AMITIAE - Tuesday 14 July 2015
Cassandra: First Impressions of the RUSI Report on Surveillance and Privacy in the UK
By Graham K. Rogers
The following quote alone should concern readers about the competence of the report as it was only a few months ago that the Investigatory Powers Tribunal ruled that "electronic communications intercepted in bulk was unlawful until last year".
To find a number of links to the information all I had to do was type in "British Court rules that GCHQ collected data illegally" as Google search terms. The top one was a link to the Owen Bowcott, item in the Guardian, "UK-US surveillance regime was unlawful 'for seven years'". Perhaps the use of the present tense in that paragraph assuages some, but there will be an awful lot who will have shifted in their seats uncomfortably on reading that.
The report states that "such activities must be demonstrably lawful, necessary and proportionate" and this is easy to fix. Don't like something, change the law (or write a new one): trades union history might give some clue as to how changes of governments may alter fortunes. As to "proportionate" the threat of terrorism (or child pornography, or organised crime) are the bogies regularly wheeled out to justify government actions.
Just when the laws seem to have met sufficient opposition, there is always a tame policeman rolled out to tell the public about another secret operation that prevented a terrorist act. This of course may indeed be true, but the strident propaganda that accompanies such efforts implies to some that the terrorists are either stupid or working hand in glove to provide the authorities with the reasons they need.
The idea of a warrant as a form of protection is risible. There is enough flexibility built into the court systems that swearing a warrant in front of a judge is almost a guarantee that it would be granted. Would there also be a retroactive system as in the US FISA courts where blanket immunity can be granted after the event?
The recommendations of this report already include provisions for bulk interception warrants. With the final authority projected to be the Home Secretary ("secretary of state"), who is not known as a severe critic of the security services - at least not nowadays - the police, GCHQ and other services may be on a winner here. Even judicial review may end up as merely fine words, although the suggestion for an independent body is a ray of some hope.
The various inspectorates are manned from personnel recruited from within the services they are intended to screen and the multi-layer bureaucracies that have been established within the UK are no protection at all when there is already a culture of doing what is necessary. The chances of any outsider discovering if any such illegal acts are carried out suggests the levels of impunity are unlikely to be improved.
It is interesting that the report mentions the Protection of Freedoms Act 2012, which required the destruction of DNA samples and the removal of DNA profiles of certain people in specified circumstances, as it appears that some police forces have failed to comply with the requirements of that law and have retained samples collected (e.g. The Protection of Freedoms Act 2012, Data Protection Society).
The report's Ten Tests for the Intrusion of Privacy (see below) are laudable, but to an extant laughable for some of the reasons above. I believe that these may be great ideas, but they will never get off the ground while the current government is in power.
There is also a fair look at encryption and its value, particularly for safe commerce online. Without such systems, transactions online would be unsafe and the amount of online crime would increase dramatically. The current PM apparently does not seem to realise that encryption is needed and that handing over the keys - by way of some special backdoor - would undermine the whole system.
Of particular interest here are the comments on GCHQ: GCHQ employees are aware they are the guardians of what is potentially a very intrusive set of capabilities to collect [My italics]. . . This follows two troubling passages: "Only by filtering large volumes of information do GCHQ staff believe they can identify, and analyse data on, a selected target"; and "Even if an individual's communications are never actually read . . . the fact that it could be read is regarded by some as placing control in the hands of the state."
Even if the Report tones down the capabilities of the security services, it is clear that far more control on their operations and better independent supervision is an urgent necessity. I cynically believe that we may expect the current government to note the report and pass.
Ten Tests for the Intrusion of Privacy
See also:Royal United Services Institute (RUSI) report - A Democratic Licence to Operate: Report of the Independent Surveillance Review
Graham K. Rogers teaches at the Faculty of Engineering, Mahidol University in Thailand where he is also Assistant Dean. He wrote in the Bangkok Post, Database supplement on IT subjects. For the last seven years of Database he wrote a column on Apple and Macs. He is now continuing that in the Bangkok Post supplement, Life.
For further information, e-mail to
Back to Home Page