The report entitled Enemies of the Internet is released to coincide with World Day Against Cyber-Censorship and comes on the same day that Sir Tim Berners-Lee has called for a Digital Bill of Rights to safeguard an “open, neutral” internet. It identifies specific government agencies such as GCHQ that have used the pretext of national security to move beyond their core duties and into the strategy of mass online surveillance that is prevalent today.
Today’s remarkable revelation that GCHQ has been capturing images (a “surprising” number of which were of people who may not have been fully clothed)
As the Guardian reports:
GCHQ files dating between 2008 and 2010 explicitly state that a surveillance program codenamed Optic Nerve collected still images of Yahoo webcam chats in bulk and saved them to agency databases, regardless of whether individual users were an intelligence target or not.
In one six-month period in 2008 alone, the agency collected webcam imagery – including substantial quantities of sexually explicit communications – from more than 1.8 million Yahoo user accounts globally.
Secretly intercepting and taking photographs from millions of people’s webcam chats is as creepy as it gets. We have CCTV on our streets and now we have GCHQ in our homes.
It is right that the security services can target people and tap their communications but they should not be doing it to millions of people. This is an indiscriminate and intimate intrusion on people’s privacy.
It is becoming increasingly obvious how badly the law has failed to keep pace with technology and how urgently we need a comprehensive review of surveillance law and oversight structures. As more people buy technology with built-in cameras, from Xbox Kinect to laptops and smart TVs, we need to be sure that the law does not allow for them to be routinely accessed when there is no suspicion of any wrongdoing.
Orwell’s 1984 was supposed to be a warning, not an instruction manual.
Big Brother Watch was invited to submit a paper to the Intelligence and Security Committee of Parliament, relating to it’s inquiry into the balance between security and privacy.
You can now read our submission below.
In a Democratic society, some secrecy is tolerated, as are some intrusions upon liberty and privacy, provided the legal framework is transparency, the oversight mechanisms robust and the overall sacrifices of liberty made with an appropriate level of understanding.
Recent revelations have made clear the scale of intrusion on our privacy in the name of security, enabled by an explosion in digital communications and the computing resources available to the state.
Ministers have assured the public no central database of internet communications would be created. We now know it existed already. Parliament and the public were not informed by Ministers, the Intelligence and Security Committee or the Commissioners.
Today the High Court took an important step in addressing ongoing concern about the collection of British people’s data by foreign companies.
A group of users of Apple’s Safari browser brought their action against Google after the company tracked their web use despite the ‘do not track’ feature of their browser being enabled. This was exposed by Stanford researcher Jonathan Mayer back in February 2012. As Google is based in the US, today’s hearing was to determine if it the case could be heard in the UK, or should be brought in the US, as Google argued.
That argument did not succeed. Mr Justice Tugendhat ruled that the UK courts were the “appropriate jurisdiction” to try the claims.
Today, some of the world’s biggest technology companies have spelled out the principles that they believe should underpin the balance between privacy and security online.
In full page advertisements eight firms, including Facebook, Apple, Google, Microsoft and Twitter, signed a joint letter calling for Governments to adopt the following principles to underpin a reform of surveillance legislation:
- Limiting Governments’ Authority to Collect Users’ Information:
- Oversight and Accountability
- Transparency about Government Demands
- Respecting the Free Flow of Information
- Avoiding Conflicts Among Governments
We wholeheartedly support these principles and call for the British Government to take urgent steps to adopt them.
Today, the editor of the Guardian gives evidence to the Home Affairs select committee, as part of the committee’s work on counter terrorism.
Perhaps that might give the committee to question why Parliament learned of much of GCHQ’s activity from the newspaper, rather than from Ministers. Indeed, it seems on current evidence that will remain the case – as the Lords found on the 20th November, when they were told they could not even be informed which law authorised Project Tempora.
Lord Richard: My Lords, of course the Minister cannot go into details on these very sensitive matters. We all accept that. However, for the life of me, I do not see why she cannot answer a straightforward Question about which Minister authorised the project and why the existence of the project was not disclosed to the Joint Committee on the Draft Communications Data Bill. These are not sensitive issues. They are pure matters of fact, surely capable of being answered.
