Why librarians need to act on mass surveillance

We need to speak out as a profession against mass surveillance. Image c/o floeschie on Flickr.

Today the Investigatory Powers Bill has its second reading in parliament. The introduction of the Bill is not only a threat to society in general, it poses a serious threat to our profession and, in particular, our commitment to defend the intellectual privacy of our users. We must speak up as a profession to defend the rights of our users and, wherever possible, seek to defend their intellectual privacy.

Ever since the disclosures by Edward Snowden in 2013, I’ve been concerned about the impact of mass surveillance both on our society, and on us as professionals. Disappointingly, there seemed to be little in the way of action by the profession (particularly in the UK – hampered by a professional body that cannot be overtly political), until the Library Freedom Project came along and started making waves in the United States. Inspired by Alison Macrina’s work, I started to consider more deeply the impact of mass surveillance on our communities and the various issues it raised. For me, alongside concerns about intellectual privacy, it highlighted a further aspect of the digital divide: autonomy of internet use. Given the limited amount of literature on the relationship between the digital divide and surveillance, I decided this was an important area to explore more extensively. So, I started reading around and pulling together an extended piece for the Journal of Radical Librarianship on the topic.

The main inspiration for the piece was the article Intellectual Privacy by Neil Richards (which is available OA here and is highly recommended). For me this really crystallised some of the key issues around surveillance and the protection of intellectual privacy (the ability to read, communicate and seek out information without being observed doing so). Aside from the very crucial focus on intellectual privacy and its importance, Richards also highlighted the role of librarians in supposedly developing some of the “norms” of the concept itself. This role seems particularly strong in the United States (where Richards drew most of his examples), with even the ALA taking a role in advocating for the intellectual privacy of individuals through a variety of initiatives.

As well as Richards’ works, David Lyon also played a key role in forming my views. Lyon is a leading figure in surveillance studies and has written a number of invaluable pieces on the topic that, as with Richards, helped to clarify my thinking (see, for example, his paper on understanding surveillance today). For example, Lyon’s definition of surveillance was particularly useful in understanding how surveillance operates upon individuals. For Lyon, surveillance is about the “focused, systematic and routine attention to personal details for purposes of influence, management, protection or direction”. It’s interesting (yet unsurprising in some respects) the extent to which surveillance within the UK is seen as primarily about protection, with little consideration with regards to how mass surveillance controls or “manages” individuals (or maybe we just don’t care that it controls us). What I also found particularly useful here is that Lyon’s definition doesn’t solely apply to the mass data collection by the state, it also relates to that growing phenomenon: corporate surveillance.

Surveillance and ethics

Clearly, there is a conflict between intellectual privacy and mass surveillance. If you exist in the conditions of the latter then you clearly cannot have the former. For society it presents a serious issue – for librarians it presents a critical issue that gets to the core of our professional ethics. If we cannot (or do not) protect the intellectual privacy of our users, then we are failing as professionals. Indeed, given we exist in a state of mass de-professionalisation, where volunteers are seen as adequate replacements for “expensive professionals”, we are rather making the case for our own extinction. If we do not have a set of ethics and professional values that we not only espouse but actively promote, what makes us any better than a volunteer?

In terms of the profession in general, there are clear guidelines from organisations representing our profession regarding the conflict between mass surveillance and our ethics. In 2005, for example, the Chartered Institute for Library and Information Professionals (CILIP) produced a “Statement on intellectual freedom, access to information and censorship” and endorsed the Council of Europe’s ‘Public access to and freedom of expression in networked information: Guidelines for a European cultural policy’. The Council of Europe’s guidelines clearly stated that individuals are to “decide for themselves what they should, or should not, access” and that those providing the service should “respect the privacy of users and treat knowledge of what they have accessed or wish to access as confidential”. Furthermore, the International Federation of Library Associations and Institutions (IFLA) advised in their ‘Statement on Privacy in the Library Environment’ that information professionals have a responsibility to “reject electronic surveillance”, provide training on “tools to use to protect their privacy” and “respect and advance privacy at the level of practices and as a principle”. The message is clear, we have an obligation to ensure the privacy of our users and to provide them with the tools necessary to enable them to ensure the can defend their intellectual privacy.

