Our communities are under threat, what are we going to do?

Image c/o Paulo Valdivieso.

Image c/o Paulo Valdivieso.

The murder of the Labour MP Jo Cox in the build up to the EU referendum vote was a shocking and disturbing act conducted by a man who appears to be a far-right extremist with a fascination for the Nazi regime (I’m being deliberately careful with my wording due to the ongoing court case – I am no legal expert so I prefer to err on the side of caution). It is impossible to view this act without placing it in the context of a renewed neo-Nazi far-right menace that has grown in Europe and overseas. In some ways, discussing this case in the context of the ethics of library work seems pretty ridiculous. But there is a convergence of issues here that highlight the extent to which we are currently failing our communities and urgently need to take steps to protect them.

As noted above, newspapers reported that the defendant in the court case had accessed a range of resources related to extremist political viewpoints. How did this detail emerge in court? It is claimed that his fascination was identified by investigating his internet usage at his local public library.

The jury was told that the day before Cox was killed, the defendant had gone to the library in Birstall, where he had used a computer to access a number of items, including the Wikipedia page for an online publication called the Occidental Observer.

This is a troubling development, yet unsurprising given the extent to which libraries are not a safe space for anyone (although they certainly should be). Of course, it’s difficult to be concerned about an invasion of privacy against such an individual. He committed a vile, murderous act. But we have to be careful here, particularly in terms of our current environs, not to make exceptions when it comes to what should be core to our ethical principles. We cannot, and must not, pick and choose whose privacy should be invaded in pursuit of justice.

The case will be made that accessing Thomas Muir’s internet browsing history has provided proof of his far-right extremism and murderous intent. But can this really be so? Can murderous intent be deduced from looking at the browsing history of an individual? This is the premise upon which not only the Prevent strategy is built, but also the Investigatory Powers Bill. That if somehow we could observe internet users, see what they are accessing, we (the state) can intervene and prevent a terrorist atrocity. If we accept that accessing Muir’s internet history is necessary in order to prosecute, then we accept that privacy in accessing information is no longer tenable. Indeed, we play into the very hands of those seeking to justify both Prevent and the Investigatory Powers Bill. We need to ask ourselves serious questions here if we believe this act is justifiable, and we need to return to CILIP’s ethical principles and consider to what extent we are serious about upholding them.

If we decide that we are not serious about upholding them, then we are putting our communities at very real, very serious risk. We are living in a period where the far-right are rising to prominence with alarming speed. Where they are gaining ground not only in Europe, but in the United States following the election of Donald Trump. The consequences of this are stark. Minorities are placed in greater danger. Lives are at risk. We are witnessing, once more, the rise of an authoritarian, anti-libertarian strain of right-wing populism dressed up as libertarianism. That the neo-Nazi right have achieved this under the guise of advancing liberty (posing as libertarians) makes their rise to prominence even more cynical and deadly. It is in this context we must consider both Prevent and the Investigatory Powers Bill and the impact they will have upon our work and, more importantly, our communities.

One of the oft used defences of mass surveillance is the illogical maxim that “if you have done nothing wrong you have nothing to fear”. Such naïve sentiment obscures the obvious: you are not the one that determines whether you have done wrong. The state does. It also obscures another truism – the state is fluid, not fixed. Liberal democracies do not remain in situ for perpetuity. They are always at risk of collapsing. History demonstrates the extent to which this is the case and recent events have demonstrated just how precarious liberal democracies actually are. It is this that should always be kept in mind when we discuss mass surveillance and it’s this we should be alert to when we consider our current environs.

The rise of the far-right in Europe and the United States is a warning sign about the acceptance of mass surveillance. There is no doubt, thanks to the work of the NSA and GCHQ, that we have the infrastructure in place for a truly efficient and ruthless fascist state. In a liberal democracy, you have the luxury of debate over its efficacy and its relationship with ethical concerns. In a fascist state you have no such luxury. It is used to persecute minorities. There is no debate. There will be no dismantling of the surveillance state under the fascist right, rather it will be ramped up and used in ways that make the previous warnings about the dangers of developing a surveillance society seem like stark understatements..

This is why it is vital to consider where we are in relation to the ethical principles clearly stated by the body that represents us. We are tasked with ensuring the intellectual privacy of our patrons. Our failure to do this in a liberal democracy is one thing, our failure with a rising fascist movement is quite another. Our failure to tackle this question firmly and consistently will put lives at risk. If we accept that, in a liberal democracy, it is justifiable to interrogate the internet history of those perpetrating vile crimes, then what precedent is being set for democracy less liberal, less tolerant, more fascistic?

