|Topic:||Digital threats in cyber life|
|Organisation:||University of Buckingham|
Professor Anthony Glees is director of the Centre for Security and Intelligence Studies (BUCSIS) at the University of Buckingham.
Professor Glees is a member of the Editorial Board of Intelligence and National Security.
The digitisation of information is transforming how society operates and has a significant cultural impact. But whether that impact is predominantly beneficial or harmful is not yet clear. There is no consensus on the need for greater regulation of cyber space. But unless cyber space is regulated to discourage criminal activity it could become a source of great and grave danger.
Almost every single aspect of the domain we now call cyber is a matter of contention, frequently bitter. For one thing, there is no generally accepted definition of the term cyber or when the cyber era actually began (did its origins lie in the work conducted during World War Two at BletchleyParkin the UKor are we today still barely at its threshold?). For another, whilst there is general agreement that cyber, where it means the digitisation of information, is now transforming how our society operates in every sense and impacts on our culture in ways yet not fully understood, there is no agreement as to whether this has been mainly beneficial or mainly harmful, and, if it is not all good news, whether greater regulation of cyber space is now urgently called for.
The proposal made by the British government on 14 June 2012 to require ISPs to retain electronic data they are currently deleting has brought the cyber debate into the starkest relief. Basically, what the Communications Data Bill seeks to achieve is the extension onto cyber of the state’s existing powers to intercept communications that have existed since postal communications were first subject to ‘censorship’ or secret scrutiny by security services. We properly accept that the intelligence agencies’ police should have access to written and telephonic data but extending this to the thirty million cyber communications currently made each day in the UK has unleashed astonishing levels of rage. Whilst the public accepts the need for secret agencies to keep us safe, loud and influential voices are heard wishing to deny them the modern means to do so.
Sir Tim Berners-Lee (‘father’ of the world wide web and a government advisor) said in April 2012 that allowing agencies to mine electronic data would lead to the ’destruction of human rights’. A senior Conservative MP, Dominic Raab, suggested:“these plans will allow state snoopers to drain the swamp” with powers that are “broad and vague and invite abuse” (abuse, that is, by the police and secret agencies). This would, he says (repeating words spoken by the official information commissioner) be a “step change in the relationship between the citizen and the state”, carrying with it the implication that this would be disastrous and undemocratic. But it was not merely Internet visionaries and the libertarian right of the Conservative Party that took this line but also most of the British press (who quickly coined the phrase ’snoopers’ charter’ to describe the bill) with The Daily Mail and The Daily Telegraph at their helm. This motley but powerful crew has been joined by the civil liberties lobby, and, of course, the soft and hard left, the anarcho-syndicalists and anti-capitalists.
We are being encouraged to believe that every single email, every single visit to a ‘Lonely Hearts’ website will in future be monitored by the secret services and that we are about to enter a Stasi-style state, itself but a pale shadow of George Orwell’s ‘Big Brother’ 1984 Britain. The fact that there are not enough cyber intelligence officers in the whole of the western world to monitor every cyber communication (even if they wanted to, which they don’t) seems to have escaped them. Terms like ‘Stasi’ are bandied about in utter ignorance by some who should know better. We should recall that in 1989 (the last year of the Stasi’s existence) there was one Stasi member to every seven East German citizens. In Britain today there is one MI5 officer to every 17,000 British citizens (there are no more than 12,000 members of Britain’s secret agencies in total compared to some 200,000 Stasi).
Under existing laws (first set out in 1985, reviewed in 1998 and 2000), an annual half million investigations into communications data are already tolerated by the public with no complaint (except from the civil liberties lobbyists) and some public gain. It is true that this figure seems large but many investigations focus on slightly different aspects of the same target and under law each requires their own warrant. But because existing regulations do not cover fully the new media our security community today operates at only 75 per cent of the efficiency levels achieved a few years ago because better access to the new media is denied them.
The public, the politicians and the media have little appetite to hear the other side. The view of Bernard Hogan-Howe (the Metropolitan police commissioner and Britain’s most senior police officer) that a failure to do so has not merely already damaged our capacity to fight crime but is a “matter of life and death” for all of us, was dismissed as propaganda. When the Government’s Communications Centre at Cheltenham (which rarely speaks in public) said:“we do not target anyone indiscriminately; all our activities are proportionate to the threats against which we seek to guard” and stated that it followed the law ‘meticulously’, its words clearly fell on deaf ears.
Why is this so? And what, precisely, are the cyber threats from which, in my view, we so urgently need protection? It seems to me that the logic of extending surveillance into cyber data not already captured is so straightforward that those who oppose it are largely lacking rational judgement. For some reason, they have been sold the idea that cyber should be the one domain in our world which should be entirely without regulation and that this is somehow to their great advantage. The fact that such broad sections of society no longer trust the government or the agencies who say otherwise has nothing to do with cyber per se but with the harsh reality that politicians have squandered trustfulness in recent times. They now reap the whirlwind for doing so.
However it remains vital to convince people that any unregulated space is a source of potential danger and risk, and that the massive force of the cyber domain increases the dangers and risks exponentially. This is, after all, why states hostile to western values, terrorists, self-appointed political ‘activists’, fraudsters and sociopaths all rushed into cyber space, in many cases more speedily than governments or universities. Their needs required them to be agile and exploit the opportunities offered by lawless space as quickly as they could.
We need to be protected against these people on national security grounds. Far from undermining civil liberties or human rights, up to date cyber data mining is vital if liberty is to be protected. There is no ‘right’ which allows an ‘activist’ like Julian Assange to put at risk the lives of our allies, any more than paedophiles should be ‘free’ to share their terrible images with each other for mutual encouragement. Steve Wozniak, the co-founder of Apple, is quoted as defending Kim Dotcom’s ‘right’ to avoid paying artists copyright for their music against the New Zealand and American governments, as creative artists had no ‘right’ to their own work and as if Apple itself did not make millions of dollars by preventing its customers from sharing with their families music they have bought legitimately. Their activities do not add to our civil rights, they undermine them.
The enemies of western liberty should not be able to turn freedom on its head to manipulate and exploit cyber space and the public has a right to be protected against those who use the cyber domain to attack our people, our institutions, our defence but also our industry. The economic impact of cyber attacks on industry is significant. BAE, Britain’s major defence company, lost perhaps £1bn due to a concerted, eighteen month cyber espionage operation apparently by the Chinese government. And just a few days ago, the director general of Britain’s Security Service, MI5, Jonathan Evans spoke publicly about another ‘major London listed company’ that had lost £800m as a result of a cyber attack. Evans said: ‘what is at stake is not just our government secrets but also the safety and security of our infrastructure, the intellectual property that underpins our future prosperity and the commercially sensitive information that is the life-blood of our companies and corporations’.
The birth of a new technology is often accompanied by grandiose claims that it will change the world and it is sensible to recall that the jet engine did not replace the wheel (indeed without wheels no jet would take off). But cyber as a new form of communicating has undoubtedly had the most profound impact on the entire social, political and public sphere. Unless we permit our security authorities to police it, mine it for intelligence and regulate it so that lawful activity within it becomes easy and criminal activity extremely hard, what is currently a ‘Wild West’ web will become a source of great and grave danger.