12 Mar 2015

Surveillance declared legal – but would a new law change anything?

Here are the three killer arguments you need to understand about today’s surveillance story – a parliamentary report that declares the UK’s current data spying legal, but demands much better transparency:

1. Gathering vs reading

The intelligence agencies don’t regard hoovering up your emails, web searches and Facebook status updates as surveillance. It only becomes surveillance, they argue, when they actually look at it.

To use a traditional analogy: it’s OK to pull in and copy every letter which passes through the UK, so long as you don’t open the envelopes.

But here’s the problem: the Intelligence and Security Committee (ISC) also says that GCHQ, the UK’s data surveillance centre, uses bulk interception to “find patterns and associations, in order to generate initial leads”. So even if a letter you sent remains unopened, the fact that you sent it to someone they’re interested in can make you an “initial lead”.

12_gchq_g_w

As I look around the Channel 4 Newsroom, I can see at least a dozen people who, through our work on terrorism, serious crime and security, would become legitimate targets for surveillance under those definitions. That’s something which can seriously hamper our ability to get accurate, in-depth news out to our audience.

2. UK vs Rest of the world

There are different rules about what the spy agencies can do in Britain, compared to the rest of the world.

So when the ISC says the intelligence agencies can only look at the communications of Brits with a warrant from a secretary of state, that’s correct.

But outside the UK, GCHQ can – apparently within the law – hack into the personal email accounts of innocent tech workers, infect the computers of communications companies in the EU, and steal the codes that are meant to keep our mobile phonecalls confidential, according to leaks from Edward Snowden .

It’ll be interesting to see whether the new, replacement law suggested by the committee gives the same protection within and outside the UK.

3. Content vs communications data

Traditionally there’s been a distinction drawn between the content of a message and the “communications data” around it (who sent it to whom, when and where).

The ISC has made the novel new category of Comms Data Plus, which is location information and websites you’ve visited.

If the ISC gets its way, this information will be given extra protection compared to normal comms data.

Follow @geoffwhite247 on Twitter