Big Brother Is Watching
GROW TALK BY SOFY ROBERTSON
Grow Talk, the newest feature for Grow’s online platform, provides commentary on what’s happening both locally and globally and discusses its impact on the business world. Written by Sofy Robertson, our Online Content Assistant and the newest member of our editorial team, Grow Talk will be a regular feature exclusive to our website.
I skyped one of my closest friends last week and was slightly confused when our video chat connected and I was greeted with a grey screen. After a few seconds, the grey was peeled back; she had put tape over her computer’s webcam. I found it laughable at the time, but after the European Court of Human Right’s ruling that individuals’ rights to privacy had been breached through the UK’s mass interception programmes, I find myself reaching for the electrical tape.
At the end of last week, the ruling found that these programmes, which allowed untargeted surveillance of people’s emails and internet use, lacked oversight and safeguards were not robust enough. This ruling comes five years after computer analyst and whistle-blower Edward Snowden’s initial revelations of the bulk interception programmes, including Tempora, Upstream and Prism.
For those of you who aren’t up on your government code name programmes, (I counted myself in this category about an hour ago) here is a quick run-down. Tempora, which operates out of Cheltenham-based GCHQ, intercepts and stores a back-up of internet activity entering and leaving the UK through fibre optic cables for inspection. Upstream allows the Unites States’ NSA (National Security Agency) to carry out something very similar in the US. Finally, Prism permits the NSA to access communications that pass through American companies including Microsoft, Apple, Yahoo!, Google, Facebook, Skype and YouTube. That whole tape idea isn’t seeming nearly as silly now, is it.
Three separate case were brought to the European Court of Human Rights in November of last year following Snowden’s revelations and support from a number of human rights organisations. The case was closely linked with the installation of the Investigatory Powers Act (IP Act) that was passed at the end of 2016 and has since been widely criticised by security and privacy experts for the range of powers it allows police and security services. The IP Act allows for communication companies to store internet connection records for twelve months. This data includes details of every website every person in the UK has visited. At this point, you may be having palpitations as you try to mentally recall a year’s worth of internetting. Don’t worry, you aren’t alone, and yes, it does get worse.
The IP Act also has the power to force technology firms to act as it wants over end-to-end encryption. I dimly recall my husband’s best friend urging us all to communicate over WhatsApp due to its encryption level and therefore its ability to keep private conversations private. He was, of course, doing nothing untoward, that is to say he was doing nothing illegal… and I have to be honest that I did not give the conversation further thought. However, former Conservative Home Secretary Amber Rudd was quoted by the Guardian calling on organisations like WhatsApp to make sure they
“don’t provide a secret place for terrorists to communicate with each other.”
Even though the existing legislation allows the government to force such cooperation from companies like WhatsApp, Rudd hinted at new legislation if the company did not cooperate. That the government has not yet chosen to use its current power to force companies to decrypt private messages is telling of the feared backlash that this breach could cause. Nic Scott, MD at enterprise data security specialists Code42 observed in ComputerWorld UK that there are no “half measures” when it comes to encryption. He says:
“You either have encryption in place or you don’t. Once you create a backdoor for law enforcement purposes, you are also opening the door to other, potentially malicious, parties.”
There is no denying that there are real reasons behind the government’s push for more stringent surveillance. The Manchester bombings which killed 22 people strengthened the push to monitor communications and there is a definite comfort to be had that we, as a country, will not be intimidated by acts of terror and are heightening our defences against such acts.
However, this latest revelation of untargeted surveillance, of every citizen being deemed a suspect until proven otherwise, is downright Orwellian. The suggestion that it is okay for our privacy to be breached because the content will be ‘forgotten’ as long as it has no overbearing threat to the country’s security is shocking. More shocking, however, is how little we know about the extent to which we are being watched. Before writing this article, I had heard mentions of online monitoring but had never thought much more about it. Now having sat at my computer and researched the various agency involvements which span back several years, I feel increasingly like Fox Mulder and worry that at any moment my computer will be remotely shut down for wanting to tell the truth. Perhaps a slight overreaction, but with every keystroke in a search engine, I question at what level of ‘watch list’ I must be on.
I am aware that this is all sounding rather dystopian and at this very moment I may be in fear of losing any online audience I have. Fear not, there is light at the end of the tunnel. The very fact that I am writing this article shows that, although I would argue it is not widely publicised, our security and right to privacy is being questioned. This latest court ruling is a huge step to holding security agencies to account and arguing that, although we are in an ever-growing technology vacuum which presents as many threats as it does positives, our rights are still being fought for. Another example of this is the successful legal challenge against the Investigatory Powers Act, brought about by Labour MP Tom Watson who was represented by the civil liberties charity Liberty in January 2018. Martha Spurrier, director of Liberty, said to Computerworld UK :
“Spying on everyone’s internet histories and email, text and phone records with no suspicion of serious criminal activity and no basic protections for our rights undermines everything that’s central to our democracy and freedom.”
As a result, the government has until 1st November 2018 to amend the legislation.
From someone who, up until a few hours ago, had very little knowledge of my security and privacy online, I hope that this latest movement in the courts will publicise the security agencies’ current powers and increase the accountability by government bodies to consider the privacy and security of its citizens. Previously, I thought my greatest risk online was a computer virus or perhaps a hacker accessing my passwords, personal accounts and online finances. It is clear that this should still be a concern, particularly due to Nic Scott’s words of warning about encryption, but equally we should be aware of and fight for our right to privacy and expect protection from our government rather than blanket suspicion.