Advertisement

Empathising with the shadowy other...

Ted Cullen
Updated ·12 min read
0

Part Two in a series looking at how to solve the problem of invasive government surveillance. Click here to read the other parts of this post on Engadget: Part One, Part Three or Part Four

Something we mustn't lose sight of in any debate however, but particularly one in which secrecy is of utmost importance to one side, is that humans operate on both sides of this divide. The State is not imposing these regimes purely out of its own will. There are people at the helms, and whether Appelbaum and Geer and Poitras and Snowden and Assange like it or not, the previously shadowy figures will have to be involved in any conversation and crafting of policy and further legislation regarding the matter, not least because they are the only ones who actually know what we're up against when it comes to other States capabilities vs our own.Maintaining the ability to empathise with those we in the dragnet of surveillance view as the "other" will be imperative to avoiding either a stalemate in discussion or a continuation of the status quo once the media becomes bored of the story and pressure on our politicians is eased.


As investment in our network's security became necessary for security, the rise in governmental or contractor salaries in entities such as BAE andGCHQ has eclipsed those of non-for-profits and traditional academic posts such as the Tor Project and the IETF. Therefore, the sensible place for the brightest minds over the past ten years or so has been behind a government desk, completing everything the hierarchy asked of you, regardless of morals, under the guise of security and secrecy; and even if the brightest minds were to question the direction surveillance was headed in, the veiled threat of becoming 'Cast Iron' yourself and exiled to Russia would hardly have encouraged dissent. Well, except for one, obviously.

No nations security services, nor those in charge of them aspire to watch the next 9/11 come under their time at the helm. For them, I can assume it would be easy to develop a rationale which reasoned that such an event was to be avoided by any and all means available to them. And whilst we may think we feel close to the very atrocities we entrust our security services with protecting us from, via 24 hours news, live streams and constant reporting viewed from this side of the fence; the nature of their job states that we do not see everything. The close calls, the genuine threats that never come to pass or even the deaths of colleagues in providing this security anywhere near as close up and personal as these people do. Applebaum likens it to a Lord of the Rings metaphor:

"They want to wield the ring because they believe they'll be benevolent but I want to melt it down because I don't believe there is such a thing as human benevolence when you have such a ring."

The argument that all of this is necessary if it only helps stop one terror plot does have merit though, whatever you believe. In essence, what has occurred isn't the endgame of some subset of powerful State-wielding puppetry, but a natural progression of rational human reasoning in the face of unseen threats, coupled with an unregulated and in-securable technological advance in developed societies. When Vint Cerf, heralded "father of the internet" and one of the inventors of TCP/IP, (the protocol which basically makes the internet work) was asked if he wished they'd changed anything, he stated two things: Firstly, that they'd used IPv6 from the get go, but also that they'd implemented encryption across the protocols. Had they done so, the landscape we find ourselves in today may be very different. (In this Hangout, he also interestingly states that the levels of encryption they'd have liked to implement remained classified at the time and that overcoming problems outside of the network is paramount to overcoming them within it, calling the Internet "a mirror" for inherent human problems.)

%VIRTUAL-YouTubeEmbed-17GtmwyvmWE%

Understanding the viewpoint of those behind the surveillance will be critical to overcoming the issue and persuading them that they have overstepped, acted outside of the public interest and achieved what could most probably have been achieved by means which didn't violate the privacy of millions, both inside and outside your sovereign borders.

"right now, there is a huge cold war happening on the internet"

In light of what we now know however, it appears that the NSA and GCHQ have vindicated Gandalf's position on the fallacy of benevolence and found themselves slapped with The White Hand of Saruman. There is definitively, corruptible power in highly advanced, unregulated and secretive warrantless dragnet surveillance. And it is highly advanced. It's a hell of a technological achievement that only a few nations on the earth can really ever aspire to achieve, and with the US and China exchanging cyber-attacks like Pokemon cards whilst involving themselves in a race to wire the Global South through both wired and wireless infrastructure, it would not be too outlandish to echo the thoughts of Costin Raiu, director of global research and analysis atKaspersky Lab, when he says that "right now, there is a huge cold war happening on the internet." Whilst ostensibly under the guise of promoting and extending internet access to the poorest countries, the notion that those who install the architecture will inevitably have an edge, if not a pre-installed back-door into that network will not have been an added bonus floating at the back of the mind, but rather an important swing vote in the decision making process.

Having noted all of this, it's still difficult to truly comprehend the power such a network would grant a nation over others, but some insight can be gleaned as to how powerful such an invasive surveillance machine can be from Quinn Norton's latest post, in which she states:

"I could build a dossier on you. You would have a unique identifier, linked to demographically interesting facts about you that I could pull up individually or en masse. Even when you changed your ID or your name, I would still have you, based on traces and behaviors that remained the same — the same computer, the same face, the same writing style, something would give it away and I could relink you. Anonymous data is shockingly easy to de-anonymize. I would still be building a map of you. Correlating with other databases, credit card information... public records, voter information, a thousand little databases you never knew you were in, I could create a picture of your life so complete I would know you better than your family does, or perhaps even than you know yourself. I could accurately diagnose you with mental illnesses, for instance — behaviors that correlate to bipolar, depression, addiction, and so on. I could understand you like no lover ever did, and you would never know I was there. While I could pull you individually out of that database, the real magic is that I would never have to. I could let algorithms understand you, process you, follow you, and never have to know any of you myself. You would be tracked and described by a thousand little bots you could never see." [emphasis added]

What I've neglected to mention however, is that Norton here is discussing her capacity with a medium sized advertising agency using freely available tracking techniques employed by most high traffic websites around ten years ago.

