World War Privacy (Part II: Five Eyes – United Kingdom)

World War Privacy (Part II: Five Eyes – United Kingdom)

Header image by Thomas Tolkien, Creative Commons

As part of an ongoing series on the state of citizen privacy and the erosion of civil liberties, World War Privacy will be exploring current issues in different countries around the world. The purpose behind this series is to give some strands for further research and enquiry as well as directing you towards organisations that are helping stand up against an almost insurmountable challenge. We can’t overcome this if we all stay silent and still – the time to act is now and the ability to do so is readily available to us all.

Five Eyes – United Kingdom

In the first part of this series we discussed the Five Eyes project and had a brief look at the current state of play within the United States.  With the monumental funding and carte blanche activity that the US intelligence agencies are renowned for, it’s easy to forget that there’s another country in the world’s primary surveillance alliance that has pushed the boundaries even further in many ways. The United Kingdom has long been at the forefront of domestic surveillance in the West beginning with, under the guise of criminal justice, an extensive CCTV network that was quickly normalised. With the advent of digital technology, the UK continues to be one of the main nation states seeking to reconcile a sense of democratic freedom and individual agency with near total surveillance and access to every aspect of citizen’s lives and communications.

The history of surveillance in the United Kingdom is a detailed one that grows out of the well-renowned code-breaking efforts during WWII.  In recent years, this has culminated in the Investigatory Powers Act 2016 (known more widely as the ‘Snooper’s Charter’).  After many years of protest and political hurdles, the Conservative government was able to push through reforms that broadly legalised government surveillance in what has been called by one privacy advocacy group as “one of the most extreme surveillance laws ever passed in a democracy”.  Not everything within the Act has been fully implemented at this stage, but it includes so-called ‘reforms’ like the following:

  • Forces Internet Service Providers to maintain detailed records of individual users online activity, with internet search histories available to law enforcement without a warrant.
  • Allows intelligence agencies such as GCHQ and MI5 to hack, control and alter networks, computer systems and digital devices as routine practice, even in instances of bulk hacking around certain locations or events.
  • Attempts to undermine ‘electronic protection’ measures (such as encryption) by forcing companies to comply with requests for access; necessarily requiring them to offer less secure services and software.
  • Allows the collection and use of ‘bulk personal datasets’ (both private and publicly available) for incredibly detailed and intrusive data analysis.

This new legislation has deservedly come under a great deal of criticism, from across the political spectrum and including criticism in no uncertain terms from the UN’s Privacy Chief who said it was contrary to the positive moves towards citizen right to privacy seen in the EU.

One Nation Under CCTV (Image by Carolina Alves, CC)This legislation alone places the United Kingdom as one of the most draconian Western countries when it comes to surveillance of its own citizens, setting a poor example for other democratic states.  Unfortunately, this has also been backed up by clear and consistent ignorance from senior politicians – including the Home Secretary, Amber Rudd, who recently described the end-to-end encryption of WhatsApp as ‘completely unacceptable’.  Thankfully, her rally call against encryption (with others coming from Prime Minister, Theresa May) was widely ridiculed even by former intelligence chiefs.

The approach being taken here is particularly worrying when combined with the slippery slope of social profiling, where the definition of ‘terrorist’ begins to shift towards political dissidents of all kinds.  This occurred back in 2011 during the Occupy protests, which were labelled in a memo from the Metropolitan Police in the City of London as ‘domestic terrorists’ – we can presume that highly intrusive surveillance was used on anybody involved in those protests at the time.

It has also been seen in the use of Schedule 7 of the Terrorism Act to compel individuals to hand over passwords and access to digital devices ‘upon police request’. More recently, it has been publicly stated that use of the Dark Web (which is a dog-whistle for ‘anonymous internet use’) is being viewed as a potential sign of terrorism. The most prominent use of the Dark Web is currently for cybercrime and the purchase of recreational drugs – an example of how the terrorism net is ever-widening.

When it comes to this kind of legislative approach, the Independent Reviewer of Terrorism Legislation in the UK concluded that ‘anti-terror laws’ should be scrapped as existing laws against criminal activity are adequate to combat the threats at hand without the widespread erosion of civil liberties. It seems highly unlikely that this expert advice will be heeded, so we should consider carefully just why that is the case.

This slippery slope doesn’t just extend to individuals (see another example in the facial recognition technology was utilised at the Notting Hill Carnival), but also to ideas in the form of online censorship.  With calls for automated censorship gaining traction, alongside the draconian response to online pornography and other measures snuck into the Digital Economy Act, we should be deeply concerned about the suppression of the internet as a neutral space allowing the free expression of ideas and the widest possible debate.

Outside of the government erosion of civil liberties outlined above, there have also been other key battles taking place – with one of particular note being the collection, storage and usage of bulk data sets related to the National Health Service (NHS) and the personal medical records of UK citizens. A recent collaboration between the NHS and Google’s DeepMind that involved the patient records of 1.6 million people came under fire for clearly breaching data protection laws.  This followed earlier criticism when the NHS had disregarded the requests of tens of thousands of individuals to ‘opt out’ of a new system for the sharing of medical records.

There are also some vitally important concerns being raised over the manipulation of public opinion through the use of Big Data, with key examples such as Cambridge Analytica having a huge (and subversive) impact on the democratic process.  Whilst these kinds of companies present themselves as new-wave pollsters for the digital age, it’s worth considering whether they are more akin to military grade psy-ops used by private individuals/companies against civilian populations.

There is some hope, particularly when it comes to corporate use of personal data. Proposed improvements to the Data Protection Act, which has long been a great benefit to citizens in the UK, are set to criminalise the re-identification of anonymised data (something that is surprisingly easy to do with just a few data sets). Alongside this, a legal challenge to the overreaching Investigatory Powers Act (spearheaded by Liberty) is working its way through the High Court and will provide a focal point for resistance to mass surveillance in the UK throughout 2018.

Conclusion

There is an alarming trend in the United Kingdom towards undermining our individual and collective right to privacy. Rhetoric coming from government officials is not just concerning because of its authoritarian attitude, but also because it is so often based upon a misunderstanding of the fundamental principles that make the digital age work in the first place.

Unfortunately, this doesn’t look like it’s going to improve in the near term – as the move away from the European Union (which, for all its own flaws in these areas, does seem to be moving in the right direction broadly speaking) opens up a legal and regulatory wildlands that will almost certainly be used to legalise as much government surveillance and corporate sector utilisation of personal data as can possibly be mustered.

There is a lot of work to be done by concerned citizens to stand up to such injustice.  Key organisations such as Liberty, Privacy International, the Open Rights Group and the Don’t Spy on Us campaign all deserve your attention and support.

Privacy is not just for the individual, but for all those that each of us are connected to – it impacts whole groups and networks simultaneously. Demanding a private life free from the impact of social profiling, emotional manipulation and the narrowing of acceptable debate is not something that should cause suspicion – it should be the norm. We must collectively view privacy as a basic human right to ensure the freedom, creativity and dignity for all of us to flourish in our lives and the world we share.

Next up: we look at Australia, New Zealand and Canada…