10th November 2015: 'An activists' guide to the 'Snooper's Charter'' » 2015 » Mobbsey's Musings » Paul Mobbs/MEI » FRAW

Guy Fawkes mask protest
Are mobile phones and Guy Fawkes masks compatible?

´╗┐An activists' guide to the 'Snooper's Charter' – and what to do about it

Paul Mobbs, "Mobbsey's Musings", Tuesday 10th November 2015

Written for The Ecologist, published 12th November 2015


The so called "Snooper's Charter"[1], the draft of which[2] was introduced to Parliament by the Home Secretary on 4th November 2015, has created a media furore.

It may appear to be threatening, anti-democratic and downright repressive, especially if you use technology as a de-skilled 'consumer' – without questioning how it works or what private information you exchange when using it.

In practice, for those who have a working knowledge of communications technologies – certainly trained terrorists, organised criminals and fraudsters – many aspects of the draft bill are not threatening at all. If you use the technology in a certain way you can, to a certain extent, hide your on-line life from surveillance.

For me the problem with these proposals is not the technology – it is the assumptions which inform government policy, and what they entail for our democracy.

The 'Snooper's Charter' exemplifies Britain's democratic deficit

On polling day last May I gave a talk in Parliament Square[3] on the theme of '800 years of activism'. While waiting around in Parliament Square to start the gig, I approached a man, standing opposite Parliament, who was browsing a smart phone.

I asked him if he'd stolen the phone. He said, defensively, that it was his. In which case, I enquired, in one of the most secure locations in Britain – where all mobile communications are filtered through 'Stingray' base stations[4] to track individual users – what was the point of using a smart phone when wearing a Guy Fawkes mask?

In Britain, since Edward III formed the Order of the Garter in 1348, the motto of our state has been "evil to him who evil thinks"[5]. The idea that the state has the right to rule over anyone in this country, and anyone who doesn't like that is highly suspect, has been a core value of British governance for the last six centuries.

That is the greater problem here – the technology involved is just a means to achieve that end.

Formalising mass surveillance

Since the 1960s successive governments have sought to increase their powers to stifle civil dissent.

For example, the "common purpose principle"[6], introduced in the mid-1990s, allows the police and security services to investigate everyone in a movement which may carrying out minor offences as if they were all 'serious organised criminals'. This was this legal justification used to take-down the animal rights movement[7] in Britain from the late 1990s – targeting the most innocent members of that movement as if they were the most militant.

This agenda continues today. For example, in the anti-fracking movement[8], activists are being labelled "non-violent extremists"[9]?

However, the government's surveillance proposals are something wholly different – and the state is not the only group we should be concerned about.

What is enabling the Government's agenda is the corporate collection and trading of personal data – otherwise these proposals would be unaffordable. And in reality what the 'Charter' enacts is, in some form, already practised by the state. The purpose of the bill is to make these practices retroactively legal:

Metadata is 'content'

The Government always dismiss the metadata issue. They claim that having data about the communication cannot be considered to be as invasive as actually listening to or reading your communications. And, in isolation, that is pretty much right.

However, what we're taking about with the current proposals is the use of 'metadata in aggregate'. That is, the data produced by many different activities a person engages in during their everyday life. When put together, structured by computer algorithms, metadata becomes content – it becomes uniquely descriptive[16] of a person's lifestyle, political or sexual preferences, their network of friends and associates, and patterns of daily movement and activity.

Matching multiple data sources, metadata is a description of the intimate details of your life just like the content of messages. And that is what is available to the police without a warrant or judicial oversight.

This same data is already used by corporations.

Corporations and lobby groups have access to metadata on a commercial basis. It is an essential part of the income stream for services like Google and Facebook. It is used not only to target advertising, but also public relations and lobbying – in some circumstances, to target[17] and counter the work of environmental and other progressive activists.

For example, TransCanada runs the pipelines that carry tar sands oil across Canada and to the USA. When they wanted to build an alternative to the Keystone XL pipeline[18] it employed a US-based "corporate strategy" company, Edelman[19], to investigate the potential opposition – targeting local activist groups (note that Edelman is also the organising force behind[20] the industry-funded UK Task Force on Shale Gas[21]).

A key factor in Edelman's strategy was the use of digital media, both to monitor the work of activists and co-ordinate responses to the activists' message. Edelman even produced a digital media strategy[22] detailing how TransCanada should counter activist messages.

How could they do this?

From their US-based data centre Edelman had access to large amounts of data on the work of activist groups. Much of that data will have been legitimately bought from web companies, while more can be easily produced by monitoring[23] activist web sites or social media.