Tackling the digital divide

This task is made even more urgent given the nature of the digital divide. We know well enough that access isn’t merely enough, but that individuals also require the skills with which to exploit the internet to their own advantage. In a report published in 2014, the BBC found that 1 in 5 adults lacked the four basic skills (send and receive emails, use a search engine, browse the internet, and fill out an online application form). Given that the most disadvantaged are most likely to be affected by mass surveillance it’s clear there is a need to provide the necessary support to ensure that everyone is able to ensure their intellectual privacy, not merely those with the means by which to do so. What is clear, post-Snowden is that the digital divide is as much about the gap between those who can protect their intellectual privacy and those who cannot, as it is about having the skills to be able to use the internet to benefit individuals economically, educationally and in terms of healthcare.

We, as a profession, have a clear commitment to tackle the digital divide. We play a crucial role in levelling the playing field, ensuring both access to the internet and support as individuals seek to exploit it to their own advantage. This crucial role is, of course, being undermined by the delivery of such support by the private sector, in particular banks (see Barclays Digital Eagles). Of course, corporations have no interest in ensuring privacy of the individual online, because greater privacy results in the exposure of less personal data which large corporations can exploit to drive profit. We, as a profession, are not beholden to share-holders. We have no reason to expose our users’ personal data for exploitation. We have ethical obligations not to expose the reading habits of our users. It is this that distinguishes us from banks and from volunteer run libraries.

It is, therefore, incumbent on us as library and information professionals to develop our skills with regards to online intellectual privacy, to seek to defend the intellectual privacy of our users and, more broadly, to speak out against government legislation that attacks our professional values as well as posing a threat to society in general. We have an obligation as professionals to defend intellectual privacy and to ensure that it is not only a value afforded to those endowed with social, cultural and economic capital, but also to the most disadvantaged and vulnerable in our communities. If we are serious about tackling the digital divide in all its manifestations, then we need to be serious about ensuring autonomy of use for all. So long as our communities are vulnerable to mass surveillance we will not achieve true equality of access to the internet and the wealth of information it provides. That is why we must act.

 

Clark, I. (2016). The digital divide in the post-Snowden era. Journal of Radical Librarianship, 2, 1-32. Retrieved from https://journal.radicallibrarianship.org/index.php/journal/article/view/12/24

The permanence of corporate surveillance

Image c/o Barbara Friedman on Flickr.

I’ve been thinking a lot recently about the nature of surveillance now as compared to how it operated in the pre-internet era (if we can even imagine such an era even existed). Surveillance is, of course, an age-old technique employed by the state to protect, to control and to manage. In many respects, the Snowden revelations shouldn’t have surprised us in the least. Did anyone really believe that a mass communication tool could be introduced without the state wishing to have a poke around in what was being communicated? Perhaps the only real surprise was the scale. Nonetheless, history provided us with the clues.

However, we can draw a very clear line between the kind of surveillance that was popularly recognised before 2013 and that which has come to light post-2013. The first, and most obvious, point to make is that surveillance has historically been targeted, not indiscriminate. Targets were identified and surveillance approved and conducted. It may be against particular groups, or specific individuals, but it was always targeted. Now, however, everyone’s communications are subject to collection and scrutiny. We are all, to a certain extent, suspects.

The other clear difference is the fluidity of the nature of our surveillance regimes. It is not merely the state that collects vast amounts of data about our activities, the corporate sector also gathers huge amounts of information about what w do, where we go, who we talk to etc etc. This data does not reside securely in the hands of corporations however. We know, following Snowden, that much of the data private corporations collect about our activities is also accessed by the state, either with or without the consent of said corporations. Thus we find ourselves in an environment of what has been described as “liquid surveillance” – a fluid state of surveillance where data flows, particularly between the state and corporations.

