The actions announced by President Obama in response to the Snowden revelations have failed to put the Genie back in the bottle. His measured rhetoric indicates how he is caught between the “surveillance for safety” and “civil liberties” lobbies. I looked up Isaac Asimov’s Foundation and re-read the section where Mayor Hardin uses “symbolic logic” to analyse the rhetoric of Lord Dorwin and the treaty between the Empire and Anacreon.
The Internet has, like the Foundation, lost its innocence. Thanks to Edward Snowden we all know that whatever we do on-line is not only recorded (to enable the packet switched, store and forward, Internet to work), but stored (beyond the time needed for resilience), analysed (not just to improve performance) and the results made available (legitimately or otherwise), to a growing variety of “researchers”, lawyers, spooks and hackers.
We are beginning to see the consequences of that knowledge, even though the politicians are engaged, as yet, in apparently content free blether. The squawks of those US operations whose business models depend on analysing our behaviour for the benefit of their paying customers (The Reform Government Surveillance Group , Facebook, Google, Twitter etc.) were better publicised. But the statements of Vodafone and IBM regarding their own policies are far more profound.
The world has now gone mobile. Even on Christmas Day nearly half of all traffic was over mobiles . More than half of us now use pay as you go . More-over the traffic figures are understated, because most of us piggyback our smart phones onto wifi wherever possible to get better speed and keep the charges down. Now that Vodafone, arguably the nearest we have to a truly global telco (fixed as well as mobile), is no longer bound by its Verizon link, it is better able to state publicly some of the principles it adopted after the Greek scandal and on which it has privately briefed major customers (as well as governments) for several years.
I remember IBM describing how it then implemented its policy for the use of security technologies that met the legal requirements of wherever it operated, at one of the Global Internet Project first events, an Encryption Summit It was hosted by Lord Renwick whose comments in Hansard after the briefing material was made available are well worth re-reading – particularly if you remember when they were made – in 1997 !!!
IBM’s most recent announcement can be seen not only as a statement of confidence in the future of Cloud computing, despite Snowden, but also that it is already able to offer nationally segmented cloud services – and has been since long before they were packaged and promoted as such.
My understanding is that others (with similar long-standing policies) may also be ready to go public.
In other words, “those who think ahead” were ready for the Balkanisation of the Internet well before Snowden and the Guardian told the rest of the world what insiders had known all along.
One can also see what is happening as the logical consequence of outsourcing not only key parts of the NSA’s surveillance operations but the vetting of those employed in them. This links to my comments elsewhere on the way that critical functions are now being brought back in-house as part of an, as yet, not fully articulated but nonetheless increasingly coherant UK Government IT Strategy.
I happen to trust GCHQ and Law Enforcement rather more than I trust my Telco, ISP or Search Engine – let alone the copyright enforcement agencies and market research operations to whom the latter may pass data about me and my on-line activities.
I also note how the banks and on-line transactions providers are moving towards big data based behavioural analysis to validate on-line transaction because of the “compromise” (from Diginotar onwards) of so many of the electronic identity, (alias “Identity and Authorisation Providers”), and accreditation services, (alias “Trust Service Providers”) on which Cabinet Office and the European Union are still obsessing. The techniques developed to help target the NSA and GCHQ surveillance operations are now being routinely used by others on an even larger scale to look at content and not just traffic data.
I would like to see GCHQ similarly focus more of its effort on protecting “the economic wellbeing of the United Kingdom” as part of the objectives of not only RIPA but of the claims that the Cyber Security Strategy has objectives related to cyber crime in general, not just “the war against terror” and “nation state activities”.
Such efforts should, however, be open to better resourced scrutiny, as with the agreement proposed by the Corporation of London after the earlier Big Brother Watch report on Local Authority and other abuses of RIPA. But the issues go much wider. I remember being told how the Corporation ordered their immediate removal as soon as it discovered that surveillance chips (measuring local footfall) had been included in smart rubbish bins being piloted in the City. Welcome to the smart world where your fridge reports you to the food police for breaching the latest NHS obesity “guidelines” at the same time as taking part in a spam attack on your bank. The Corporation of London (and its predecessors) have been running a democratically governed trading city for over a thousand years (even William the Bastard had to negotiate his entry and the chaos at his Coronation in Westminster showed how right they were not to let his troops into the walled City.
We should remember that most of what we are commonly told about the Internet is not true. “They” not only know you are a dog, but which breed and what trees you pee against. Conversely, hardly anyone, except those harvesting electronic credentials for sale to fraudsters, is actually interested in you as an individual.
In that context the Digital Policy Alliance briefing session for MPs and policy advisors on the morning of 22nd January, chaired by Helen Goodman MP may help break the current dialogue of the deaf between those concerned over Child Safety and those concerned over Civil Liberties. The introductory speakers include David Miles from FOSI and Jim Killock from the Open Rights Group, Will Gardner from Childnet and Chris Ratcliff of Portland TV as well as Peter Davies (currently managing the transition of CEOP to the National Crime Agency) who has just confirmed. The event is intended as part of the build up to secure wider support for Safer Internet Day when those who understand how the Internet works and are serious about making it safer, as opposed to “going through the motions” try to promote awareness of what works.
I look forward to seeing the report from the DPA meeting. In the mean time, those of you who are serious about organising activities in support of Safer Internet Day, or the follow up, should visit the DPA website and send an e-mail (saying who you represent and what you expect to contribute) asking if there are any places left.
My own questions, which I will probably keep for the follow up, given all the more constructive points that I expect to see made on the day, include:
Should the On-line Stasi spend more time on things that matter to the population as a whole, such as cyberstalking, bullying and abuse?
Should those who aim to sell our profiles (and those of our children) to their customers owe us a duty of care – including of victim support when abuse happens?
That follow up will include the next meeting of the UK Internet Governance Forum , being organised for the Thursday after Safer Internet Day.
We need to widen debate beyond the internationalisation of Internet Governance, now under way, “merely hastened” by President Obama’s remarks (in much the same way as Lord Dorwin’s visit and the subsequent treaty hastened the Anacreon invasion). But, as in Asimov’s “Foundation” – that is the beginning, not the end. The task is to ease the pain of transition to a new and much healthier cyberworld