Euro Security Watch with Mathew J. Schwartz

Mass Surveillance: An Odd Justification

British PM Cited Cop Shows to Justify 'Snooper's Charter'
Mass Surveillance: An Odd Justification
British Prime Minister David Cameron

British Prime Minister David Cameron has pledged to "modernize" U.K. surveillance laws - including requiring the mandatory retention of data pertaining to Internet and mobile device usage - if his Tory party wins the general election this May.

See Also: Cybersecurity workforce development: A Public/Private Partnership that enhances cybersecurity while giving hands-on SOC experience to students

Giving evidence last year to a Parliamentary committee that has been weighing changes to the country's communications laws, Cameron admitted that the Tory party's proposals - which continue to be criticized by civil and privacy rights groups as being a "Snooper's Charter" - are "politically contentious."

But such changes are needed for capturing the modern communications data that Britain's security services require, Cameron told the Joint Committee on the National Security Strategy. "In most of the serious crimes, such as child abductions, communications data - about who called who and when and where the telephone was at the time, not the content of the call - are absolutely vital," he added. "There's hardly a [TV] crime drama where the crime isn't solved without using the data from a mobile communications device."

But when it comes to how fictional television shows use technology to help solve crimes - as displayed on British shows, such as "Broadchurch," as well as U.S. crime dramas "NCIS" and "CSI," which enjoy immense popularity in Britain - what happens on screen often bears little, if any, connection with reality.

Furthermore, bulk data retention could have a profound impact on individuals' right to privacy, upon which police TV show plots also regularly trample in the name of saving the day.

Seeking Mass Surveillance

The Tories' draft Communications Data Bill would require metadata from every mobile phone call, Skype and VoIP communications, instant messages and Facebook interactions to be retained by service providers for up to a year and furnished to the authorities upon request. That's in spite of the EU Court of Human Rights having ruled that mass surveillance - as opposed to targeted surveillance - violates individuals' right to privacy.

The original draft Communications Data Bill was blocked by the Liberal Democrat party in 2013. But in the wake of the January 2015 Paris massacre, Cameron promised to reintroduce the bill, and on Jan. 22, four members of the House of Lords tacked a related amendment onto the Counter-Terrorism and Security Bill that has been moving through Parliament. That met with fierce resistance, and the Lords withdrew their amendment, only to reintroduce it yet again on January 31. But on Feb. 2, that was also withdrawn, with backer Lord Carlile of Berriew blaming that move on the government having declined to provide Parliament with a copy of the proposal, even after it had requested it.

If revamping the country's surveillance laws is so important, it begs the question of why the Prime Minister is "bigging up" a bill before the election, without having the text of what he would actually propose. Also, why has Cameron found it necessary to use fictional television plots to justify the "contentious" surveillance regime he's been proposing since 2013?

Evidence: Missing

A cynic might question whether that's because there's scant hard evidence that retaining metadata helps stop crimes or prevent terrorism. Canadian surveillance scholar Adam Molnar, for example, notes that Western intelligence agencies are already "drowning in data," and that relevant information on suspects was captured prior to such events as the Boston Marathon bombing in 2013 and last month's Paris attacks, "but it made very little difference."

Government demands to expand - a.k.a. "modernize" - surveillance laws also bely the immense capabilities already enjoyed by today's security state. "The intelligence agencies are living in a golden age of surveillance," Phil Zimmerman, who created the e-mail encryption software Pretty Good Privacy and is now president of secure communications company Silent Circle, tells the Guardian. "They can track movements, transactions, who's having lunch with who, who's sleeping with who. They can see everything!"

'Big Data' Assumptions

Cameron's proposal also belies growing evidence that taking a "big data" approach to surveillance - intercepting and keeping every last piece of metadata possible, in case you need it later - may make law enforcement and intelligence agencies less effective. That's because instead of helping to pinpoint the needle in the haystack, big data experts say it makes the needle harder to find. In the words of former U.S. National Security Agency official - turned critic - Thomas Drake: "If you target everything, there's no target."

Setting aside the potential for privacy rights to be sacrificed in the name of false security, the theory of saving metdata - just in case, one day, it might save the day - sounds compelling. And Britain is not the only country pursuing this approach. In the United States, the 2001 Patriot Act - which allows intelligence agencies to intercept some phone and online communications - was used by the White House to secretly justify the bulk interception and retention of metadata, as former NSA contractor Edward Snowden's leaks have revealed.

But where is the evidence that such an approach works? "The intelligence community has never made a compelling case that bulk collection stops terrorism," says Rep. James Sensenbrenner, R-Wis., who authored the U.S. Patriot Act.

Is that why the U.K. prime minister has been left citing fiction?

About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.