Practical Applications For Massive Surveillance Databases: Timely Birthday Cards, Travel Diaries
from the the-ultimate-vanity-search-engine dept
If you want to get a feel for the gobsmacking amount of information being collected by UK surveillance agencies (MI5, M16, GCHQ), all you have to do is see how it’s being misused. Privacy International, which has been steadily suing the UK government over domestic surveillance, has received another set of documents that show the banality of dragnet surveillance evil. The banality is not so much the dragnet itself (although that’s not to say it isn’t its own form of evil) as it is the uses it’s put to.
Ryan Gallagher, writing for The Intercept, points out that spies are using surveillance collections as backup Day-Timers — apparently with enough frequency they’ve had to be warned to knock it off.
The documents include internal guidance codes for spies who have access to the surveillance systems. One memo, dated June 2014, warns employees of MI6, the U.K.’s equivalent of the CIA, against performing a “self-search” for data on themselves, offering a bizarre example that serves to illustrate the scope of what some of the repositories contain.
“An example of an inappropriate ‘self search’ would be to use the database to remind yourself where you have traveled so you can update your records,” the memo says. “This is not a proportionate use of the system, as you could find this information by another means (i.e. check the stamps in your passport or keep a running record of your travel) that would avoid collateral intrusion into other people’s data.”
The information collected includes data that could reveal political preferences, sexual orientation, religious beliefs, memberships in associations or groups, mental/physical health along with biometric data and financial documents. With a little digging, the massive database could be used to uncover journalists’ sources and privileged communications.
The wealth of information at the fingertips of British spies helps explain why they never seem to forget important dates.
“We’ve seen a few instances recently of individual users crossing the line with their database use, looking up addresses in order to send birthday cards, checking passport details to organise personal travel, checking details of family members for personal reasons…”
The world’s greatest search engine isn’t Google. It’s GCHQ. Of course, the documents also point to various levels of oversight, none of which appear to have much of a deterrent effect. A monitoring system of some sort appears to be in place and it’s likely what flagged agents’ self-searches. But it’s unlikely to catch other inappropriate searches involving someone other than the person performing the search. These, too, are forbidden, but it’s likely these violations were part of a pattern of sustained abuse, rather than one-off searches — which would likely have slipped under the radar as being just another intelligence-related search.
What’s worse is access to these vast data stores apparently went oversight-free for several years, and it’s not entirely clear from what’s been released that comprehensive oversight is even in place at this point in time.
One 2010 policy paper from MI6 states there is “no external oversight” of it or its partners’ “bulk data operations,” though the paper adds that this was subject to review.
This may not seem completely terrible — after all, six years government time is like 30 days real time — until you realize the GCHQ has data sets dating back nearly 20 years (harvesting began in 1998) and MI5’s bulk collection is more than a decade old at this point. And it continues onward, getting more massive by the moment. The GCHQ wants to collect 50 billion records every day, utilizing people’s web browsing, phone calls, and email. While the agencies insist this is all for fighting terrorism and international crime, the cold reality is that it’s just as useful for reconciling travel expenses and making sure Mom always gets her birthday card on time.