In this week’s Guardian, Eben Moglen, founder, director-counsel and chairman of Software Freedom Law Centre, wrote about something he called the “anti-privacy bandwagon”, i.e. the “the bandwagon created by the GCHQ boss, Robert Hannigan,” which demands “that the internet companies abandon their stance on privacy.”
Reminder: last week, Robert Hannigan wrote an op-ed for the Financial Times in which he argued, among other things, that there needs to be stronger co-operation between technology companies and “democratic governments” (read: intelligence agencies). I took issue with this in my last post.
Naturally, the UK government threw its weight behind Hannigan’s comments. Home Secretary Theresa May is firmly on board the bandwagon (as improving mobile phone coverage “could aid terrorists”). So is former Home Secretary David Blunkett who, in his own op-ed for the Telegraph, argues that we should not “regard an intervention from the head of GCHQ as some kind of threat”.
Oh to be allowed to live in such times! Where “the name [sic] of those leading our intelligence and security services” are no longer unknown to us! Times in which the head of GCHQ stoops to feign interest in having a debate with us!
Seriously. It isn’t just Moglen who takes issue with Blunkett’s piece – or Hannigan’s for that matter – and rightly so.
Blunkett seems to be getting a few things very wrong. Or perhaps he has misunderstood both Robert Hannigan’s intentions, and the intentions of those who didn’t respond favourably to what Hannigan wrote in the FT. Blunkett definitely seems to have some ideas about the world and, importantly, the internet, encryption, and the law that are deeply concerning.
As is the very structure of his article, which opens by invoking Remembrance Sunday, “the Nazis”, and “the dedicated men and women of Bletchley Park”. Now, that’s a veritable triple-whammy, isn’t it? Take something most people in Britain feel very strongly about, add to that the epitome of everything that was once wrong and evil in the world, and then throw in those who fought that evil by “deciphering and disrupting…signals”. What is more, do it in a week in which the UK sees the release of a much-anticipated film about Enigma-code breaker Alan Turing played by one of the UK’s hottest and most obsessed-over actors. You’d be hard put finding an opener with stronger or more emotionally charged connotations for a larger number of people.
Following this example of poetic virtuosity, Blunkett goes on to express his surprise at the reactions to Hannigan’s “intervention”, taking a stab at Martha Lane Fox who called Hannigan’s comments “reactionary and slightly inflammatory”.
Granted, there is an error in Baroness Lane Fox’s criticism of Hannigan: there is nothing slight about the inflammatory nature of Hannigan’s comments. Someone who accuses technology companies trying to secure their customers’ privacy of becoming the “command-and-control network of choice” for terrorists is not being slight about anything.
Mr Blunkett is pretty quick to add to Hannigan’s narrative:
Baroness Lane Fox and others in her industry should wake up to reality: now is not the time for lofty disengagement or disinterest. Tech companies who provide encrypted – and therefore secret – communications online are, albeit unwittingly, helping terrorists to co-ordinate genocide and foster fear and instability around the world.
Wow, look at the buzz-words: terrorists, genocide, fear – how inflammatory can it get? But well, Blunkett is right about one thing: now isn’t the time for disengagement and disinterest. Assuming that by this, Blunkett means the kind of “lofty” disengagement and disinterest we have so far seen from the UK government and the intelligence agencies. Considering that this is an article in defence of Hannigan’s intervention as “progress”, I am guessing that that’s what Blunkett means. In which case yes, a debate with the GCHQ or anyone else in government about surveillance and privacy would be welcome. However, as I argued last week, an open and informed debate is probably not what Hannigan is really after. It is questionable whether Blunkett is, because by suggesting that “If [Hannigan] is worried, we should be too,” he essentially tells us not to question Hannigan’s opinions but to take his words about the threat of encryption as a tool for terrorists at face-value (and then give up our privacy to mitigate that threat).
Sorry, Mr Blunkett, but that’s not advocating debate. That’s patting us on the head and telling us that the GCHQ know what they are doing and that we would do well to trust them, lest we want the terrorists to come and get us.
Intentionally or not, Blunkett repeatedly falls into the same trap as Hannigan: Firstly, he is suggesting that Baroness Lane Fox and her business have not already woken up to reality. That’s just nonsense. No one is “in denial” about the threat of terrorism or the necessity for a debate about issues relating to the terrorism-security-privacy love triangle. It isn’t privacy advocates or tech companies that have been avoiding the relevant debates for the past 1.5 years and it is the rhetoric of Hannigan’s intervention that Lane Fox takes issue with, not the idea of engagement and interest as such.
Secondly, to suggest, as Blunkett does that tech companies who provide encrypted (i.e. secure) communications online are helping terrorists, is deceitful, as it fails to mention – yet again! – that the same encryption also secures the communications of the vast majority of users who aren’t terrorists and who have never been accused of any wrongdoing.
To use the same inflammatory rhetoric as Hannigan to defend him is, frankly, a bit daft. More than that, it beckons the question if Mr Blunkett has actually “reflected” (as he calls it) on Hannigan’s intervention at all or whether he was perhaps a little bit too blinded by the brilliance emanating from the memory of the Bletchley Park code breakers (no disrespect to them).
Blunkett admits that “we must be wary of knee-jerk responses to new terror threats” but he then immediately follows this up with the knee-jerk comment that “we should not shy away from the fact that terrorists are using mainstream websites, social media and mobile apps to disseminate highly dangerous information and propaganda.”
