Friday 31 October 2014

All that you say and do can be used against you

Taken together, all of your mundane online transactions add up to a whole lot of information

Published 23/03/2014 | 02:30

MONITORING: A security guard watches surveillance screens. Photo: JR Bale
MONITORING: A security guard watches surveillance screens. Photo: JR Bale

There's a positive side to the snooping of the ubiquitous camera. Last week, when some PSNI officers found a woman lying, apparently drunk, in the middle of a road, they – dangerously, stupidly and incredibly – shifted her into a bus lane and moved on. Caught on camera phone. Anyone who saw and reported such an event without hard evidence would be dismissed as a crank, or an anti-police subversive.

Knowing that whatever you do can be broadcast internationally, within minutes, should give people such as those PSNI officers second thoughts, when they encounter similar circumstances.

Far more often, it's our momentary lapses and excesses that are posted online for public amusement. This, however, is no more than a toy version of the truly dangerous surveillance tools of the State and the corporate sector.

The reality of totally unrestrained surveillance surpasses even the most paranoid fantasies of the past. The urge to pry has always been there – the depth and malevolence of the prying is directly related to the capability of the available technology.

And today, with software geniuses selling their souls for big bucks, it's hard to find any corner into which State and corporate eyes cannot pry. If you shop at a major chain, shop online, send emails, save photos to your laptop, go to a doctor, walk down the street or have a row with your nearest and dearest – much of what we do goes on to some hard drive, and is available to people with the right tools. Over there, British GCHQ launches Operation Optic Nerve, using the cameras in

laptops to take shots of millions of internet users. Over here, a garda uses the Pulse system to breach the privacy of a celebrity, or a neighbour.

There's always a half-plausible explanation for the absolute necessity for such prying. Back in the Eighties, a senior garda had only to say the magic letters IRA and any phone in the State was vulnerable. Anyone questioning the necessity for this was categorised as a fellow traveller of the godfathers of violence.

So, the relatively primitive technology of the time was used to snoop on journalists, it was used to snoop on families of suspects, it was used against innocent people whose names popped up on a list.

Tapping journalists' phones was easily justified – some of them wrote about the Northern conflict, and that meant they occasionally talked to people who killed people. It wasn't enough for the gardai to tap the phones of subversives, they tapped the phones of journalists who might talk to subversives, and did so over long periods. On the off-chance that the subversives might blurt out something interesting.

It would be nice to imagine that the snoops switched off the recorders except when subversives spoke, but that wasn't the case. They recorded journalists talking to other journalists, to politicians, to lawyers – in one case, they recorded a journalist talking to a judge.

It's hard to know which is more troubling. The persistent breach of privacy over months or years – all personal and professional calls monitored, with transcripts made – or the fact that the people running the State were so stupid. Such taps were, of course, entirely useless for security purposes.

All that stupid, futile, invasive, intrusiveness required the co-operation of State officials and gardai. Not least, it generated a lot of overtime.

Back then, tapping a phone meant physically connecting with a line, with the snoops switching on tape machines. Today, the technology is a million times more sophisticated. And instead of IRA the magic words are al-Qaeda. The American NSA, in co-operation with the British GCHQ, daily hoovers up data relating to millions of phone calls and emails, using programs such as Tempora, Xkeyscore or Prism.

Corporations such as Google, Amazon and Facebook compile layers of information about their users, for commercial use. Such companies, as well as internet providers, are open to state snoops.

A favourite route of the NSA is to target system administrators. Hack the account of the sys admin of a company, government department or agency and you have access to the entire system. As one spook put it, in a document published via whistleblower Edward Snowden: "Who better to target than the person that already has the 'keys to the kingdom'?"

The spooks tap Merkel's phone, they extract commercial information from global companies. Their software sucks up masses of information – on individuals, governments and companies – from right around the globe.

Merkel complains, then finds out her own BND is co-operating with the spooks. Is there the slightest possibility that an Irish Government, instructed by Washington to betray its citizens' privacy, would dare say no?

At some point, someone will leak another treasure trove of NSA documents and somewhere in there we'll find the truth about the GSOC bugging. Whoever did it, the NSA will probably know by now.

There are two reasons why none of this matters. And one reason why it matters very much.

It doesn't matter because most of us don't care if the spooks read our boring emails. Or harvest tonnes of information on what books we buy, what we look at online, where we work or who our friends are.

We might prefer if they didn't have access to our banking, work and medical records, know our sexual preferences and who we've slept with or what we record in the electronic diary in our laptop. But – as long as we can tolerate not having any privacy – we won't lose sleep over it.

The other reason it doesn't matter is that the sheer volume of data these people suck up each day makes it impossible for anyone to read it all – so, why worry? If they're not looking at the stuff, our privacy isn't breached.

The reason why it matters very much is that they won't do anything with all the individual elements of this data – until some spook needs to. The mantra of "national security" allows them to amass the info, and their software automatically mines it for patterns of behaviour. And years later, you're involved in some public campaign, a law case, a company that's competing aggressively with an American company – and every interesting fact about you, your strengths and vulnerabilities, is weeded out of the data dump and into a one-page file.

You or someone close to you becomes a target, to be influenced, perhaps even blackmailed. When an Irish – or German or French – politician or public official has a meeting scheduled with those who have access to such data, is it remotely possible that no one dips into the vast treasury of data and prepares a file?

Sunday Independent

Promoted articles

Read More

Promoted articles

Don't Miss

Editor's Choice