The BBC was busy again last week promoting the line of the UK security services that they need even more extensive powers to be able to read and track all our email messages and online interactions. This might just be a double bluff given that the Snowden revelations show that GCHQ is hoovering up huge amounts of data illegally. However, it is more worrying if the spooks actually believe that this is something they should prioritise.
Security correspondents routinely inform us that we can never know how many potential attacks the security services have prevented, which is true. However, a quick scan of the attacks which did happen show that the main failures have been in real world targeted surveillance and follow-up, rather than because of any gaps in trawling meta-data.
The Charlie-Hebdo attackers were known to the French Security Services and to the CIA, but physical surveillance had been dropped. The previous Charlie Hebdo offices had been attacked and the editor, Stéphane Charbonnier, was under armed police protection. Sadly the two gunmen seemingly blundered through whatever physical security had been implemented at the new offices (they reportedly called first at a neighbouring office), forcing a staff member to enter a key-code at gun-point. They apparently shot and killed the police bodyguard, Franck Brinsolaro, before he was able to draw his weapon. The forthcoming inquiries will hopefully shed more light on the details of what happened exactly, but it is clear that this was a catastrophic failure of physical security at what was known to be one of the top targets of violent extremists in France.
Human rights defenders want more effective action by the security forces to prevent attacks on civilians not less. Our concern is not that the security forces are doing too much, our concern is that they are not doing enough targeted surveillance (within a legal framework), but have instead been seduced by the idea that a clever computer hack is going to solve all their problems for them.
The US National Security Agency intercepted UN Secretary General Ban Ki Moon’s talking points before a 2013 meeting with President Obama and reported this as an “operational highlight” in a weekly internal brag sheet. It is not the stupidity of bugging Ban Ki Moon which is worrying, but that they thought it was something to boast about. It seems that the spy agencies of several Western Governments are so excited about what they can do that they have lost sight of what they should do.
In countries around the world people are much more likely to come forward with information on individuals or groups who may be intent on violence if they have trust in the police or security services. It seems that in the UK and US they are determined to undermine that trust. Mass surveillance, torture and rendition are not strategies which encourage public confidence.
It is poor computer security which has facilitated the world of spam, hacking and bot-nets which allow criminals to use networks of compromised machines to do as they please with near impunity. More digital security would almost certainly be good for the security of all of us.
And autocratic Governments such as Russia, China and Saudi Arabia love the investment in and legitimation of mass surveillance technology. It helps them to identify and lock up human rights defenders and anyone who might question their rule.
Osama bin Laden spent his last years in a compound with no computer and no phone. Every potential terrorist who watches Homeland or the latest horror video on drone strikes, is aware of the perils of using a mobile phone. Mass electronic surveillance, though lucrative for some, is a dangerous because it diverts resources from the hard slog of identifying, tracking and gathering the evidence to prosecute individuals, because it undermines confidence in the security services and because it provides moral and technological support for repression by autocrats around the world.