"What I'd do next is: create a world for you to inhabit that doesn't reflect your taste, but over time, creates it. I could slowly massage the ad messages you see, and in many cases, even the content, and predictably and reliably remake your worldview. I could nudge you, by the thousands or the millions, into being just a little bit different, again and again and again. I could automate testing systems of taste making against each other, A/B test tastemaking over time, and iterate, building an ever-more perfect machine of opinion shaping."

Now imagine what a) these websites can track now and b) what a State with virtually unlimited resources could achieve today given blanket powers.

The Intercept has only recently exposed some of these abilities:

"it's a lot more powerful than previously thought... it's fed a constant flow of data from all over the world straight from fiber optic cables, can store content from three to five days and metadata for even longer (up to around 45 days)... the tool helped the agency look up other private info beyond emails and chats, including "pictures, documents, voice calls, webcam photos, web searches, advertising analytics traffic, social media traffic, botnet traffic, logged keystrokes, computer network exploitation (CNE) targeting, username and password pairs, file uploads to online services, Skype sessions and more." The NSA even tracked phone connections to Google Play and Samsung's App Store."

And the best thing, anyone who can use Google can use it!

"it's also incredibly easy to use. Toucan Systems CEO and security researcher Jonathan Brossard told The Intercept that hacking remote computers using the tool takes just a few "minutes, if not seconds." Plus, doing so is as simple as typing words into Google search — it's so easy that the agency can train personnel on how to use the tool effectively within a single day."

In effect, the problem of surveillance we are seeing today has only become so nuanced because of the sheer technological capacity and overprotective moral reasoning and disregard of select nations' security services, of which the UK has been heavily complicit, and a colossal misinterpretation and personal oversight of our own position on privacy today. What is clear though, is that if we continue down this path without affecting real and effective change; whatever hope nations without such technological capacity may have previously had for their citizen's privacy, is literally negligible.

Going forward then, the possibility of continuing with any sort of dragnet surveillance seems implausible, and literally incompatible with the notion of particularised suspicion. Jacob Applebaum has tackled this from a humanistic and purely technological perspective, the need to regain our privacy and integrity on the network through the safety of secure communications. This is no doubt important, but in doing so, it does rather sideline State-actors in the debate and in providing the nation's security; and the State is important in both of these, along with the delicate state of anarchy in which it, and the rest of the international community operates too. Secondly, it depends on a public, extremely well educated in best internet practices, online communication and cryptography. And thirdly, it relies on that public to govern itself, set its own boundaries for privacy and not use that knowledge to criminal ends.

There is middle ground however, most notably heralded by the UK's independent reviewer of terrorism legislature, David Anderson QC in his recent and extremely thorough Report of the Investigatory Powers Review: "A Question of Trust". In an interview on BBC Radio 4's "Law in Action" he's stated that on the issue of surveillance "there is substantial common ground that most people of good sense could probably congregate on."

And he's right. Firstly, that the majority of this debate is "A Question of Trust" and secondly, that there is common ground, but not without a clean slate; calling our current system "fragmented, obscure, under constant challenge... undemocratic, unnecessary [and] variable in the protections that it affords the innocent", calling for "comprehensive and comprehensible new law... drafted from scratch, replacing the multitude of current powers and providing for clear limits and safeguards on any intrusive power that it may be necessary for public authorities to use."

%VIRTUAL-YouTubeEmbed-r9rGX91rq5I%

At first glance, it does seem to echo what most privacy groups have been calling for since the first Snowden leaks, but it also emphasises a strong need to regain trust in the establishment, with whatever these new laws are to be, requiring popular consent. Something arguably even more necessary now, especially considering the latest UK election's outcome having produced the least representative parliament we have ever had. Anderson's report is fantastic, and unlike every other reporter and journalist out there, I will not purport to have read the entire 382 pages, but what I have read, is extremely level headed and sensible, something I'm sure will do no harm to his argument for level headed and sensible judicial oversight. However, I am certain that whatever debate we are to have in light of this, and many other points of view in the run up to whatever piece of legislation does hit the floor of the Commons, we cannot discount our continuing need to educate, if not to Appelbaum's "Digital Proletariat" levels, then at least to a level where there is consensus on what we view as privacy, private space and 'secure' communication.

For too long we have assumed that the 'generational gap' in technology would be bridged by the time millennials reached their 30's, but the longer I sit on the sidelines of this debate, the more I grow to understand that the people who really understand are either actively involved in the struggles, or are those who grew up beside the internet, rather than those who grew up not knowing a world without it. "Terms and conditions" are for one generation a binding agreement and for another, just another hurdle in their race to acquire yet another free service. (Don't worry, I'm guilty too.)

Click here for Part Three: 'The Gamble on Privacy, Transparency and Trust'