The case is no different in Britain – these practices are happening today[24].

The business model of free Internet services is that they monetise the value of the personal data people willingly, though unwittingly give when using the service. And while data protection laws might restrict blatant abuses within Europe, companies can circumvent such restrictions by warehousing their data in off-shore subsidiary companies (as was the case when Edelman proposed to house TransCanada's data in the USA).

The "free" web is based upon monitoring you

It's not a personal thing. You are not necessarily being monitored specifically. But in aggregate with those you work with, your collective digital footprint provides data that certain lobby groups and state security agencies have an interest in.

When the Internet was first used by activists, from the mid-1980s, it was by-and-large via subscription services. When the web came along in the mid-1990s, it was free, largely funded through the companies making paid-for hosting services available. That model imploded during the dot-com crash[25] in 2001.

Next the Internet companies switched to advertising, and that model worked well up until the crash of 2007. Since then pretty much all the major on-line services, especially social media, have survived through selling large amounts of data about their user's habits.

When you download a web page you are also loading lots of 'beacons'[26] from web tracking companies[27]. These log not only the fact you accessed the page, but also data about your location, the machine you're using, as well as data about your recent browsing history.

The web service companies then slice and dice all this data and sell it on to advertisers and lobbying companies – including the likes of lobby/PR companies like Edelman. Governments also buy this data in order to augment their own surveillance capabilities, primarily because it's cheaper than undertaking these operations themselves.

Recently one US lobby group – with close links to the US government, military and political parties – proposed that[28] technology companies should formally be brought into the US intelligence infrastructure because they work more efficiently than state agencies.

People may obsess about state surveillance but, from a purely technical critique, it is routine corporate data collection and data warehousing[29] which provides much of the state's surveillance data.

Mobile communication makes matters worse

Dzhokhar Dudayev[30] was a former Soviet air force general who led the breakaway of the Chechen Republic from Russia. He is also distinguished as being one of the first people to be demonstrably assassinated by his mobile phone – when two Russian laser guided bombs were dropped on the location designated by his mobile signal.

Today 'assassination by mobile' is a policy routinely carried out[31] by the USA in the Middle East, Pakistan and Afghanistan, and by Israel. In Britain, mobile phones are routinely being tracked both for security and surveillance, and even by advertisers looking to pitch geographically-relevant adverts[32].

Every mobile device has a unique hardware identity[33] (separate from the SIM card with account details) which can be used to track a person's movements. For example, the security services don't have to log who attends meetings any more – they just look to see whose mobile phones have been taken to the same location at the same time.

The Edward Snowden revelations[34] show the extent to which the ubiquitous nature of mobile phone use has enabled a new generation of surveillance[35]. Mobile phones don't just give away your activity at this moment. For example, if you take a photo the metadata embedded in the picture[36] can log the time, date and location where the image was taken. Publish that picture on-line without removing the metadata and anyone can tell where it came from.

OK, it's all scary – what can you do about it?

Understanding how technology functions entails far more than avoiding having your personal life tracked. Collectively our digital life has a large ecological footprint[37], with a noticeable effect[38] on energy use and the climate. Simply encrypting all your communications to avoid surveillance will significantly worsen that footprint further.

The main defence we're talking about here is the one that many are unwilling to take – unplugging[39]. It's precisely because digital services are free and/or convenient, that people are lulled into using them. Breaking away from that means changing habits, and that's not easy.

However, there are some straightforward things you can do:

Be aware of your technology – and use it wisely

Today, in the age of global corporate mass media, we no longer talk about civil liberties. Instead we talk of 'privacy'[50]. In a world where we are ubiquitously surveilled[51], talk of democratic rights appears a little twee when you can never really have time on your own[52], or to share privately with others.

The whole business model of Facebook and others depends upon selling your data to anyone who will pay the going rate for it. For that reason asking them not to monitor you, or share that data, will make little difference.

In the end, we have to realise that digital communications technologies, while easy to use, are essentially a cage of our own making. It is our choice to use certain services, and sign away rights to our data in return for that service, which creates the infrastructure that the "Snoopers Charter" seeks to utilise.

There's a really easy way to get around this issue – make activism direct. Do it in person, not virtually. And, most importantly, never do it in fear of the state. For if an idea really means that much to you, then why wouldn't you be willing to face the consequences[53] of the actions you carry out to uphold that principle?

