Our panellists, Malcolm Rifkind (yes, left) and Jemima Kiss (right, no). © Julian Simmonds/rex

Duel: Should spies be permitted to monitor online messaging?

Our panellists battle it out
July 15, 2015

yesduel



Malcolm Rifkind

The debate involving the so-called “Snooper’s Charter” and its impact on the “war on terror” is fraught with misconceptions.

The draft bill would require internet service providers to keep information on their customers, and make that available to surveillance agencies when needed. Civil libertarians wail about the imminent destruction of privacy on the internet and the early arrival of an Orwellian state; intelligence agency enthusiasts issue dire warnings that the terrorists are winning and that we are less and less safe.

The real debate is a much narrower one. There is no serious dispute that the emails and messages of known terrorists should be open to interception. There is a broad awareness that terrorist use of the internet is sophisticated and is what enables global terrorist organisations to communicate with their members and groom potential supporters. So the grown-up issue is whether the power to intercept should go further than the internet activity of already known terrorists and serious criminals

It is not difficult to demonstrate why it must. When a sole terrorist carried out a massacre on a tourist beach in Tunisia the first priority was to establish whether he was acting alone or had associates. Was it possible that a second attack was imminent somewhere else in Tunisia? How had he got hold of his arsenal of weapons, which included a Kalashnikov? Had he been trained and if so where? We now know that he was linked to a terrorist cell in Libya.

It should go without saying that if interception is limited to known terrorists the police and the security forces will, as in Tunisia, be able to answer these questions only after the atrocity has been committed and many innocent people have already died.

The alternative is not indiscriminate surveillance of the general public. The intelligence agencies do not want indiscriminate powers to monitor everyone. What they need is the legal power, and the consent of either a judge or a Secretary of State, for bulk interception of categories of internet traffic with their computers programmed to identify certain selectors which would indicate a possible connection of particular individuals with serious crime or terrorism.

Without such powers the best we can hope for is to find the culprits after they have killed and maimed. That is not good enough, especially in a free and democratic society.

noduel



Jemima Kiss

I am pro-intelligence. I want our government to be empowered to protect us. But I want surveillance to be targeted, effective and legal, and to inspire the confidence of citizens by having robust oversight.

Labelling anyone with an interest in privacy as a “civil libertarian” is a deliberate attempt to marginalise what is not a radical fringe but a valid undercurrent of concern for most people in this country. To ask us to choose between privacy or security is a false dichotomy. The history of counterterror laws is littered with poor legislation pushed through in haste, not properly discussed or understood by parliament, let alone by the citizens for whom it operates. Privacy and autonomy from state control is a prerequisite for a civilised and democratic country.

You state that there will be no “indiscriminate surveillance of the general public” and in the next breath advocate “bulk interception of categories of internet traffic.” Where exactly is the line between the two? And where is the evidence that bulk collection works? There is more evidence about the efficacy of targeted surveillance with suspicion, combined with on-the-ground intelligence. Yet the government scrapped 17,000 frontline police jobs in the last parliament and is set to do this same this term. With, we keep hearing, a greater national security threat than ever, how does that make sense? Technology is never a replacement for human skill and judgement, only a supplement for it.

The bottom line is about trust between the citizenry and its government. Edward Snowden’s revelations show that the security services on both sides of the Atlantic were acting unchecked by any true oversight—and so trust is fundamentally damaged at a time when citizens need to have confidence in our national security. Yet when the government fails effectively to tackle the roots of terrorism—a patchwork of wars and military intervention contributing to instability rather than resolving it—that trust seems further away than ever.

yesduel



Jemima, there are real differences between us but you seem anxious to make them seem greater than they really are. I did not, as you suggest, label anyone with an interest in privacy as a civil libertarian, in an “attempt to marginalise them.” All normal people have a serious interest in privacy and I include myself in that.

What I did say was that the grown-up issue is whether the power of intelligence agencies to intercept emails and the like, should go further than the internet activity of already known terrorists.