But there is a further difference between that which occurred pre-Snowden and that which we know post-2013: the permanence of it. Before the emergence of the internet, the course of surveillance wasn’t always unimpeded.  There were concerns and efforts to limit its scope or even to roll it back. The use of wiretaps in the United States is a good example of surveillance strategies being strongly criticised and, ultimately, rolled back.

Back in the early part of the 20th century, there was outrage about the federal use of wiretapping. This outrage wasn’t restricted merely to the strands of libertarianism on the left and the right (such as the right can be described as “libertarian” when it argues for the replacement of state authority with corporate authority), it cut across the entire mainstream of political opinion. Conservative newspapers were as outraged as the liberal press. The outrage was such that, in 1934, the Communications Act federally outlawed the use of wiretaps (reinforced by a Supreme Court ruling in 1939).

Although these safeguards were whittled away by successive administrations (Democrat and Republican), there was still a sense at the heart of the establishment that surveillance must be limited, at least this was the case publicly if not privately. In 1967, for example, the President’s Commission on Law Enforcement and Administration of Justice stated that “privacy of communications is essential if citizens are to think and act creatively and constructively” (the mere fact that our current government thinks privacy of communication is unnecessary suggests they rather don’t want citizens to think and act constructively…). Privacy of communications is crucial in a democratic society, the fact that this was endorsed by the President’s Commission underlines the extent to which this was hardly a view taken by a few radicals outside the mainstream. It was, to all intents and purposes, a conservative viewpoint on the impact of such intrusions. The big difference now, I think, is I couldn’t envisage such an acknowledgement or a restriction upon contemporary forms surveillance.

The emergence of the notion that information is a commodity has changed all this. In a capitalist society, where information/data has value, where the harvesting of such data can produce profit, corporations are obliged to seek out that commodity, secure it and draw profit from it. Any effort to inhibit this will surely be resisted, both by the corporations themselves, and their allies in the political elite (particularly on the right of course). It is simply not possible to imagine a situation where the current environment is over-turned. Pandora’s box has been opened, there is no way we are going to be able to put everything back inside. Corporate surveillance is, therefore, a permanent state of affairs. It will never face the legislative restrictions that wiretapping faced in the last century. No, it is a permanent fixture because a commodity that drives profit will not ever be restricted so long as capitalist orthodoxy is dominant. Therefore, in a state in which data flows between the state and corporate bodies, it is hard to imagine that surveillance in a capitalist society can ever truly be curtailed.

We may well be able to limit the extent to which the state directly collects data on individuals, but will we ever really halt access to data that we have voluntarily surrendered to profit-making entities on the internet? Is it possible to prevent this in a capitalist society? It seems to me that it probably isn’t. Whilst a large state society results in intrusive state surveillance, surely a free market, “libertarian” society would result in wide scale corporate surveillance (under the guise of being voluntary…”voluntary” being a notion to which right-libertarians have a liberal interpretation)? And as we edge towards an extreme free-market state, won’t such surveillance become permanent and inescapable? Perhaps, under capitalism, corporate surveillance is here to stay?

Surveillance, libraries and digital inclusion

surveillance

Librarians have a key role to playing in terms of digital inclusion and protecting intellectual privacy. [Image c/o Duca di Spinaci on Flickr – CC-BY-NC license]

Towards the end of last year, I was privileged to be invited to talk at CILIP’s Multimedia Information and Technology (MmIT) Group AGM about digital inclusion as a representative of the Radical Librarians Collective (see the presentation below – which includes a list of recommended reading!). The invitation was well timed in terms of coming up with a focus for my talk as I have spent the best part of 5 months working on a journal article for the Journal of Radical Librarianship on the digital divide (which, pending peer review, will hopefully be published in the early part of this year). Specifically, I’ve been interested in looking at digital inclusion from a slightly different angle, that of the divide in terms of state and corporate surveillance.