This may be so. However, again, millions of other users (which Blunkett doesn’t mention) are using websites, social media and apps. And again: the majority of these users aren’t terrorists (or, in fact, paedophiles) and have never – all together now! – been accused of any wrongdoing. This majority of perfectly ordinary users is allowed to “remain anonymous” “thanks to freely available technology” just as much as the minority who uses social media etc. for evil gain. To fail to mention that fact is to avoid a key element of any sensible debate on privacy versus security.
Which is also why it deeply disingenuous, and frankly a bit ridiculous, of Blunkett to suggest that tech companies “cannot be allowed to get away with the absurd idea that they hold no responsibility for what is transmitted on the platforms they provide”, while also appealing to their “moral responsibility”.
Firstly, tech companies are, in the wake of the Snowden revelations, beginning to take more responsibility for securing the communications of their average user and sticking to the reassurances they give those users in their T&C. I am not saying that they are doing this out of the goodness of their hearts – obviously, it is in their business interest to do so – but still.
Secondly, the argument that companies should be bound by their “moral responsibility” because they are “transnational and are therefore not subject to the laws or requirements of any individual country” cuts both ways: Blunkett would do well not to omit the fact that the same moral, and legal, responsibility for the privacy of citizens lies with governments and intelligence agencies as well. Blunkett seems to take it for granted that governments and agencies act within the boundaries of that responsibility. As far as he knows, there are “sufficient checks and balances to provide reassurance” that the agencies do not shun their moral responsibility or, in fact, their legal obligations. This may or may not have been the case “at the time” when Blunkett was Home Secretary but it does not seem to be the case now.
Blunkett misunderstands people’s motivations when he suggests that critics of Hannigan’s intervention view it as some sort of threat. What is problematic and potentially dangerous about it is not only the disingenuous and inflammatory nature of his argument, but also that Hannigan professes to be willing to engage in a debate he is not in fact all that willing to have – at least not unless it is held on his terms. These terms being the acknowledgement that there needs to be a “new deal” between the agencies and technology firms.
Blunkett, too, seeks to “strengthen the links between technology companies and intelligence and law-enforcement agencies,” suggesting that what’s needed to deal with “the radicalisation of young people” is to “understand, occupy and, where necessary, take action wherever they are receiving and communicating information, ideas and, yes, hate” (emphasis added).
Advocates of privacy aren’t saying that we should not do that. They are not saying that targeted surveillance isn’t justified and necessary in certain cases. What they are saying, however, is that the attempt at criminalizing protection efforts (which Hannigan falls just short of doing because, actually, these companies “are unquestionably doing everything the law requires of them” and he must know that) is in itself dangerous.
In fact, that small term occupy that I have highlighted in the quote above, easy to miss as it is, once more hints at one of the true motivations behind Hannigan’s inflammatory rhetoric, Blunkett’s nostalgia, and their shared call for “extra-legal assistance from law-abiding businesses to invade customers’ privacy”: this is about control.
Occupation of certain territories – online or off – on the basis that we as enlightened societies need to save those already using these spaces from the errors of their devious ways is an imperialist notion perfectly in line with the agencies’ desire to control, to map, to “own” the internet.
Make no mistake: by attempting to exert greater control over the internet, governments and intelligence agencies are not just making a stab at controlling the threat of terrorism – and even that with questionable effectiveness – but also every other citizen, dissident or activist using the internet for perfectly legitimate purposes. To remind ourselves of the dangers of this kind of control, we only need to look at what is happening in states where censorship of the internet is still regarded as a viable tool of government control.
By suggesting that tech companies pretend “that they are citizens of a parallel universe” unaware that “[t]hey exist in and depend on the world around them just as much as everyone else”, Blunkett, like Hannigan before him, calls into question the legitimacy of their (genuine or not) concern about their users’ privacy and, by extension, our own (very genuine and legitimate) concern for our privacy as users. Asking for encryption or stronger privacy protection apparently removes us from the Universe According to Blunkett and Hannigan, because in their view we believe that we can just ignore the world around us, i.e. that “dark and ungoverned space” full of terrorists that is the internet, in which we would do well not to ask for the same “illegal” means to protect ourselves that terrorists and paedos use to escape detection. Perhaps the next step would be to suggest that as immigrants aliens from another world, we have no civil rights and liberties?
Ironically, in addition to calling into question the legitimacy of our very real, present-day concerns, Blunkett, by invoking – again – “the code-breakers of Bletchley Park” reveals that it is in fact his own argument that is not rooted firmly enough in the world of modern data communications. Whether or not “[a]t the time… anyone involved in old-fashioned communications [would] have been able to say to [the Bletchley Park code-breakers] “stay away from our business”” misses the point:
these aren’t the days of Bletchley Park or, more importantly, the days of “old-fashioned communications”. It is precisely this circumstance that the legislation Blunkett seems to have so much confidence in to provide “sufficient checks and balances to provide reassurance” has not quite caught up with.
Of course, “the notion that in this modern era, in circumstances of grave danger, we should somehow balk at an open debate about terrorists’ use of the internet” is absurd. But that isn’t what anyone has been asking we do, ever, and certainly not in the wake of Hannigan’s comments.
Rather, people have been insisting that we badly need to have a debate about the use of the internet not just by terrorists but also by those claiming to need full access to our data to protect us from those terrorists – a debate that that has, in fact, long since been going on without Hannigan, Blunkett and a number of other high-ranking figures in government. By suggesting that that debate isn’t “mature” or that it takes place somewhere outside of “reality” in a “parallel universe” Blunkett and Hannigan are simply doing what they have been doing all along: sticking their fingers in their ears and going “la la la”.