References:

  1. Guardian On-line: 'May calls for internet companies to store details of website visits', Alan Travis, 3rd November 2015 – http://www.theguardian.com/politics/2015/nov/03/may-calls-for-internet-companies-to-store-details-of-website-visits
  2. Home Office: 'Draft Investigatory Powers Bill – related documents', 4th November 2015 – https://www.gov.uk/government/collections/draft-investigatory-powers-bill
  3. Occupy Parliament: 'Paul Mobbs speaking about democracy politics and corruption at Occupy Democracy', 7th May 2015 – https://www.youtube.com/watch?v=n0tmu-OMQjM
  4. Ars Technica: 'Fake mobile phone towers discovered in London: Stingrays come to the UK', Glyn Moody, 10th June 2015 – http://arstechnica.co.uk/tech-policy/2015/06/fake-mobile-phone-towers-discovered-in-london-stingrays-come-to-the-uk/
  5. Wikipedia: 'Honi soit qui mal y pense'https://en.wikipedia.org/wiki/Honi_soit_qui_mal_y_pense
  6. electrohippie collective: Section 2, 'Britain's Secretive Police Force', April 2009 – http://www.fraw.org.uk/mei/archive/handouts/q-series/q02/q02-section_2.html
  7. CorporateWatch: 'State Crackdown on Anti-Corporate Dissent – The Animal Rights Movement', 2009 – http://www.corporatewatch.org/download.php?id=92
  8. Guardian On-line: 'Are you opposed to fracking? Then you might just be a terrorist', Nafeez Ahmed, 21st January 2014 – http://www.theguardian.com/environment/earth-insight/2014/jan/21/fracking-activism-protest-terrorist-oil-corporate-spies
  9. Netpol: 'Why are counter-terrorism police treating fracking opponents as 'extremists'?', 9th April 2015 – https://netpol.org/2015/04/09/prevent-fracking-extremism/
  10. Guardian On-line: 'Surveillance bill triggers alarm over sweeping powers for spies', Patrick Wintour and Alan Travis, 4th November 2015 – http://www.theguardian.com/world/2015/nov/04/broad-support-gives-way-to-alarm-over-mays-surveillance-bill
  11. Wikipedia: 'Backdoor (computing)'https://en.wikipedia.org/wiki/Backdoor_%28computing%29
  12. Independent On-line: 'Investigatory Powers Bill could allow Government to ban end-to-end encryption, technology powering iMessage and WhatsApp', Andrew Griffin, 7th November 2015 – http://www.independent.co.uk/life-style/gadgets-and-tech/news/investigatory-powers-bill-could-allow-government-to-ban-end-to-end-encryption-technology-powering-a6725311.html
  13. Guardian On-line: 'UK surveillance bill could bring 'very dire consequences', warns Apple chief', Ben Quinn, 10th November 2015 – http://www.theguardian.com/world/2015/nov/10/surveillance-bill-dire-consequences-apple-tim-cook
  14. The Register: 'Law changed to allow GCHQ hacking... just as GCHQ hauled into court for hacking', Alexander J. Martin, 15th May 2015 – http://www.theregister.co.uk/2015/05/15/case_against_gchq_scrambled_by_under_the_radar_legislation/
  15. Wikipedia: 'Metadata'https://en.wikipedia.org/wiki/Metadata
  16. Web Policy: 'MetaPhone – The Sensitivity of Telephone Metadata', Jonathan Mayer and Patrick Mutchler, 12th March 2014 – http://webpolicy.org/2014/03/12/metaphone-the-sensitivity-of-telephone-metadata/
  17. University of Bath Institute for Policy Research: 'Corporate and police spying on activists undermines democracy', Eveline Lubbers, 2013 – http://www.bath.ac.uk/ipr/pdf/policy-briefs/corporate-and-police-spying-on-activists.pdf
  18. PRWatch: 'Edelman TransCanada Leak – Aggressive PR for Keystone Alt', Lisa Graves, 18th November 2014 – http://www.prwatch.org/news/2014/11/12676/edelman-transcanada-leak-american-style-pr-plan-prepped-keystone-xl-pipeline
  19. The Nation: 'The Shadow Lobbying Complex', Lee Fang, 20th February 2014 – http://www.theinvestigativefund.org/investigations/politicsandgovernment/1929/the_shadow_lobbying_complex?page=entire
  20. Talk Fracking/; '"Frackademics" – Case study 6', March 2015 – http://www.talkfracking.org/frackademics/frackademics-case-study-6/