I put much of the blame of our current malaise at the feet of professionals who have abandoned ethical principles in favour of money and prestige. This cuts across all professions. It’s led to the creeping privatisation of our health service, the academisation of our schools, the erosion of civil liberties and the destruction of our public library network. In many respects, it’s long since passed the point of no return. But if we don’t act on our principles now, if we don’t protect our communities, the far-right will take advantage. They are coming for the people we should be protecting. The success of the far-right in the United States was the latest in a series of lethal blows to our communities. It’s time we stood side-by-side with them and asserted that we can no longer tolerate such incursions and that we will not throw them to the wolves.

Theresa May, The Opposition and the threat to librarianship

Mass surveillance is a serious threat to the ethical principles of librarianship and the communities we serve. (Image c/o Thomas Hawk on Flickr.)

Despite not being a member of the professional body, one of my current favourite documents (there’s a series of words you don’t often see next to each other) is CILIP’s Ethical Principles for Library and Information Professionals (bear with me). Two elements particularly stick out for me and have become key elements of the presentations I have been delivering lately (and will deliver in the future):

3. Commitment to the defence, and the advancement, of access to information, ideas and works of the imagination.

8. Respect for confidentiality and privacy in dealing with information users.

The post-Snowden era has resulted in a very clear and serious threat to these ethical principles. Indeed, I would argue that we have largely failed in this regard following the introduction of internet access in our libraries (in whatever form the library takes). Under conditions of mass surveillance it is clear: we cannot defend access to information and we cannot ensure the privacy of our users without providing the tools to ensure online privacy – whether that be through the availability of privacy enhancing tech in libraries or through working with users to provide them with the skills and knowledge with which to do so.

The current lay of the land politically suggests that this problem is not about to go away, it is actually going to get much worse. The elevation of Theresa May (presented as a kind of softer One Nation Tory – see here for more on One Nation Conservatism) certainly suggests that the threats we face to our ethical principles are not about to be brushed away, but instead become more pressing. We know that May has a particularly strident approach to mass surveillance, not for nothing was May named “internet villain of the year” at last year’s Annual UK Internet Industry Awards. It seems highly unlikely that upon becoming Prime Minister, May will suddenly abandon a long-held belief in mass surveillance, a policy that is a very serious threat to our ethical principles as outlined by CILIP. The question is, how will we as a profession tackle this threat.

The signs from the forming of Theresa May’s new cabinet are already pretty clear that the pursuit of mass surveillance legislation is very much still on the agenda. Her appointment of Boris Johnson as Foreign Secretary reinforces this threat. As Foreign Secretary, Boris Johnson will also head up both GCHQ and MI6. Johnson has been an outspoken supporter of May’s drive towards enshrining mass surveillance into law. Only last year he declared in relation to the Snooper’s Charter:

“You’ve got to have a very tough security solution, you’ve got to be absolutely determined to monitor these people. You’ve got to know where they are and who they are talking to.

“I’m not particularly interested in all this civil liberties stuff when it comes to these people’s emails and mobile phone conversations. If they’re a threat to our society then I want them properly listened to.”

I’m not particularly interested in all this civil liberties stuff. And if we are in any doubt that his words match his actions, a quick look at his voting record suggests that he is very firmly pro a strategy of mass surveillance.

As for Theresa May’s replacement, well, I think it will come as no surprise to learn that Amber Rudd is also supportive of the rush to mass surveillance. Generally speaking, where she has turned up to vote, Rudd has generally voted for the “mass retention of information about communications” (or “mass surveillance” if we are to avoid euphemisms). So, both of the key main positions related to the introduction of mass surveillance legislation are very much in the “pro” camp. There is no doubt whatsoever that the government is shaping up to pose very serious threats to our ethical principles, as has been standard practice on the right for some time, ethics are simply a barrier to “progress”. It’s of little surprise to learn that our ethical principles continue to be threatened by a right-wing government, it’s what they do.

But what of the Opposition? Well, it’s not that much better. However, the current attempted coup against Corbyn could result in a unified threat to the ethical principles outlined. Whilst there is not conformity across the Labour Party on this issue (ha), Corbyn at least seems a bit more sceptical of mass surveillance than many of his colleagues. He at least voted to reject the Data Retention and Investigatory Powers Act in 2014 for example. What of the plotters in his party though?