You ask “where exactly is the line” between indiscriminate surveillance, which I, like you, reject, and “bulk interception of categories of internet traffic,” which I support. There is a line and it is enforced by law and monitored by the intelligence commissioners who come from a judicial, not a political, background.

Only a tiny fraction of international internet traffic is subject to any kind of bulk interception. That which is has been chosen because it is more likely to reveal possible terrorist or serious criminal activity. But the process is more targeted than that might suggest. The computers are programmed to look for evidence of possible connections between particular individuals and support for terrorism.

You ask what is the evidence that bulk collection actually works? It is a good question and it has been, recently, answered by David Anderson, the government’s most senior terrorism advisor. In his report, which was welcomed by Shami Chakrabarti of the civil rights group Liberty, as well as by others, Anderson states that he is satisfied that the targeted bulk interception that is used is a valuable and necessary tool for the detection of terrorists and the prevention of terrorist atrocities.

Your admiration of Snowden is revealing. He chose to make his accusations against the west and in defence of privacy in China and then sought asylum in Russia. It says it all.

noduel



Without Snowden’s revelations the public would still be ignorant of the extent of activity by the security services that should have been highlighted by our oversight mechanisms.

I’m pleased you brought up David Anderson—he highlighted scepticism about using claims of unprecedented security threats to curb well-established civil liberties. He also described the current patchwork of surveillance legislation as “incomprehensible to all but a tiny band of initiates,” to the extent that it is undemocratic. He said that these laws need rigorous assessment of effectiveness, cost, legality and intrusiveness before being extended further. And he agreed that there should, of course, be judicial authorisations given to warrants based on a specific cause—not a task for a Secretary of State.

You assert that only a tiny fraction of internet traffic is subject to bulk interception—because a minority of traffic is generated by communication, compared to, say, video. So which categories of internet traffic are worthy of bulk collection? Anything passing through Facebook? That was the clear implication of the Intelligence and Security Committee’s report into Lee Rigby’s death.

Which topics, religions, demographic profiles? Which communities? And how can any of us communicate and express ourselves freely if we fall into any of those categories?

yesduel

You are quite right in saying that without Snowden’s revelations the public would be unaware of some of the technical capabilities used by our intelligence agencies as they try to prevent terrorist attacks in Britain. The point that you blissfully ignore is that without these revelations the terrorists would be unaware of them as well. Since Snowden, terrorists have either avoided using their mobile phones and laptops or resorted to more sophisticated levels of encryption.

Everyone has heard of Bletchley Park. Its success in helping to defeat Adolf Hitler was not just in breaking the German code, Enigma; it was that nobody was foolish enough to make a public announcement that they had. Otherwise, the Germans would immediately, have changed the code and much Allied shipping would have been sunk.

David Anderson’s call for a new single Act of Parliament to cover all the intelligence agencies power was actually supporting an identical recommendation made by the Intelligence and Security Committee, which I chaired, a few months earlier.

Nobody has suggested bulk interception of Facebook. What the commitee recommended was that when Facebook closes a user’s account because it has discovered serious impropriety, it should inform the authorities if terrorism might be involved.

I hope these exchanges have cheered you up. Your fellow citizens in the intelligence agencies share many of your values, including a love of liberty and the rule of law.

noduel



I’m feeling very cheery, thank you. This year is the 250th anniversary of the seminal ruling of Entick vs Carrington, in which the court ruled that, despite suspicion that Entick had published seditious papers against the government, there was no British law that could justify the security services invading his house and searching his private papers. “If there was such a law it would destroy all the comforts of society,” said the Chief Justice, “for papers are often the dearest property a man can have.”

The new single Act of Parliament that you endorse would be just such a law, and for the first time. We should not expect the impossible of our government or our security services—that they can protect us from every threat. Monitoring our personal communications is not a panacea. Senior intelligence and security figures concluded at a conference in May that more transparency would improve credibility.

Just because we have the technology to surveil private communications, does that mean we should? When we have the technology to read people’s thoughts, should we monitor those too? I ask in all seriousness, because this will be the next ethical surveillance question. If only there were a more constructive public debate about the balance between the two, acknowledging that we need laws that reflect the values of the society we want to live in.