Mass surveillance has proven to be an ineffective tool against terrorists, and yet in the wake of the attacks on the offices of the French satirical magazine Charlie Hebdo, many politicians are calling for even tighter surveillance on private citizens.
In a Thursday column for New Scientist, Open University technology specialist Ray Corrigan explained that mass electronic surveillance will never be an effective means of ensuring public safety, no matter how sophisticated the technology becomes or how granular a level at which officials become capable of examining our lives.
“Prime Minister David Cameron wants to reintroduce the so-called snoopers’ charter — properly, the Communications Data Bill — which would compel telecoms companies to keep records of all internet, email and cellphone activity,” wrote Corrigan. The Prime Minister also wants to ban all forms of encrypted communication like Apple iMessage and the message service WhatsApp.
However, Corrigan pointed out, “Brothers Said and Cherif Kouachi and Amedy Coulibaly, who murdered 17 people, were known to the French security services and considered a serious threat. France has blanket electronic surveillance. It didn’t avert what happened.”
In France, authorities lost track of the extremists just long enough for them to carry out their attack. Surveillance systems are imperfect, Corrigan said, and blanket data gathering is a wildly inefficient way to weed out potential terror suspects. It generates too much useless information to sift through, he said, and often misses vital information that only becomes clear in hindsight.
“You cannot fix any of this by treating the entire population as suspects and then engaging in suspicionless, blanket collection and processing of personal data,” he said. It simply doesn’t work.
In fact, the practice may make populations less safe by generating so much data that it becomes statistically impossible for investigators to spot actual leads, generating false positives at an astonishing rate.
“Even if your magic terrorist-catching machine has a false positive rate of 1 in 1000 — and no security technology comes anywhere near this — every time you asked it for suspects in the UK it would flag 60,000 innocent people,” said Corrigan.
“Surveillance of the entire population, the vast majority of whom are innocent, leads to the diversion of limited intelligence resources in pursuit of huge numbers of false leads. Terrorists are comparatively rare, so finding one is a needle in a haystack problem. You don’t make it easier by throwing more needleless hay on the stack,” he wrote.
In the U.S., a series of revelations from intelligence contractor turned whistleblower Edward Snowden revealed programs through which the National Security Agency is gathering information on average citizens, outraging privacy advocates and opening an international debate on the legality of mass surveillance. Now, in addition to being legally dubious, years into the surveillance programs, the practice of indiscriminate data-gathering has neither caught any terrorists nor prevented any attacks.
On Friday, the American Civil Liberties Union reported on the newly-released results of a year-long investigation by the National Academies: Bulk Collection of Signals Intelligence: Technical Operations 2015.
Neema Singh Guliani of the ACLU revealed that the report showed “the domestic nationwide call detail record program has never stopped an act of terrorism or led to the identification of a terrorist suspect.”
Furthermore, “the report did not find that the resource costs, privacy impacts, and economic harms associated with bulk collection are balanced by any concrete benefits in intelligence capabilities,” Guliani wrote.
“Finally,” she said, “the report acknowledges that there are additional steps that the intelligence community can take to increase transparency, improve oversight, and limit the use of information collected through surveillance.”
In his column, Corrigan wrote that law enforcement agencies need to “use modern digital technologies intelligently and through targeted data preservation — not a mass surveillance regime — to engage in court-supervised technological surveillance of individuals whom they have reasonable cause to suspect.”
“That is not, however,” he insisted, “the same as building an infrastructure of mass surveillance.”