Angela Eagle appears to offer little in the way of opposition in the threat against our ethical principles. Generally speaking, she has voted in favour of the mass retention of information about communications. And what of the other challenger, Owen Smith? Well, Smith has voted consistently in favour of mass retention of information about communications. So, should the coup be successful then it seems pretty clear that both sides of the house will be united in the belief that mass surveillance of the population is necessary. Of course, given the lack of party discipline at present, they will be effectively united even if Corbyn remains as leader because he is unable to command so many of his colleagues. There are really only two options I can see in terms of serious opposition to mass surveillance, the party respecting the wishes of the members and uniting around Corbyn, or mass deselection. Otherwise, mass surveillance is a foregone conclusion and CILIP will need to re-write their core ethical principles – because they will be worthless.

(I feel I should add here by way of caveat…I am not a Labour voter. Nor am I a Labour Party member. I’m not sure Corbyn is the right person to take the Labour Party forward, but I do think his politics are right for the future of the Labour Party. Corbyn may not be the right leader, but he holds the “right” politics. Unfortunately for those seeking to unseat Corbyn, they think both his leadership and his politics are wrong. I think this is a strategic error that will likely end the Labour Party for good. For me, a return to the gentrification of the party to ensure its appeal to the middle class will ensure its final demise in a climate where the working class have been hammered hard. But the fight for the party is not my fight, I am merely an observer.)

Whatever the future holds in this uncertain time, I’d recommend that all information professionals take a good look at those ethical principles and ask the question as to whether they are currently holding true to them. I’d also argue that we need to raise awareness of encryption technologies across the profession and beyond (taking the lead from key figures associated with the Radical Librarians Collective), particularly if we hold that our ethics are worth defending and advancing. We particularly need to be aware of what encryption tools will be effective and which will not, given the proposed legislation heading our way. I hope that CILIP batters the doors of government every single day brandishing those key ethical principles and fights for our profession and the communities we serve. These principles are under serious threat, by both sides, and for the sake of our existence and the sake of the people and communities we support, we must not allow them to become redundant.

Useful Links

Library Freedom Project

Open Rights Group

Privacy International

GCHQ and American attitudes to surveillance…

(Image c/o Christian Payne on Flickr.)

From Wired:

GCHQ’s hacking operations are conducted with little to no oversight and risk “undermining the security of the internet”, leading online privacy experts have warned. Even when oversight is required, GCHQ has revealed that ministers don’t have the technical knowledge to understand what it is doing. Privacy campaigners today described the issue as “a major scandal”.

Details of GCHQ’s hacking operations and attempts to weaken encryption were revealed in a parliamentary committee report into the UK’s surveillance capabilities. The Intelligence and Security Committee (ISC) review, published last week, revealed GCHQ makes the majority of decisions about hacking, and its operations to weaken encryption, internally and without telling ministers exactly what it is doing.

In a passage quoted by the Open Rights Group, the ISC review found that:

No additional Ministerial Authorisation is required for these activities. There are internal procedures: ***. There is no legal requirement to inform Ministers: however, GCHQ have said that they would ask the Foreign Secretary to approve a specific operation of this kind “where the political or economic risks were sufficiently high” (although, in practice, they manage their operations to avoid this level of risk). GCHQ told the Committee that:

The FCO is aware of the activity and the possible political risk, but individual legal authorisations are not required for each operation. The FCO could assess the political risk of a compromise, it is not well‐placed to assess the complex technical risk. Whilst not formally overseen by a Commissioner, the Intelligence Services Commissioner has been briefed on this type of activity where it relates to individual approved operations.

A very disturbing admission about the state of digital surveillance in the UK. And the timing of the statement from ORG could not be more apposite. Whilst we are only just starting to come to terms with the consequences of this, a study in the US has been published that explores the fall-out from the Snowden revelations in terms of how it has affected behaviours as well as how it has impacted upon the relationship between the state and the individual.

