Debating cyber- surveillance
The important debate on the balance between privacy and security, in itself not new, does not seem to be progressing in a balanced fashion. Important issues are still not being addressed.
As Glen Greenwald describes in his new book ‘No Place to Hide’, Edward Snowden had a clear motive for what has become the biggest leak of classified documents in history. His aim was not to destroy the system, but to allow the public to decide whether (mass surveillance) should go on. His disclosure of thousands if not millions of Top Secret Five-Eyes documents caused an international media firestorm, leading to for instance the US declassifying the PRISM and Verizon programs and scrambling to justify them. But the important debate on the balance between privacy and security, in itself not new, does not seem to be progressing in a balanced fashion. It is a case of the deaf talking to the blind, with governments and privacy advocates not sharing facts, definitions and concepts.
On the one hand, governments have been on the back foot, admitting to running surveillance programs that they had previously denied even existed. In the US these programs were subsequently justified from a counterterrorism approach, but the ‘foiled attack metric’, stating that around 50 terror plots had been prevented, did not stand up to academic scrutiny. In the end the specific surveillance program that collected American telephone metadata prevented not one attack since 9/11. This has led to a credibility gap, keenly exploited by privacy and human rights advocates. This side of the debate, however, is impeded by media reporting on the leaked documents, with reporters often lacking the technical or intelligence background to correctly interpret the slides and choosing sensation over substance. As a result definitions have remained unclear, basic understanding of intelligence practice remains muddled and the biggest outrage has been directed to the least shocking disclosures. Important issues are still not being addressed.
There are several essential elements to the debate that deserve more attention. First, the difference between privacy and anonymity must be addressed. Those that have walked into a bank wearing a balaclava understand that there is a difference between the two, and that security sometimes necessitates identification. The debate on the weight and position of the right of privacy and to anonymity will be an interesting one, as anonymity is currently seen as a cornerstone of Internet culture. Secondly, the role of intelligence services must be contextualized in a broader debate on personal data and privacy. While governments can and should be held to account by parliaments, there is often very little insight into how private companies collect, store, use and sell our data on the internet. This potential breech of privacy can be far greater, for example, than an anonymized collection of metadata by intelligence agencies. And finally, we must recognize that a limited system of surveillance can be necessary to keep us secure, but that measuring its effectiveness will be challenging. It will always be difficult to measure events that do not occur, and the fact that they have not occurred in the past says little about the future.
To give this important debate new life governments must open up more. The traditional culture of secrecy surrounding intelligence and security services can obstruct the debate and leave faulty definitions and premises uncorrected. In February 2014 the Dutch Minister of Interior narrowly survived a political debate on the misinterpretation of a metadata program disclosed by Snowden. He drew the conclusion that the less you speak about intelligence services the better. Recently the British Home Secretary acknowledged for the first time that the UK government had failed to make the case for surveillance and that new innovative ways to inform the public had to be sought. This seems to be a far better approach: a real debate can only be held if both parties make an effort to talk and speak the same language.