Notes from the Open Rights Group debate: Surveillance, RIPA reform, and civil liberty

On 5 October I attended a fringe event at the Liberal Democrats’ annual conference in Glasgow hosted by Open Rights Group. Entitled “Surveillance: how do we reform RIPA & protect civil liberty?”, the event was part of ORG’s Don’t Spy On Us campaign.

The speakers were –

  • Julian Huppert MP
  • Ewen MacAskill, The Guardian
  • Eric Metcalfe – Barrister, Monckton Chambers
  • Jim Killock, ORG

As I ran late to the event I did not catch the moderator’s name.

Julian Huppert, Ewen MacAskill, and Eric Metcalfe
Julian Huppert, Ewen MacAskill, Eric Metcalfe, and the top of Jim Killock’s head

 

My notes from the debate follow.

Ewen MacAskill

  • The oversight of RIPA is two judges, each of whom have one part-time staff member
  • Oversight is very much a “boys club” mentality (What in Glasgow we know as “och, leave it wi me” – HB)
  • Oversight is very poor even in comparison to US oversight and safeguards
  • The Guardian only learned about the criminal investigation into their reporting by reading about it in The Times
  • Made a plea on behalf of Edward Snowden,who is charged under the Espionage Act in the US, for him to be given a place to live safely somewhere in western Europe

Julian Huppert MP

  • His first contact with Open Rights Group was over the now thankfully discarded Digital Economy Bill
  • Subsequently made sure the draft Communications Data Bill was torn apart
  • Under the CDB, Home Office wants the power to track all web activity, wants the power to force ISPs to track all web use, and wants IP address matching
  • Nick Clegg got the draft CDB vetoed, for which Theresa May will never forgive them
  • All of this happened before the Snowden revelations
  • Adamant that the committee knew absolutely nothing about the state surveillance exposed in the revelations
  • Notes that technically Theresa May never lied – rather the Home Office chose its words so carefully that specific things were never mentioned
  • The response and the silence from all quarters in response to the revelations has been deafening
  • One debate in Parliament, and one piece of legislation from David Heath
  • Notes that the Guardian editor got a more public grilling over publishing the stories than GCHQ did for actually running the programmes
  • Lib Dems have been trying to get RIPA reviewed since day one
  • Under Section 94 of the Telecommunications Act 1984, the Secretary of state has the right to order telecommunications companies to do anything. These requests must be published unless there is an issue of national security, etc, which opens the door for any number of abuses.
  • Lib Dems have secured a commitment to reviewing RIPA. Will it be better?
  • Aware that the review cannot be based on ultra-purist positions
  • Wants the police and governments to use the existing powers they already have properly before asking for more powers and laws

Eric Metcalfe

  • Began by lambasting the Lib Dems for their support of the RIPA review, which he called a stitch-up
  • Noted that there was very little legal input and no human rights law input
  • Wants to clarify the legal framework by which surveilliance is a) necessary b) proportional
  • The RIPA review is a consequence of the DRIP act
  • Parliament restored the old data retention directive under the assumption that people do not care
  • This showed the British people contempt
  • “For god’s sake it needs to be regulated!”
  • Cited the witness statement from Charles Farr noting that any electronic communication which travels through an external server (Google, Facebook, etc) is a communication between a person and a machine, not two people, which makes it fair game for surveillance
    Untitled picture
  • GCHQ is currently siphoning up data equivalent to 196 times the size of the British Library every day
  • There are unsatisfactory safeguards, and no protection whatsoever for the communications data because it is considered external
  • The debate about DRIP and the CDB misses the point – the point is that the government is asking for powers it already has and already uses
  • That’s why RIPA overhaul is needed – when powers operate in secret, they develop a life of their own. It becomes difficult for democratic institutions to affect change.

Jim Killock

  • Discussed who is behind the Don’t Spy On Us campaign
  • Discussed the six key principles behind the campaign
  • Contrasted DRIP and the CRD – pressure was put on to rush the bills through
  • There is an immense risk in making judgements in haste
  • Every time the debate about surveillance comes up, Snowden (meaning his revelations et al) creeps into the picture
  • Every time this happens, the haste to pass the laws without debate for “national security” reasons pushes Snowden further away from being discussed
  • The Conservatives are committed to reviving the CRD after the general election. This is an opportunity for debate
  • All other parties need to challenge what’s happening both with the CRD and the attempts to stifle debate
  • Legal challenges are going forward – routine data is being collected to determine journalists’ sources