The Pew Research Center’s report, Americans’ Privacy Strategies Post-Snowden, provides a comprehensive and fascination exploration of how these revelations have affected US citizens. There is a lot to plough through, but a few things stand out on an initial reading (and, by the way, wouldn’t it be nice if someone in the UK produced the kind of reports that Pew produce on a regular basis, particularly with respect to the Snowden revelations). Top line stuff:

Overall, nearly nine-in-ten respondents say they have heard at least a bit about the government surveillance programs to monitor phone use and internet use. Some 31% say they have heard a lot about the government surveillance programs and another 56% say they had heard a little. Just 6% suggested that they have heard “nothing at all” about the programs. The 87% of those who had heard at least something about the programs were asked follow-up questions about their own behaviors and privacy strategies:

34% of those who are aware of the surveillance programs (30% of all adults) have taken at least one step to hide or shield their information from the government. For instance, 17% changed their privacy settings on social media; 15% use social media less often; 15% have avoided certain apps and 13% have uninstalled apps; 14% say they speak more in person instead of communicating online or on the phone; and 13% have avoided using certain terms in online communications. 

1 in 3 people changing their behaviours is quite significant, and would explain why there are increasing moves to shut down the methods by which people protect themselves. One might also ask how Cameron would deal with 14% of people speaking in person rather than communicating online (given he thinks no form of communication should be free from surveillance).


 

…the public generally believes it is acceptable for the government to monitor many others, including foreign citizens, foreign leaders, and American leaders:

82% say it is acceptable to monitor communications of suspected terrorists

60% believe it is acceptable to monitor the communications of American leaders.

60% think it is okay to monitor the communications of foreign leaders

54% say it is acceptable to monitor communications from foreign citizens

Yet, 57% say it is unacceptable for the government to monitor the communications of U.S. citizens.


In this survey, 17% of Americans said they are “very concerned” about government surveillance of Americans’ data and electronic communication; 35% say they are “somewhat concerned”; 33% say they are “not very concerned” and 13% say they are “not at all” concerned about the surveillance. Those who are more likely than others to say they are very concerned include those who say they have heard a lot about the surveillance efforts (34% express strong concern) and men (21% are very concerned).


 

Some quotes from those who argue that they are unconcerned about surveillance:

“Law-abiding citizens have nothing to hide and should not be concerned.”

“I am not doing anything wrong so they can monitor me all they want.”

“Small price to pay for maintaining our safe environment from terrorist activities.”

All of which, to my mind, underline a certain failure to grasp the nature of the state and its relationship with individuals. Of course, it is not individuals who determine whether what they are doing is wrong. The lie of “if you have done nothing wrong you have nothing to fear” seems to be one of the hardest to shift, despite its fairly obvious naivety about the state. It also underlines that state propaganda is very effective on large chunks of the populace (I’m not restricting that to the US by the way). So long as you keep talking about threats (which are minimal) and highlighting the importance of “protecting citizens” from “dangerous individuals”, some people will continue to believe that the state will protect them and that sacrifices to their rights must be made to ensure that protection. There’s nothing new in this, states have used that particular strategy for centuries: construct an external enemy, convince the populace that the state has the means to protect them, chip away at individual rights under the guise of protection etc etc.


 

Sophisticated tools and techniques are widely available and can help online Americans increase the privacy and security of their online activities and personal data sharing. However, thus far, fairly few have adopted these tools since learning about the programs. Among those who have heard about the government surveillance programs:

10% say they have used a search engine that doesn’t keep track of their search history.
5% have added privacy-enhancing browser plug-ins like DoNotTrackMe (now known as Blur) or Privacy Badger.
4% have adopted mobile encryption for calls and text messages.
3% have used proxy servers can help them avoid surveillance.
2% have adopted email encryption programs such as Pretty Good Privacy (PGP).
2% have used anonymity software such as Tor.
1% have used locally-networked communications such as FireChat.

It’s interesting that despite the fears and clear concern about the surveillance programme, many people are not using the most effective tools to protect themselves (I would include myself in that category if there were a UK equivalent study). This suggests there is a lot of work to do to inform the general public about how they can protect themselves online. I would guess that Barclays’ Digital Eagles probably won’t offer much help here. It seems to me that, and I probably would say this, librarians are well placed to provide this kind of assistance (see Library Freedom Project). Certainly given our professional ethics, this is an area that should concern us and that we should seek to provide solutions to for the general public. There is clearly a need as, looking at the figures, there is concern and a need to seek protection. One would assume that this would also be the case in the UK but, again, there is no such study at present.

I’d definitely recommend going through the Pew stats if you get the chance. There is a PDF report you can download, but lots of interesting stats are summarised over 5 web pages. Will such a study be conducted in the UK? It seems unlikely at this stage, but with the revelations about the activities of GCHQ and how ministerial oversight appears to be virtually non-existent, a study equivalent to Pew’s would be very welcome.