Why are apparently so few people worried that a state employee can now select on a computer any item in their individual make-up – their address, phone, mobile, email, passport number, credit card number (any of them), any of their logins to a web service, etc. – and can thus access the content of their communications, who they communicate with, the full range of their internet use, their location, and a great deal else? Presumably because there has not yet been a horror story revealing how these powers have been used to abuse people’s lives. But it cannot be long coming. Power corrupts, as we know, and the degree of power which digital technology has now put into the hands of state officials is greater than exists anywhere else in the Western world. Before long the abuse of that power will be exposed, the enormity of its misuse will be revealed, and a national scandal will erupt. But uncannily, for the moment all is quiet.
It is the Snowden files which have blown the truth wide open, but cyberspace remains a mysterious technological vista that few have sought to master. What is surprising is that the facts didn’t emerge sooner. Some 4.9 million Americans had access to classified information, and nearly half a million private contractors in the US had the top secret security clearance which Snowden had. If it hadn’t been Snowden who blew the whistle, it would have been someone else. That itself raises worrying questions. How secure is this ‘secret’ material held by agents of the state, and who else might it leak to? Can we be sure that some other person, for whatever motive, hasn’t taken copies of similar documents to those squirreled away by Snowden and handed them to the Iranians or to jihadists? And if this all-encompassing surveillance can be used, secretly and unnervingly, against the population of that state, what can stop a foreign power (since with hundreds of thousands of technical personnel in the know, the secrets are bound to leak quickly everywhere) using the same device with much more malign purpose both against both that state and its inhabitants?
But of course, as GCHQ is proud to insist, none of this is likely because they always act within the law, as William Hague plaintively and forlornly insisted in the House when the NSA Prism story first broke. If only. Oh yes, the computer operator has to provide a justification for the information he’s seeking, but that’s not too hard when he’s conveniently offered a drop-down menu to prompt his thoughts. Oh yes, all this activity is supposed to be firmly controlled by the Regulation of Investigatory Powers Act 2000 (RIPA), but actually RIPA is more about facilitating such exercises than curtailing them. RIPA is so poorly drafted (deliberately?) and open to such broad interpretation that it really allows government agencies like GCHQ to do whatever they like. Oh yes, we’re assured by the Home Office that they’re only concerned with the ‘metadata’ (the technical wherewithal of communication systems), but the Snowden documents tell us the truth: “GCHQ policy is to treat it pretty much all the same whether it’s content or metadata”. And oh yes, oh yes, we’re always told that privacy is fully safeguarded – until we discover that the US NSA is spending £0.25bn a year on weakening encryption, and no doubt the UK GCHQ similarly on breaking commercially available security products. Beware the storm that is to come.
Michael Meacher is a Labour MP for Oldham West and Royton (UK)
This article first appeared on Michael Meacher’s weblog on October 5th, 2013