Baroness Warsi: It is interesting that the noble Lord interprets it in that way but I think he would also accept that it would be inappropriate for me to comment on intelligence matters, which includes any comments on the project.
We have been repeatedly assured that it would be unacceptable for a central database of communications to be built – both by those in Government and those seeking to be.
Today the three heads of Britain’s intelligence agencies appear infront of Parliament’s Intelligence and Security Committee in a televised hearing, the first time for such a hearing to be broadcast.
Progress, yes, but let’s not get ahead of ourselves – the head of the CIA first appeared on TV speaking to congress in 1975, so it’s hardly a revolution in oversight.
Today we have published new polling by ComRes on the public’s attitude to surveillance. Overwhelmingly they want more transparency about powers are being used.
- 70% of British adults say British companies should publish reports on how often they receive requests for customer data from the police and security services.
- 66% of British adults say that the Government should publish more data about how surveillance powers are used
Last year more than 570,000 data requests were made – up 15 percent from 2011 – by the police, security services, HMRC and various public bodies, including local councils and organisations like the Charity Commission, Environment Agency and Health and Safety Executive. No breakdown of who is using the powers is made available, or what types of crime are being investigated.
Transparency is an essential part of ensuring surveillance powers are not abused and maintaining public confidence that they are being used proportionately. Much more information could be published without any risk to security.
British companies are not bound by secrecy laws from disclosing how many data requests they receive and they should follow the lead of companies like Microsoft and Google in publishing basic information about how many times they hand over customer data. We’re calling on companies like BT, Sky, Vodafone and EE to publish data about how many requests they receive from the police and security services in the same way that Google, Microsoft and Facebook do. Equally, Government can do much more.
Much more can be done to inform the debate. Already in the US much more data is published about how often surveillance powers are used and the Obama administration is moving to publish even more, including how many citizens are affected by requests and what sort of crimes are being investigated. It is possible to give the public a better understanding of how powers are being used without compromising security and it should be an urgent priority to explore what data could be made available.
Recently we wrote to the Prime Minister highlighting several pieces of information that have no security risks and should be public. They were:
- The budget of Parliament’s Intelligence and Security committee
- The number of data requests inspected by the Interception of Communications Commissioner to reach his error rate estimate
- Figures on the use of surveillance powers broken down by agency, as opposed to the single UK figure currently published, including the scale of international intelligence sharing
- The number of British citizens affected by such requests
Transparency is not a substitute for a proper legal framework and robust oversight. However, it is an important part of evaluating how the overall system is operating and at present far too much information is kept from the public on security grounds when in reality there is no security risk in publishing it. Such unnecessary secrecy only casts doubt upon what is happening.
UPDATE: BBW director, Nick Pickles, spoke to the BBC Sunday Politics (Yorkshire and Humberside) about surveillance transparency
Shortly after Lord Macdonald, the former director of public prosecutions, condemned the way the new head of MI5 had dismissed calls for greater scrutiny several senior figures involved in the scrutiny of the draft communications data bill have said that Britain’s spy agencies may be operating outside the law in the mass internet surveillance programmes uncovered by Edward Snowden.
Lord Strasburger, a Liberal Democrat member of the joint committee, has also said: “You have to wonder why, even in the secret sessions, none of the witnesses mentioned Project Tempora … It was highly relevant to our work and I believe that deliberate failure to reveal it amounts to misleading parliament.”
The chairman of the Joint Committee on the draft Communications Data Bill, Lord Blencathra, has said that he is concerned and annoyed that the committee was never told about GCHQ’s mass surveillance capabilities. He said: “The committee was not made aware at all of anything relating to Prism or Tempora, or even given any hint. We had a joint memo from MI5, MI6, GCHQ setting out why in their view the bill was essential, the usual stuff you get on terrorists, paedophiles, organised crime. But there was no hint whatsoever they were engaged in [these] programmes. I certainly feel we were given less information than the committee should have had. I am not suggesting we were deceived or misled but someone or some people were very economical with the actuality. I think we would have regarded this as highly, highly relevant. I personally am annoyed we were not given this information.”
