Cyber-snooping - is it a good idea? Or not?

From MSN today and with full acknowledgement to the author:

More cyber-snooping won’t stop terrorists, it’ll help them
The government always wants more snooping power, but it hasn’t thought its plans through argues Simon Munk.

David Cameron and his ministers seem to have the hots for gaining new powers to monitor social networks, email and phone calls more widely.

While Theresa May talks up the supposed benefits of the “cyber-snoopers’ charter”, Jonathan Evans, head of MI5, with (ahem) spooky timing, has warned that the agency is battling an “astonishing” level of cyber-attacks on the UK.

A debate last night brought MPs, professors and journalists together to discuss the findings in think-tank Demos’ new report into Social Media Intelligence (‘SOCMINT’). In it, it qualifies how such snooping could be a good thing.

Measures like these are supposedly to stop potential terrorist attacks, but the idea fatally misunderstands the world we live in now.

"Not only will increased cyber-surveillance prove useless, but ultimately counter-productive"

Those in authority are pushing hard to prove we need these new powers. But they’re wrong – not only will increased cyber-surveillance prove useless, but ultimately counter-productive.

The world has changed – and social networks have changed it. Terrorists can spring from anywhere – they may train in a foreign camp, but may equally learn their craft from the internet; they may be recruited online, or locally. The idea that we’ll catch the bad people by monitoring emails and Facebook messages is patently stupid – terrorists will simply adapt and change tactics. They’ve already proven they’re good at doing that.

Instead, we’ll have more and more idiotic civil liberties cases. Today, Paul Chambers, a trainee accountant, is facing a High Court appeal after he joked he was going to blow up an airport on Twitter when his plane was delayed.

And Sheffield student Richard O’Dwyer is facing extradition to the US, for running a non-US website that let people find TV and film content, but didn’t host any of that content. All on a treaty introduced to ensure ‘terrorists’ could be brought to justice.

"The best thing western governments could do to stop fuelling terrorism, is start playing fair."

The gigantic net our government wants to throw over the internet won’t catch more sharks, it won’t even get many minnows – it’ll get the flotsam and jetsam.

Worse, these new cyber-snooping powers, as well as making terrorists think and act smarter, will just add another grievance to their list. I’m not for one second trying to legitimise terrorism – but the easiest and best thing western governments could do to stop fuelling terrorism, is start playing fair.

Terrorism thrives where a population perceives there to be a grave injustice against it. And the West can do much more to cut those perceptions.

Social networks allow everyone to see the hypocrisy of developed countries - imbalanced trade rules; IMF loans and subsequent “austerity measures” and “trade liberalisation” that dispossess the poor from vital farming land; dictators armed in return for mineral rights. It’s all on Wikileaks, YouTube and Twitter – the way we treat other people stinks, and until we change that, we can expect to face more angry, motivated terrorists.

Pretending we live in a fortress and spying on everyone inside and out makes for a darkly paranoid view of the world. The alternative? Recognise we are ever more connected, and start treating the rest of the world as we’d expect to be treated ourselves.

Simon Munk is a technology journalist, who has been tinkering with technology since taking apart a parking meter when he was four. Follow Simon Munk on Twitter @psimonk

So what does everybody think? Is a government cyber watchdog essential for our safety or does it create dangers of its own in terms of our civil liberties? Some of the politics mentioned appear radical but are we actually empowering and emboldening those who profess to hate our way of life? Over to the collective wisdom of ARRSE...
Instead, we’ll have more and more idiotic civil liberties cases. Today, Paul Chambers, a trainee accountant, is facing a High Court appeal after he joked he was going to blow up an airport on Twitter when his plane was delayed.

And Sheffield student Richard O’Dwyer is facing extradition to the US, for running a non-US website that let people find TV and film content, but didn’t host any of that content. All on a treaty introduced to ensure ‘terrorists’ could be brought to justice.
That's the problem. The people in charge can't be trusted to limit their activities to preventing terrorist attacks.

Information is power and no government should have the level of power over its people that control of the Internet (a medium through which most of the country now run a very large chunk of their lives - from banking to shopping to telephone calls to chatting with people) would provide.
That's the problem. The people in charge can't be trusted to limit their activities to preventing terrorist attacks.
That's what worries me, that our rulers seem absolutely determined to enforce conformity and crush dissent. To my mind at least, the Internet acts as a valuable safety valve for those who are disenchanted with modern life.


