Secret info WILL be abused

infosecBy Bernard Keane of Crikey

If the internet initially reduced the traditional advantages governments have had in controlling information, governments have dug deep to try to restore that advantage, given the value of information.

A significant advantage of the new information economy for governments, as for corporations, is that it can provide far more information about citizens than was ever available in analog form.Traditionally, Western societies have accepted a balance between security and civil rights. It was widely understood that security, whether national or economic or physical, could always be enhanced if citizens’ rights were eroded in favour of more state intrusion, but Western societies, to a greater or lesser degree, saw this as a poor trade-off in net terms.

However, the shift of a substantial part of most citizens’ lives online, and the excuse afforded by a confected “War on Terror”, has seen the abandonment of that consensus by government in favour of justifying ever greater state intrusion, fewer civil rights and mass surveillance that can deliver far more information about a citizen than before the 1990s.

But the compilation of personal information by the petabyte creates a problem for governments in that such a valuable resource proves impossible not to exploit. And when it is compiled in total secrecy, it is axiomatic that it will be exploited.

Assembling a vast horde of information on citizens, as US agencies have done, with minimal oversight due to the intense secrecy surrounding it, is the equivalent of building up a vast pile of cash without any oversight as to how agencies and individuals use it, indeed without the public or lawmakers knowing that resource even exists, making its use impossible to oversee.

Such a resource will be used, no matter what the circumstances. Governments are no more in the secret-keeping business than they are in the cash-hoarding business.

Spying on journalists, for example

That’s why, in the same way that executive governments inevitably seek to use funding for purposes beyond those for which it has been appropriated by Parliaments, the use of surveillance data and surveillance powers inevitably moves far beyond national security and terrorism. That’s even the case when the definition of terrorism is expanded constantly, as it has been in the US, where protests by pacifists and people complaining about water quality have been labelled “terrorism“. The Department of Homeland Security’s intelligence “fusion centres” have also targeted “Ron Paul supporters, Occupy protesters, the ACLU, activists on both sides of the abortion debate, war protesters, and advocates of gun rights”.

The Obama administration has already begun using secret surveillance powers to spy on journalists (the Polish government has used the EU’s data retention laws to do the same). The Bush administration also spied on media outlets using NSA surveillance. Even if governments can argue that hunting down whistleblowers and spying on journalists somehow relates to national security, there’s also economic espionage: as Edward Snowden revealed, British intelligence agencies spied on the internet traffic of delegates attending the 2009 G20 summit as the world struggled with the financial crisis.

Even without the temptation to spy on government critics and economic competitors, surveillance and intelligence information proves irresistible for organisations with access to it. The FBI illegally used secret surveillance powers over 1000 times, according to a Department of Justice audit – which found the same thing was still happening a year later.

In the UK, it was revealed last year that local councils were massive users of surveillance under British laws, with citizens’ phones tapped and their internet data collected to enforce laws such as rubbish dumping.

All that is before you get to individual abuse of surveillance data. This is a huge risk when, in the US alone, there are nearly 1300 government organisations dealing with intelligence, counter-terrorism and homeland security, over 1900 private firms and an estimated 850,000 people with a top-secret security clearance, before you get to police and prosecutors.

Monitoring intimate phone calls for titillation

NSA employees famously listened in to intimate phone calls between US service personnel and their partners purely for titillation. Police and prosecutors around the world use intelligence and surveillance data for personal purposes, including stalking women, planning murders and attacking political opponents (there’s a top 10 list of police abuse of confidential information here); Victorian police were found to have misused intelligence data hundreds of times, like their British counterparts.

These individual abuses of private information can be dismissed as “bad apples”, but they occur even in law enforcement agencies which are subject to some degree of public accountability. With no public accountability of any kind for mass surveillance, opportunities for systemic and individual abuses of data are significantly greater, and only likely to be revealed — as was the case about NSA officials listening in to couples’ intimate conversations — by whistleblowers who risk being prosecuted or pursued across the globe.

Some lessons flow from all this if governments insist on establishing full-fledged surveillance states:

  • Like financial and other resources within bureaucracies of any kind, access to and control of information is more likely to be abused both systemically and individually the more widespread access to it is, the more secret it is and the more valuable it is;
  • Like financial appropriations, governments will always seek to use information for purposes other than those authorised by legislatures, via mission creep and legal fictions;
  • Abuse of access to information is unlikely to reduce until governments treat it as the equivalent of fraud, requiring public accountability, criminal prosecution at individual level, dismissal of management who fail to stop it and a culture that regards unauthorised information access as criminal; and•
  • There are no existing frameworks that provide such cultural and regulatory imperatives; instead, information is treated as a special kind of asset, the misuse of which is more trivial than theft or fraud.

To insist otherwise is the equivalent of insisting there is no need for strict accountability and control procedures for accessing valuable resources like money within governments.

And until governments accept these lessons, mass surveillance will inevitably be used for political, criminal, trivial and personal advantage purposes.

This article appeared first on Crikey the online newsletter: http://www.crikey.com.au/?p=386989  It appears here by courtesy of Crikey and author Bernard Keane.

Print Friendly, PDF & Email

One Comment

Leave a Reply

We are glad you have chosen to leave a comment on this article. Please keep in mind that comments are moderated according to our terms of use policy.