UK Government Admits Spying On Innocent Citizens, Reveals Flawed Assumption Underlying 'Collect It All' Surveillance
from the illegal,-unnecessary,-inefficient-and-counterproductive dept
Back in May, Techdirt reported on a bold attempt by a group of privacy rights groups to take legal action against the UK government in the wake of Edward Snowden's revelations about GCHQ's massive surveillance of the Internet. The move has already produced an important admission from the authorities, reported here by The Telegraph:
Britain's spy agencies do gather the communications of innocent people in order to target genuine suspects, Government lawyers have admitted but insisted it was lawful and appropriate.
Surprisingly, the UK government's lawyers also claimed that it was "common ground" that such an approach was necessary:
In a written submission to the tribunal, James Eadie QC, for the Government, said it was "common ground" that the only way to intercept communications of a suspect was to "intercept a substantially greater volume of communications and then apply a selection stage to identify the communications in question".
This statement is extremely important, because it lays bare the fallacy at the heart of the "collect it all" approach of surveillance practised by GCHQ and the NSA. It conveniently ignores the fact that until recently this was not how the intelligences services worked, for the simple reason that it was impossible to gather communications on such a vast scale (for example, opening all letters, or tapping all phones), or to search through them. Instead, painstaking work applying traditional spycraft techniques -- HUMINT (human intelligence), SIGINT (signals intelligence), OSINT (open source intelligence) and GEOINT (geospatial intelligence) -- was used to narrow down interest to a small and manageable group of suspects, before then proceeding to intensive surveillance of just that group.
"In other words, it is common ground that the only practical way to find and reconstruct most external communication 'needles' is to look through the communications' 'haystack' ".
But he added: "Unless the claimants wish to submit that the intelligence services should not be able to obtain the external communications that are needed for the purposes of national security, they must accept some form of interception regime that permits substantially more communications to be intercepted that are actually being sought."
Today, as admitted by the UK government in its submission, it has reversed this approach. It gathers huge quantities of data about large numbers of people, mostly irrelevant and quite innocent, and then tries to find persons of interest -- the "needles" as the usual metaphor puts it -- amongst that "haystack". This is largely a matter of convenience and technical capabilities: it is now relatively easy to "collect it all", and then sift through it, and so has become the norm.
But there is no reason why it has to be done this way, or indeed why it should, given the collateral damage to privacy it entails. Moreover, the constant complaint that intelligence services are "losing capabilities" because the volume of communications traffic continues to grow, is purely because those services try to gather so much indiscriminately. If they applied the older method of narrowing down the field before gathering communications data, they would not be swamped, and would not be "losing capabilities."
This latest admission by the UK authorities, and the attempt to claim its view as "common ground", when it is anything but, exposes the underlying weakness of its intelligence-gathering approach. Privacy rights groups can now focus on dismantling this lazy assumption and on showing why mass surveillance of so many innocent citizens is not just illegal and unnecessary but also highly inefficient and counterproductive.