If you've done nowt wrong, you've nowt t' be worried about. Isn't that what the propaganda says?

Apologies for recycling, I didn't know someone was going to start a good thread on this.

er, UK Security and Intelligence services and the communication data bill.....

Well, if we are relying on them to use this to keep us safe? I think we're FUBAR'd, I sincerely hope that they have better capabilities than such is offered under this rather odd proposal.

Strikes me as what you can get under a National Security Letter in the USA.

National security letter - Wikipedia, the free encyclopedia

I only know this because I read it in a book called The Threat Matrix, but tech blogs would have it that there is loads of legal challenges about them in the USA. The Threat Matrix: The FBI at War in the Age of Global Terror (9780316068611): Garrett M. Graff: Books

I think a little thinking is needed prior to us adopting them.

Under the proposed surveillance law, authorities would not be able to see the content of calls and emails without a warrant. They will, however, be freely able to see who the conversations are between, and when and where those communications were made.

Right now, the Regulation of Investigatory Powers Act (Ripa) already gives police the ability to snoop through phone and email records. As this is limited to service providers and websites who track keep such records, the proposed bill would ensure that all providers keep tabs on their users.

Draft of email-snooping 'Communications Data Bill' published online (Wired UK)

(How sweet a stock photo, Commissioner Stevens standing by the Home Secretary. Uneasy lays the head that wears the Crown, especially at a private health sauna).

Now most ISP's will rightly say it is not their job to police their users. Plus without a data centre the size of the one the NSA are buidling out in Arizona or Utah or somewhere, where the hell are we going to put it. That then is there problem under the bill, neat one HMG!

I think that this power is not of much use to terrorism enquiries, take the below about the 7/7 conspirators:

“Post 7/7 enquiries revealed that between 22nd February and 15th June 2005 there
were forty one telephone contacts between mobile phones attributed to Tanweer,
Khan, and Lindsay and hydroponics outlets. It is unlikely these could have been
detected by surveillance given the large number of untraceable “operational”
phones used by the bombers and only attributed to them once their identities and
details were known.”

So good tradecraft by terrorists will keep us guessing. Unless you are "known"", or a handset can be attributed to a suspect or something like that, how is that a useful bit of information.

How will this be predictive? It won't surely? It will be reactive! And good intelligence is predictive, the weatherman not the newscaster!

I suspect that if it is introduced it will increase the problem in intelligence analysis as old as Pearl Harbour. How do you distinguish between "signals" (ie, what you need to know to assist to analyse and predict) and "noise" (the irrelevant, which only serves to confuse).

The book argues, in part, that intelligence failures are to be expected because of the difficulty identifying "signals" from the background "noise" of raw facts, regardless of the quantity of the latter.

(Someone much cleverer than me thought up that

Roberta Wohlstetter - Wikipedia, the free encyclopedia

Required reading on Strategic Studies courses at many universities, or was anyway)

So, back to domestic terrorism and organised crime. The reason for it. The bill will bring in something that probably won't predict offences, or it probably will make it harder if it is brought in. For my reasons above, I don't believe it will keep us "predictively" safer. I stand to be put right.

Paedophiles? They are bound to be rolled out as an argument. Always are. Met some, talked to them and locked some up. Technological adept ones are beyond this already. That I can tell you, without walting. You can tell from the open media anyway, that paedophiles are singularly innovative in their abuse of the internet and communications/memory capability. People thick enough to use attributal technology, non-anonymising internet, their own bank-details (and they do exists) are being nicked like flies.

(But then, people are still caught and convicted on DNA, and even more funnily their fingermarks!)

So this new act, it probably won't help. I think.

So why is it being brought in?

Might make investigating civil disorder (indeed any crime uses a telephone or internet, etc) the likes of which we saw last year more easy. I think Westminster got a punch on the nose there. ("People are using the internet for crime!" They seem to think someone is going to climb out of the plug. Don't mention, bluetooth or WiFi. They'll think someone will materialise, drink their booze, pinch their hard claimed expense accounts and bang the au-pair). Never mind the people who suffered, but the government got caught out!

