cyberspace and the riots

A variety of media, politicians and commentators have rushed to blame social media such as Twitter and Facebook for helping fuel the recent riots in London and elsewhere, with calls to “switch them off” when they appear to be assisting with the planning of violence, disorder and criminality.

Yet such a response runs the risk of leaving the police and other intelligence agencies running blind. After all, what better policing tool could there be than one that tells you who is planning what and where they intend to go and what they intend to do? The Onion‘s spoof claim that the CIA run’s Facebook remains a telling insight into the rich intelligence information that social media can provide. If the right intelligence systems had been in place during the development of the riots, the police would have been able to map in real time who was planning to move where, when, and what activities they were proposing to engage in.

However, the long-established assumption that we are innocent until proven guilty is potentially undermined by such invasive uses of technology. So where should the lines be drawn between maintaining our freedoms in cyberspace, and providing the police and other agencies with the access they need to identify and prosecute criminal behaviour?

I’m not sure we’re going to have a rational answer to such a question until the realities of what modern technology now makes possible are much better and more widely understood. We need an informed public debate about modern technologies and the role they can play in either protecting, or eroding, our traditional freedoms.

Even the well-intentioned act of gathering citizens’ personal information into ever larger state-run IT systems in order to deliver better public services can result in technology delivering the very opposite outcome. Thereby undermining the UK’s historic civil liberties and ultimately placing both citizens and the state at greater risk. In the recent News of the World “phone hacking” case, for example, it is alleged that corrupt police provided information from their internal computer systems to help facilitate the acts of unlawful access to people’s voicemails. Systems put in for one reason – to protect the public – have ended up being used for the very opposite purpose.

However, instead of smartly targeting resources, the UK has historically attempted to subject the entire population to the routine interception and surveillance of their electronic communications. Even now there are siren voices, such as a former Home Secretary, saying that national identity cards would have helped police with the recent riots. It is hard to see how pieces of plastic in our pocket telling us who we are could have made any difference.

We need to adopt a much more intelligent approach, to move away from the naive and misguided attempt to place the entire UK population inside a digital panopticon towards the smart use of targeted intelligence systems. We need to replace the failed ideology of mass surveillance, from widespread use of CCTV to the routine interception of our electronic communications and misguided initiatives such as identity cards. These initiatives have squandered precious resources that should have been used to build twenty-first century intelligence systems, operating under Parliamentary and judicial oversight, that align to and strengthen our historic civil liberties.

The more that governments seek to routinely intercept and monitor digital communications, and acquire more and more information about their citizens, the more those they are actually interested in – terrorists, for example – are likely to find effective means of counteracting or entirely bypassing such mass surveillance regimes.

The disruption of the Revolutionary Armed Forces of Colombia, or FARC, guerrilla group, illustrates how such groups find ways of bypassing interception and surveillance regimes. In the case of FARC, it was discovered that they had curtailed their use of mobile phones and other electronic forms of communication – on the basis they were likely to be intercepted – and instead relied on the use of couriers moving USB memory sticks from one camp to another. Another example is provided by the recent Russian spy ring case which involved the use of ad-hoc wireless networks between agents and their handlers.

The irony is that in such circumstances government surveillance regimes end up squandering limited resources pointlessly monitoring the innocent mass of the population, whilst those in whom law enforcement and intelligence agencies actually have an interest will find increasingly effective ways of communicating in ways that are far less prone to routine interception. Carefully targeted surveillance and interception, alongside better investment in human intelligence, remains a more effective tool of investigation than mass digital surveillance.

The recently established Commission on the Bill of Rights will presumably have a key role in exploring how our traditional civil liberties and human rights, enjoyed in the UK since at least Magna Carta, are being treated in the digital domain. The real test will be whether we see an outcome that provides us with the equivalent of a Bill of (Digital) Rights, including the presumption of innocence in cyberspace, as in the “real” world, until proven guilty.

Now seems to me the perfect opportunity to achieve the best of all worlds: the extension of the protection of our traditional civil liberties and freedoms into cyberspace; and an improved capability within the police and intelligence services to use targeted techniques and technologies to detect and effectively prosecute criminality.

These are not mutually incompatible outcomes. Indeed, I think one without the other is unsustainable: treating us all as if in cyberspace we are guilty until proven innocent merely sets the mainstream of public opinion against government. Sir David Omand (the first holder of the post of UK Security and Intelligence Coordinator) was always careful to acknowledge the key role the public needs to play:

“The primary duty of government is still public protection, but in a world of multiple threats and risks the public have to be trusted to be players.”

He further clarified that the state should adopt an approach that involved “… using only the minimum intrusion necessary into the private affairs of others.” There is a clear need for the UK not to rush to short-sighted solutions, such as “switching off social media”, but to introduce a much more effective governance model for technology policy that ensures it aligns with both public policy and the rule of law. Trying to rush legislation into place that yet again fails to adequately understood technology will continue to hinder rather than help, and further weaken our national security rather than offering us better protection.

The simple truth is that it is possible to both defend our freedoms and have more effective policing and intelligence systems. The UK’s national technology policy urgently needs to align our civil liberties and the law, and to better focus limited resources where they can have most impact.

The real question now is whether politicians of all parties will rise to the challenge, and help turn the destructiveness of the riots into a positive force for change.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.