As followers of this blog will know, I’ve been talking about surveillance and the Snowden revelations for some time now. Concerned about the gathering of information about us, whilst the state seeks to limit the amount of information we obtain about them, I’ve mainly been focused on the impact this has in terms of our democratic processes. However, since the emergence of the Library Freedom Project (founded by the awesome Alison Macrina), I’ve been increasingly interested in the role that libraries and librarianship has to play in this area. It seems to me, that the disclosures have to expand the terms by which we define what the digital divide is. Whilst there has always been a focus on access, and on skills, there must be greater attention on what people actually do online and, furthermore, the extent to which individuals are able to act freely in terms of seeking information.

Being able to seek out information that offers alternatives to the status quo (indeed, not just “offers” but challenges) is vital in a democratic society. Without the ability to seek out and understand alternatives, it is hard to accept that our society can possibly be described as “democratic”. What is clear from Snowden’s disclosures is that the ability to seek out information and communicate with others whilst ensuring your intellectual privacy is increasingly difficult. Difficult unless you have the skills and knowledge with which to defend your intellectual privacy.

I tend to think that I am fairly skilled in terms of using the internet. I can seek out information quickly and efficiently, I can provide assistance for others, I am fairly innovative in the ways in which I use certain online services. What I lack, however, is the skills necessary to really ensure my intellectual privacy, to defend myself against state or corporate surveillance. I have some skills, I have some basic knowledge, but I don’t know how to protect myself fully. And yet I consider myself reasonably skilled. What about those that have difficulties in using the internet in a basic way? What about those that struggle to do the things that I take for granted? Aren’t they even more exposed to state and corporate surveillance? Isn’t their intellectual privacy even more under threat? Surveillance tends to affect the most disadvantaged to the greatest extent, is intellectual privacy something only for the privileged?

I don’t want to get into this even further here (wait for the longer version!), but I do think there are issues here about the nature of the digital divide and how we should view digital inclusion post-Snowden. There was a time when it was considered fanciful that librarians could even consider to provide the sort of skills that the state may see as a threat to the status quo. However, the efforts by the Library Freedom Project in the United States underlines that this is no longer the case. If librarians in the United States, the home of the NSA, can help people defend their intellectual privacy, why can’t we do the same in the United Kingdom? I’m not suggesting that we can collectively as a profession start setting up Tor nodes in libraries or teaching people how to use encryption technologies, but we need to have the debate about how we ensure the intellectual privacy of everyone in our society, not just the privileged few.

CILIP’s Ethical principles for library and information professionals states that we must have a:

“Commitment to the defence, and the advancement, of access to information, ideas and works of the imagination.

If we are to defend and advance that access to information then we must, in my mind, do whatever we can to defend the intellectual privacy of everyone.

You can also download a PDF version of this presentation here [PDF – 6.29MB].

Recommended Reading

Coustick-Deal, R. (2015). Responding to “Nothing to hide, Nothing to fear”. Open Rights Group.
Gallagher, R. (2015). From Radio to Porn, British Spies Track Web Users’ Online Identities. The Intercept.
Murray, A. (2015). Finding Proportionality in Surveillance Laws. Paul Bernal’s Blog.
Richards, N. M., (2008). Intellectual Privacy. Texas Law Review, Vol. 87.
Shubber, K. (2013). A simple guide to GCHQ’s internet surveillance
programme Tempora. Wired.
@thegrugq. Short guide to better information security.
@thegrugq (2015). Operational Telegram.
Whitten, A. & Tygar, J.D. (1999). Why Johnny Can’t Encrypt: A Usability Evaluation of PGP 5.0.

Library Freedom Project. Privacy toolkit for librarians.
Let’s Encrypt.
Electronic Frontier Foundation
Digital Citizenship and Surveillance Society
Surveillance & Society (OA journal).
The Digital Divide in the post-Snowden era (a micro-blog curating interesting links and resources – by me!)