And the proposed bill will on all levels help by avoiding the need for a warrant. Do we really want that? Any trial lives or dies on the proceedural correctness of the investigation, and rightly so. I am not sure "short-cuts" are what should be encouraged.

In all fairness, on all levels it will assist to build up the association charts, "orders of battle" for criminal enquiries if you will. More grist to the surveillance state. To add into CCTV often video equipped with ANPR, and all the other things we have grown to know in the UK.

My own opinion? If seen as part of a policy of privatisation of certain police services and avoidance of oversight, I would be suspicious and think it unwise. Surely the security and intelligence services have better capabilities than these, or else I think their operational technology divisions need to have a stern word with themselves.

Sadly much of what they do will necessarily and rightly be secret. I don't mean to denigrate the work which stops things like 7/7. However, I do think that more guided efforts are needed than a power to "trawl". We forever go on about "hearts and minds" abroad.

Time the police and domestic services' brought that principle home. That is my conclusion for the efficient protection of the people (and ideals) of this country.

But I may be wrong, I have no grounds to think I will be right. No more than the next chap. Especially if the next chap knows what he is talking about, I'm just going off newspapers and books.

Loose freedom with all its daft ills? It is, after all, about the only tool we have in the box.

Not only is the the only tool we have in the box, it is the first tool we have to show people that our system works.

That we do not need a Stasi. If the state is that alarmed at its citizenry, doesn't that say something about the Whitehall bubble?
This is the paper by the way, #intelligence.

Demos | Publications

Hardly a revelation when HMIC said last year

“Social media channels enabled individuals intent on criminal disorder to form communities, share their plans and organise on the streets: but police systems for tapping into this information source are not well developed compared to those used by parts of the commercial sector. In truth, police were at times overwhelmed with information....

...Police need a central information hub to help them anticipate disorder by drawing together all available information, including from direct contact with members of the community and social media monitoring. ”.
HMIC “The Rules of Engagement” p6

“This new social capability and phenomenon has both positive and negative implications, just like any other communication channel. It seems inconceivable that police cannot meaningfully access what is now the cyber equivalent of „the word of the street‟. This fast-paced open source information space should be part of the street which they patrol. The sheer abundance of information available – very often conflicting, unreliable or simply untrue – must be borne in mind. But the ability it offers to monitor mood and emotion and predict possible public order problems should not be overlooked. “
HMIC “The Rules of Engagement” p36

But that's not terrorism is it? or Organised Crime? And it is serious, but if it is serious why are they doing away with so many police officers?

Sounds like good old social control from HMG. They feeling a bit unloved?
My understanding is that service provides will be required to retain for 12 months records of contacts (i.e. telephone 1234 called telephone 2345 at such and such a time) but not content – there will be no way of retrieving what was said/texted, and that there will be a similar provision for e-mail. I know that’s simplistic but I don’t do tech. If I’m wrong then much of what follows is wrong.

As for the article:

Well, the DEMOS report seems sensible, although the invented term SOCMINT grates. But nobody could argue that the principles laid out by DEMOS should not apply to all forms of state surveillance i.e.
Principle 1: There must be sufficient, sustainable cause
Principle 2: There must be integrity of motive
Principle 3: The methods used must be proportionate and necessary
Principle 4: There must be right authority, validated by external oversight
Principle 5: Recourse to secret intelligence must be a last resort if more open sources can be used
Principle 6: There must be a reasonable prospect of success
These are pretty much the principles the agencies already operate under (or should).

The meat of the article makes little sense to me, in particular the author’s statement that
"Not only will increased cyber-surveillance prove useless, but ultimately counter-productive",
in support of which he offers no evidence apart from the contention that such surveillance will increase the frustration that fuels terrorism. I hear echoes of various discussions a few years ago about Computer Network Attack, and the occasional Utopian view that cyberspace should be an Antartica style demilitarised zone I’ll not dissect the article further, it begins to feel like playing the man not the ball.

More generally, I’m totally relaxed about the proposed increase in surveillance, with the proviso that the principles above are followed and that it is conducted by professionals i.e. the agencies, serious law enforcement and some very specific others. My problem with RIPA is not the powers it gives, it the multitude of organizations it gives these powers to.
Utopian view that cyberspace should be an Antartica style demilitarised zone
'kin too right. It's full of the bloody cyber division of the People's Liberation Army!

New Posts

Latest Threads