independent of the University of Bristol, and in no way reflects the views of this, or any other institution).
This article was originally posted on the author’s personal website.
Get in touch with the author.