Following the Conservative victory earlier this month, UK home secretary Theresa May has redrafted the 2012 Data Communications Bill, also known as the Snoopers’ charter, in a move that may do little to counter terrorism while undermining the personal freedoms of British citizens. If the bill is passed, it would require internet service providers and mobile phone companies to keep records on each user’s online behavior, including social media activity, email correspondence, internet gaming, voice calls, and mobile messaging services, and could lead to personal data being sold off to private companies.
In 2010, May discontinued the then controversial ID cards in a move that she felt would “reduce the control of the state over decent, law-abiding people”. Soon after, however, May proposed the Snoopers’ charter under the coalition government in 2012 to extend the powers of law enforcement agencies in what was then and continues to be a burgeoning communications sector. Following a public outcry and internal dissent from Liberal Democrats in parliament, the bill was scrapped on the basis that it intruded too aggressively into the private lives of citizens.
Following several high-profile terrorist attacks in the US and Europe, including the Boston Marathon bombings in 2013, the stabbing of the British soldier Lee Rigby in the same year, the Charlie Hebdo attacks in Paris earlier this year, and the Curtis Culwell Centre attack in the US earlier this month, the British government has come under increasing pressure to extend its surveillance powers. What’s more, the French parliament legalized a sweeping surveillance bill of its own earlier this month and the UK parliament may follow suit, particularly since it no longer faces internal objection from the Liberal Democrats.
That said, the bill faces a lot of external criticism, with many suggesting that the Snoopers’ charter will do little to deflect terrorist attacks. Critics argue that mass surveillance is ineffectual when compared with traditional intelligence tactics, which includes targeted surveillance and investigative work that relies on informants and tips from local communities. Despite the proven success of targeted intelligence operations in cases such as 9/11 and others, the UK coalition cut 17,000 front-line police officers since 2010, with more cuts proposed under the Conservatives, who are now proposing a sweeping intelligence program that has few proven results.
Civil rights groups and skeptics have suggested that the proposed legislation belies threats to national security, while others equate the Snoopers’ charter with the privatization of a public domain. These concerns are not without reason, however. In April 2014, the European Court of Justice found that mandatory data retention contradicts European Community law, which binds all European member states through common human rights and obligations. Furthermore, mass surveillance as a means of gathering intelligence has come under increasing pressure more recently in light of a New York court finding the NSA’s surveillance program, which retained phone call data in bulk, to be illegal.
As it stands, there is little proof that mass retention of data is an effective strategy against terrorism. In his book Data and Goliath, which was published in March this year, Bruce Schneier argues that mass surveillance programs are ineffectual unless there is a high frequency of events, distinct target profiles, and only when the cost of false positives is low, as with credit card fraud for example. According to Schneier, NSA’s intelligence program has led to only one conviction, a taxi driver who sent $8,500 to a Somali group “that posed no threat to the US”.
Schneier argues that nationwide data retention does little against the perceived terrorist threats faced by the UK and others. While we cannot doubt the abhorrence of those threats that have materialized, they are too infrequent for accurate profiles to be built up in the way that they are when targeting fraud. He suggests that by hoarding the electronic data of all of its citizens, governments set about doggedly for a needle in a haystack. As Schneier says, “When you’re watching everything, you’re seeing nothing.”
Furthermore, public concern about data surveillance and online privacy in the UK and elsewhere has been strong. In 2014, a CIGI-Ipsos survey conducted in 24 countries (including the UK, the US, and France), asked 23,376 online users how they felt about online privacy. 64% said they were more concerned about online privacy than they were a year ago. More telling is the fact that 57% said, if given the choice about the sources of governance for the world-wide internet, they would prefer multiple stakeholders rather than a single agency, including “technology companies, engineers, non-governmental organizations and institutions,” since they felt this would “represent the interests and will of ordinary citizens, and governments”.
In the UK, 74% of those surveyed said they were concerned about their online activity being monitored by private companies and then sold off for commercial purposes, while 58% said they were worried about government agencies monitoring their online activity in secret. According to the latest proposals, the bill must involve the cooperation of private companies to function, many of which provide the services they offer by selling user data to advertisers. Many are concerned that sweeping surveillance legislation would mean an unregulated exchange between the government and private companies.
Ultimately, mass data surveillance by the UK government risks impinging rather than defending the liberties of its citizens. If the British public are to retain their right to privacy, while supporting a smarter approach to intelligence gathering, they must ask themselves whether or not they trust their government, and if the answer is no, they must make their voices heard.