Douglas Murray – our generation’s greatest defender of free expression?

(Image via Marco Bernardini on Flickr)

“If you cannot lampoon bad ideas it means you can only lampoon good ideas. If you must refrain from insulting targets which might harm you then you will be limited to only insulting targets which are harmless. The problem then is not simply that you let bad ideas get a free pass; it means bad ideas have the opportunity to win.”

 So wrote Douglas Murray in his passionate defence for free speech. Passionate, yet also hypocritical because Murray only defends free speech when it hurts minorities, not when it threatens power.

You may have come across Murray before on those light-weight political chat shows. With his perfect pronunciation and calm authority, he comes across as a serious intellectual force to be respected. But then we remember the context: these are light-weight political chat shows. It is not difficult to come across as a heavy hitting, respectable intellectual when it comes to these kinds of programmes. The reality is, when you listen a little closer, Murray is almost paper light when it comes to intellectual rigour.

Take his piece the above quote was taken from. Murray also writes:

“Simultaneously in the media there are supporters of the former NSA contractor Edward Snowden who portray his theft and dissemination of thousands of British and American national security secrets in such a light. At very few times in history would freedom of expression and the “freedom” to steal vast swathes of secret government information and then dump it in such a fashion that only enemies of the state could gain from it have been confused. But they are widely confused here, and it represents only a portion of the mix-up.”

And this is where Murray’s shakey ground reveals itself. We can have freedom of expression when it comes to insulting Muslims and their “bad ideas” but when it comes to the state and its “bad ideas” there are limits. Where these bad ideas threaten individual liberty, they must be defended rather than exposed. The limits of freedom expression must be determined by our security services, who should be free to constrain any expression that seeks to undermine the state surveillance network.

Back when Snowden’s revelations came to light, Murray was critical of the papers that published details of the information exposed by Snowden. In one article, Murray asserted that the editorial team at The Guardian, including Alan Rusbridger, were either “grossly negligent” or “worse than criminal”. That’s too say that, according to Murray, publishing a story about a bad idea and criticising this bad idea was “criminal ” which seems at odds with his proclaimed belief in the absolute values of freedom of expression.

The problem with Murray is that he defines freedom of expression in very narrow terms. It is ok to ridicule Muslims or to publicly criticise their faith and belief system (Muslims are a frequent target for Murray), but is not OK to expose the state and state actors to the same standard. For Murray, we must not be permitted to either expose or criticise state activity that threatens our civil liberties. Some “bad ideas” get a free pass. For Murray it’s the “bad ideas” of the powerful that warrant a free pass. If we reduce freedom of expression to only being able to criticise and ridicule the powerless rather than the powerful, then that is no freedom at all.

An Age of Information for them, but what about us?

“An amendment to the constitutions of all nations and Article 19 of the Universal Declaration of Human Rights.” Proposed by Adbusters. (Image used with permission from Adbusters.)

A little while back I wrote a post pondering whether the internet has, in terms of the way we are governed, been an opportunity missed. For me, the arrival of the internet had the potential to revolutionise our political life. In democracies it offered the opportunity to more closely connect the governed with the governing and in totalitarian regimes it offered the opportunity to breakdown barriers and help to shape a society that is more open and democratic. Whilst the internet has helped facilitate communication between citizens, and led to a degree of change in the way we are governed, the changes have, as has been the case throughout history, benefited the powerful rather than the powerless.

The internet has, undoubtedly, led to a change in the way in which we communicate with each other. We share far more with complete strangers than we would ever have been comfortable with in the past. In many respects, this is relatively harmless. We choose to volunteer certain information about what we are reading, what we are eating, where we are going…harmless information of little interest to anyone.

