Data protection – can UK exceptionalism take hold?
November 3, 2015
At the heart of the political and ethical tensions over the government’s draft Investigatory Powers legislation to be published later this week is the issue of judicial authorisation.
In a democracy, who should decide the extent of operational powers exercised by our intelligence services in pursuit of national security? Historically the UK has regarded this as an issue of ministerial prerogative with specialist judges having only post-event oversight of such decisions. This has increasingly put us at odds with other Western intelligence partners and the pace may soon be set by the demands of global communication service providers (CSP), whose cooperation is so critical in counter terrorism initiatives.
In the aftermath of the Edward Snowden revelations battle lines have been drawn more clearly between privacy campaigners and the securocrats. The former argue that the industrial-level bulk collection of communications data and methodology for its retention and analysis, the extent of which was revealed by the rogue NSA contractor’s disclosures to the Guardian in 2013, amounts to unprecedented state surveillance – inadequately authorised or overseen.
Meanwhile the clock ticks relentlessly towards December 2016 when the UK’s emergency data retention legislation expires. So decision time will soon be upon the Home Office. Yet the CSPs, acutely aware that the Snowden disclosures have exposed an arguably over-cosy relationship between the multinational internet giants and US security agencies, are now reportedly demanding global surveillance protocols. The days of UK exceptionalism in the surveillance sphere may be numbered. We should not underestimate the implications this may have on the capabilities yet alone public reputation of our intelligence services at a time of heightened national security concerns.
In the final year of the coalition administration, the government commissioned our erstwhile ambassador to Washington, Sir Nigel Sheinwald, to report on security oversight. Predictably the fact that his conclusions have not been made public has led to a storm of controversy; clearly these are sensitive matters, but I should hope that at the very least the Intelligence & Security Committee will be granted access to his important contribution to this active debate. The speculation is that Sir Nigel’s deliberations with the global CSPs have resulted in his proposing international standards aligning the British, US and European surveillance regimes. If adopted such a proposal would have the potential to disrupt the capabilities of GCHQ and MI6 profoundly since it would almost certainly herald judge-led authorisation of surveillance of the internet, email and related communications for subjects of interest.
The speculation is that a compromise may now be on the cards, resulting in a two-stage approvals process. The Home or Foreign Secretary, especially in emergency, time-critical cases, will make the surveillance decision but judicial consent will need to follow within a short, prescribed period. For this purpose a small, highly specialist cadre of senior judges (Court of Appeal or Supreme Court) with specific security clearance would be appointed. This would probably satisfy all but the most privacy-obsessed libertarians.
Nevertheless, it has been the leading international tech companies who have felt the heat since their role in gathering up, filtering and assisting government in the analysis of communications data became clear. On these shores beyond an alliance of the libertarian right and old left, most Britons were rather disinterested at the fuss created by the Snowden revelations. The reaction elsewhere to the unexpected extent of digital espionage was anything but relaxed. In the US the instinctive mistrust of government was compounded by a new hostility towards CSPs playing fast and loose with individual rights. Whilst the French are instinctively less agitated at the prospect of centralised surveillance techniques, their government recognises that the sheer scale of US technology companies has helped provide their home nation with a terrific competitive advantage in this sphere. Clearly US government and corporations know full well that this capacity to control the tech infrastructure across the globe might one day be used against its national interests and security.
The German government has felt compromised by its own historical legacy of the Gestapo and Stasi (never forget that Angela Merkel spent the first twenty-five years of her life living in communist East Germany) at a time when it has also sought to cooperate with the US security agencies on a range of counterterrorism surveillance operations.
The Snowden affair sparked off a new wave of anti-Americanism in Germany and even now the revelations as to the antics of internet giants threatens to stall talks over the Transatlantic Trade and Investment Partnership (TTIP). Part of the problem, as we have seen, is that currently the global technology market is so manifestly dominated by US-based companies. The perception that they have been able wilfully to ignore European sensibilities over privacy in the collection and storage of bulk data has led the CSPs to push for global standards – the protection of individual rights irrespective of the public interest by warrants issued by judges being at its heart. For European governments the impending terror threat means that for all the indignation, reaching an acceptable deal is imperative.
Here in the UK critical decisions central to that ever delicate balance between security and liberty may, despite a Home Office rear-guard action, be about to be taken out of politicians’ hands. Nevertheless, a regime of judicial consent, rather than authorisation or oversight, would still see our arrangements at odds with many of our Western intelligence partners.