  • Political parties need to keep the pressure on by reminding the government that –
    • Machine processing of data is more dangerous than human review
    • We. are. all. being. tracked.
    • We. are. all. being. lied. to.
    • Parliament has been lied to.
    • The executive has been lied to.
  • There should be democratic outrage, and there will be over the abuses that will flow over the next couple of years
  • The devolution promised post-indyref, as well as the discussion it has sparked across the UK, can play a critical role in attacking mass surveillance

Debate

  • Julian Huppert, responding to Eric Metcalfe’s criticism, said the Lib Dems got a RIPA review package that was better than it would have been otherwise. This includes a sunset clause and guidelines about transparency. All data must now be kept for “no more than 12 months” as opposed to two years. It gives fewer government authorities access to the data. In a coalition do you go for the best possible outcome, or a bad outcome that you can make a stink about.
  • Julian Huppert: we have a critical period of two years to come up with something that works. Huge opportunity.
  • Eric Metcalfe: Can we afford to wait two years?
  • Eric Metcalfe: Politicians should be asking themselves how these laws can exist without causing constitutional conflicts
  • Theresa May’s attack on the Human Rights Act is a direct part of the attempt to justify state surveillance, as it is European human rights law that rules most state surveillance illegal (e.g. DRIP)
  • Ewen MacAskill: surveillance is invisible – we all expect it to be happening anyway – explains the lack of public response
  • A thought that crossed my mind which Ewen MacAskill vocalised five minutes later: some security service, somewhere, is using the mobile data of every one of us to note that we are in a room together. We are being triaged right now.
  • Audience member: the white elephant is the Americans – even if we completely reform our laws, the UK will just get all that siphoned data from the US – do we need a transnational framework? (My thought – we already do – 5 eyes – that’s the problem!)
  • In the UK we have not had the debate about why we have human rights – we are only debating it now because they are under threat. Theresa May exploiting anti-immigration sentiment to gain more state powers.

And finally, the clearest thought of the evening was the closing one:

  • Jim Killock: “It is only by public persuasion that we will tackle this.”

It’s the metadata, stupid

During the debate it hit me. The entire debate about online privacy has been wrong. We’ve been led to obsess over cookies, and sharing your location on whatever, or keeping your Bluetooth on, not to mention being mindful of what we choose to share on social media. Yes, all of those are valid concerns, and all of them are important.

But that information is important because humans read it. Meanwhile, we are bleeding metadata with every keystroke, and that is what they are hoovering up. That is what they are storing, and processing, and analysing, and triaging into relationships. That is why a five nation security apparatus spends billions of dollars tracking every one of us without our knowledge or consent.

The focus on social privacy has been a right-wing-esqe blame game about personal conduct and responsibility for checking app settings. And yet all that time…

Down a dark and winding road

So as I mentioned, I ran late to the event. I got lost trying to find it. It was a very poor choice of venue, a pretentious artists’ warehouse with minimal lighting and signage located at a literal dead end next to the railway tracks. Getting there meant walking down a deserted post-industrial road and through an empty trading estate, which is not cool when you are a woman alone on foot on a Sunday night. If it had been darker I would have said “to hell with this” (or a fresher Glaswegian version of the expression) the minute I saw the estate and gone home.

All of that being said, as Ewen MacAskill related the now familiar stories of watching Guardian computers being smashed up by spooks who knew perfectly well that the data was elsewhere, and of Glenn Greenwald’s partner being detained under terrorism laws at Heathrow, I could not help but wonder if the venue choice and the stress of getting there were bits of divine ordering. Yes, for a while, I was made to feel that my personal safety and security were at risk. What’s that compared to what they have had to go through every day as a result of making their stand? Yes, I had to pay a fortune to get home in a taxi due to the lack of Sunday night public transport in Glasgow. But I knew I could get home, and that my family would be there safe and sound. Ewen MacAskill visited Ed Snowden in Moscow because Ed Snowden can’t ever go home again.

You could even choose to see something symbolic in the location. The discussion about stopping state surveillance and tracking had to take place at night, in an airless warehouse, at the end of a deserted road, as if we were the people who had done something wrong. That conversation should have taken place in the city centre, in a large and well lit hall, attended by thousands. Instead, we were scurrying around in the dark on the literal fringes of society.

Why should we have to hide?

“It is only by public persuasion that we will tackle this.”

About the author

Heather Burns is a digital law specialist in Glasgow, Scotland. She researches, writes, publishes, consults, and speaks extensively on internet laws and policies which affect the crafts of web design and development. She has been designing and developing web sites since 1997 and has been a professional web site designer since 2007. She holds a postgraduate certification in internet law and policy from the University of Strathclyde. Learn about hiring Heather to write, speak, or consult.