Dear Prime Minister,
cc Deputy Prime Minister; Chair – ISC; Chair – Home Affairs committee; Chair – Joint Committee on the Draft Communications Data Bill; Chair – LIBE Committee of the European Parliament; Chair – Joint Committee on Human Rights;
Yesterday you said that you would be happy to listen to ideas to improve the oversight and operation of safeguards concerning our intelligence agencies.
This is an extremely welcome and timely intervention, and an offer that we would like to take up enthusiastically.
Below are just a few of the well-established proposals to improve the operation, scrutiny and safeguards of surveillance powers.
- Commission independent, post-legislative scrutiny of the Regulation of Investigative Powers Act 2000 and the Intelligence Services Act 1994, legislation that covers much internet surveillance but was written years before Facebook existed and when few households had internet access. If Parliament intends to allow the collection of data from every internet communication, it should expressly say so in primary legislation, covering both metadata and content
- Publish, as the US Government has done, legal opinions that are used to underpin the ongoing surveillance framework
- Allow the Intelligence and Security Committee to report to Parliament, and be chaired by an opposition MP, as called for by Lord King. It should also be able to employ technical experts to assist its work.
- Publish the budget and investigatory capacity of the ISC, Interception of Communications Commissioner and Surveillance Commissioners
- Reform the Investigatory Powers Tribunal so there is a presumption its hearings are held publicly, that it should state reasons for reaching its decisions and that its judgements can be appealed in court
- End the need for Secretaries of State to approve appearances of the heads of agencies before Parliamentary committees, and allow agency and service heads to give evidence in public where appropriate
- Establish an independent body to review the work of the agencies, as President Obama has done with the Privacy and Civil Liberties Oversight Board, and ensure it has staff with relevant technical expertise
- Lift any legal restrictions on British companies from publishing transparency reports about surveillance requests
- Publish details of the use of surveillance powers broken down by agency, as opposed to the single UK figure currently published, including the scale of international intelligence sharing
- Enhance whistleblower protection for those who wish to come forward from within the services
We would be delighted to meet with you or members of your Government to discuss these issues. At a time when the internet is an inescapable part of daily life, the modern economy and the delivery of public services, it is surely paramount that the laws that govern surveillance are fit for a digital age, and that the safeguards that operate are robust, properly resourced and can command public confidence.
Anne Jellema, Chief Executive Officer, World Wide Web Foundation
Jim Killock, Executive Director, Open Rights Group
Gus Hosein, Executive Director, Privacy International
Guy Herbert, General Secretary, No2ID
Nick Pickles, Director, Big Brother Watch
Professor Peter Sommer
Ross Anderson, Professor of Security Engineering, Cambridge
Caspar Bowden, Independent privacy researcher
Douwe Korff, Professor of International Law, London Metropolitan University
Judith Rauhofer, University of Edinburgh
Duncan Campbell, Investigative journalist and author of European Parliament report on Echelon
In a speech to the Royal United Services Institute on Tuesday, the Director General of MI5 said: “it causes enormous damage to make public the reach and limits of GCHQ techniques.Such information hands the advantage to the terrorists. It is the gift they need to evade us and strike at will.”
This is a sentiment expressed on the front page of various national newspapers. The bad guys, you may have guessed, are the Guardian and Edward Snowden.
To suggest that the Snowden disclosures allow terrorists to attack “at will” is both farfetched and disingenuous. Even in the US, nobody has sought to make such an assertion. Those newspapers who have reported this claim without critique or balance have done their readers a disservice.
Equally, and disappointingly, in his speech Andrew Parker did not mention why it was possible for a 29 year old contractor to the US Government to download thousands of documents about GCHQ’s techniques (nor have any of the media outlets reporting the speech asked such a question.)
Nor did he did not highlight that the US Government itself has sought to detail the operations, reach and capabilities of its agencies – the Director of National Intelligence has established a dedicated website for legal opinions, statements and factsheets – yes, factsheets – on what the NSA is doing.