But, as the NSA revelations have demonstrated, information has also been collected by the state, information that was not publicly published by citizens and instead obtained by tapping into cloud networks. As the Washington Post reported:

…the NSA’s acquisitions directorate sends millions of records every day from internal Yahoo and Google networks to data warehouses at the agency’s headquarters at Fort Meade, Md. In the preceding 30 days, the report said, field collectors had processed and sent back 181,280,466 new records — including “metadata,” which would indicate who sent or received e-mails and when, as well as content such as text, audio and video.

In short, communication between ourselves has changed, as has the amount of information on us available to the state, but the relationship between the governed and the governing has remained fundamentally unchanged.

Indeed, in some respects the NSA revelations might just be a high watermark in terms of informing the governed about the activities of the governing, or at least in terms of the balance between the information available to the governed and that available to the governing. Could it be that, despite the opportunity afforded us by new technology, we have already passed a point where there is a balance in the flow of information between the governing and the governed? Was there even really any balance at all? Will the future see the balance tip ever further in favour of the governing?

It would seem hard to believe that the revelations by Edward Snowden are going to repeated any time soon. Fine words will be said in public, but it seems unlikely that the reaction will be anything other than the tightening of internal procedures to ensure that another Snowden is not on the cards in the future. History suggests that the response will not be to increase transparency, but to tighten the grip on state information, ensuring nothing leaks out that might alarm the governed. Indeed, the fact that both Snowden and The Guardian are faced with calls to be prosecuted suggests that the governing are unlikely to suddenly open up and embrace transparent governance.

On a smaller scale, it is also the case in the UK that the right of the governed to know what the governing are doing is threatened with restriction. The UK has often been seen as one of the most secretive of the Western democracies, certainly more guarded of its internal operations than the United States (whose Freedom of Information Act preceded the UK’s by 35 years).  Whilst the introduction of the Freedom of Information Act in 2001 offered hope that perhaps we were entering a new era of transparent governance, Tony Blair’s regret at introducing it underlines the extent to which it has been introduced with great reluctance and, consequently, there have been frequent and sustained attempts to undermine the legislation.

We see this partly in the way that the current government believes that publication of masses of data negates the need for freedom of information legislation, never mind that it is not solely pure data that the governed wish to obtain. It’s also the kind of information that the state wishes to conceal by using methods which, they believe, circumnavigate existing legislation. And now we understand that the recently replaced Justice Minister, Lord McNally, has indicated that the government is to consult on FoI restrictions. From the Campaign for Freedom of Information blog:

…the Justice Minister Lord McNally says the government is not committed to implementing all the proposals it has put forward but adds “It is however right that we should seek to ensure that the costs the FOIA imposes on public authorities are not excessive, especially in the current economic climate, and are proportionate to the many benefits that the FOIA brings.”

The minister says that the government’s aim “is not a widespread reduction in transparency but to focus on the small minority of requests which are disproportionately burdensome”. However,  the proposals are not targeted at particularly burdensome requests but would restrict access by allusers, including those making occasional requests of modest scope.

The government is still considering the options, Lord McNally says, and will consult the public “in the near future” on those it decides take forward. It seems likely that further moves to restrict the Act are on the way.

So have we reached a point where the information we have access to on the governing is going to rapidly decline, whilst the information the state has on the governed will continue to steadily increase? I may be cynical, but I find it hard to believe that there will be any balance any time soon, and certainly not a shift in favour of the governed. Once the Snowden furore dies down it will be business as normal for the state and our ability to access information on the governing will be severely diminished whilst ours is expanded in ever more complex and secretive ways. The history of the actions of the governing provides no evidence that it will slow down or reverse the collection of data on the governed.

The mechanism available to us through the development of the internet provides us with an opportunity to create a truly open, transparent and democratic system of governance. A system that ensures that the individual is free from state deception and that gives the governed the right to full public disclosure on all matters pertaining to peace, security, ecology and finance. At present the balance is too heavily weighted in favour of information flowing upwards. And that is not to any of our benefits.