  21. Guardian On-line: 'Former Environment Agency head to lead industry-funded fracking task force', Damian Carrington, 21st October 2014 – http://www.theguardian.com/environment/2014/oct/21/former-environment-agency-head-to-lead-industry-funded-fracking-task-force
  22. Edelman/TransCanada: 'Digital Grassroots Advocacy Plan', 2014 – http://www.fraw.org.uk/library/direct_action/tc_edelman_20143.pdf
  23. Wikipedia: 'Data scraping'https://en.wikipedia.org/wiki/Data_scraping
  24. Pluto Press: 'Secret Manoeuvres in the Dark: Corporate and Police Spying on Activists', Eveline Lubbers, 2012. ISBN 9780 7453 3185 0 – http://www.hive.co.uk/Product/Eveline-Lubbers/Secret-Manoeuvres-in-the-Dark--Corporate-and-Police-Spying-on-Activists/9023795
  25. Wikipedia: 'Dot-com bubble'https://en.wikipedia.org/wiki/Dot-com_bubble
  26. Wikipedia: 'Web beacon'https://en.wikipedia.org/wiki/Web_beacon
  27. Wikipedia: 'Web analytics'https://en.wikipedia.org/wiki/Web_analytics
  28. Center for a New American Security: '20YY – Preparing for War in the Robotic Age', Robert O. Work and Shawn Brimley, 2014 – http://www.fraw.org.uk/library/peace/work_brimley_2014.pdf
  29. Wikipedia: 'Data warehouse'https://en.wikipedia.org/wiki/Data_warehouse
  30. Wikipedia: 'Dzhokhar Dudayev'https://en.wikipedia.org/wiki/Dzhokhar_Dudayev
  31. The Intercept: 'The Drone Papers', 2015 – https://theintercept.com/drone-papers
  32. BBC News: 'City of London calls halt to smartphone tracking bins', Joe Miller, 12th August 2013 – http://www.bbc.co.uk/news/technology-23665490
  33. Wikipedia: 'International Mobile Station Equipment Identity'https://en.wikipedia.org/wiki/International_Mobile_Station_Equipment_Identity
  34. Guardian On-line: 'The NSA files'http://www.theguardian.com/us-news/the-nsa-files
  35. TEDxBrussels: 'Living in a surveillance state', Mikko Hypponen, November 2013 – https://www.youtube.com/watch?v=lHj7jgQpnBM
  36. Wikipedia: 'Exchangeable image file format'https://en.wikipedia.org/wiki/Exchangeable_image_file_format
  37. APC/IDRC: 'A Practical Guide to Sustainable ICT', Paul Mobbs, 2012 – http://www.fraw.org.uk/mei/sustainable_ict_book.shtml
  38. Global Information Society Watch: 'The carbon footprint of ICTs', Hopeton S. Dunn, University of the West Indies, 2010 – http://www.giswatch.org/sites/default/files/gisw2010thematicthecarbonfootprint_en.pdf
  39. Current Books: 'The End of Absence – Reclaiming What We've Lost in a World of Constant Connection', Michael Harris, August 2014. ISBN 9781-5918-4693-2 – http://www.endofabsence.com/
  40. PCWorld: 'How to get started with Linux – A beginner's guide', Chris Hoffman, 18th May 2015 – http://www.pcworld.com/article/2918397/how-to-get-started-with-linux-a-beginners-guide.html
  41. 'Tor Browser'https://www.torproject.org/projects/torbrowser.html.en
  42. 'Duckduckgo'https://duckduckgo.com/
  43. Wikipedia: 'Ad blocking'https://en.wikipedia.org/wiki/Ad_blocking
  44. 'Ghostery'https://www.ghostery.com/
  45. Wikipedia: 'HTML email'https://en.wikipedia.org/wiki/HTML_email
  46. Wikipedia: 'Tor Mail'https://en.wikipedia.org/wiki/Tor_Mail
  47. 'Riseup Email'https://help.riseup.net/en/email
  48. PC Magazine: 'How to Hack Wi-Fi Passwords', Eric Griffith, 6th March 2015 – http://uk.pcmag.com/security-reviews/40259/feature/how-to-hack-wi-fi-passwords
  49. Guardian On-line: 'Reasons to be fearful about surveillance', Ewen MacAskill, 6th November 2015 – http://www.theguardian.com/commentisfree/2015/nov/06/surveillance-debate-draft-bill-security-privacy
  50. Wikipedia: 'Panopticon' – https://en.wikipedia.org/wiki/Panopticon
  51. Guardian On-line: 'Privacy is starting to seem like a very 20th-century anomaly', David Shariatmadari, 7th November 2015 – http://www.theguardian.com/commentisfree/2015/nov/07/privacy-seems-20th-century-aberration-but-worth-mourning
  52. Talk Fracking: 'Arrest The Cabinet', 5th March 2015 – https://www.youtube.com/watch?v=tc1ESFg4fkA