Fake news and the magic bullet

Image c/o Mike Maguire on Flickr.

A few months back (unbelievable seven months as it turns out), I wrote a piece about the whole “fake news” phenomena and how I see it as a thing. The post generated a bit of discussion online and a fair few tweets drawing attention to it. Such was the interest that I was recently interviewed by a LIS student about my take on the topic for their dissertation following a bit of signposting by someone at their university. This discussion provoked some additional thoughts in me about the emergence of “fake news”, not least in terms of how we understand and critique information sources.

In my previous post I referenced Chomsky and Herman’s Manufacturing Consent, a book that I feel is a key title for anyone wishing to understand the way the media operates and the process of gathering and publishing news. Since then I came across this concise video (narrated by Amy Goodman of Democracy Now!) explaining the five filters of Chomsky and Herman’s “propaganda model”. For those of you who haven’t read the book (or seen the film) the following provides a nice overview of their work:

In summary, Chomsky and Herman identify five filters that determine the news that is presented in the media:

  1. Ownership – the bias created by the ownership of media by large corporations leads to a bias in output.
  2. Advertising – the need for the media to attract advertisers to generate revenue and ensure its survival.
  3. Sourcing –  the sources that media rely on for news content, sources that provide privileged access to government, business etc.
  4. Flak – the efforts by the powerful to discredit those who disagree or cast doubt on prevailing assumptions.
  5. Fear – the mechanism to rally the public around perceived threats that could undermine the interests of the elites.

In many ways, what these filters have traditionally created is “fake news”. As soon as any kind of filter is applied, the information ceases to be a purely factual representation of events and becomes, to a certain extent, “fake”. Fake not because it is wholly untrue, but fake because it doesn’t reflect the reality of a particular situation, merely a reality that has been filtered to represent a particular truth. In the context of a media operating in this way, it is hardly surprising that there has been a growing focus on “fake news” led by the established media which has long filtered news to present a certain truth that chimes with the interests of the elites.

“Fake news” as it’s presented also offers a number of simplifications. For example, it offers the opportunity to present some simple solutions to identify news that is untrustworthy. When the traditional media talk about “fake news” they are establishing themselves as “real news”. They are the voices of authority and only they can be trusted to provide news that is wholly truthful.

Step one in solving the phenomenon: only engage with authoritative sources.

There also comes the question of information literacy: how do we equip people to cast a more critical eye over the growing number of alternative news sources online? The standard response is to reach for the CRAAP test, again, a nice neat solution to a troubling issue:

Currency: the timeliness of the information

Relevance: the importance of the information for your needs

Authority: the source of the information

Accuracy: the reliability, truthfulness, and correctness of the content

Purpose: the reason the information exists

Step two in solving the phenomenon: follow a set of guidelines to evaluate the information.

But this is a rather inadequate way of evaluating information and, for me, rather plays into the notion that the quality of the information can be assessed by following a simple check-box exercise. I don’t think this is realistic, useful or a desirable approach to take when critically appraising an information source.

One of the problems I associate with the way of thinking about news and inaccurate information is that many of those that produces information for the public have been seriously discredited in recent years. Government, the media and the security services (including the police) have all suffered from a collapse in public trust. The Iraq War, phone hacking, Hillsborough…all have contributed to the sense that the establishment is not to be trusted. Pointing out that one media outlet is better than an other will be meaningless to those who see the media as discredited and will therefore only trust sources that reinforce their existing worldviews. Equally information published by government will also be seen as untrustworthy because it is associated with a discredited political elite. Under these conditions, where trust is at a serious low with so many producers of information, is it little wonder that people prioritise sources that reinforce their own views and prejudices?

Rather than CRAAP tests and assorted “this is good, that is bad” approaches, I would argue that a more sophisticated approach is required. Rather than focusing on the sources, shouldn’t a focus on social, cultural and economic capital be fundamental in how people critique and understand information? Would not a focus on these areas play a key role in tackling their prejudices and, therefore, undermine a key element that contributes towards a failure to critically appraise information? Is it less about evaluating the sources and more about people’s lived experiences? When lived experience trumps “authoritative information”, will reinforcing authoritative sources of information not simply be ineffective?

Of course, focusing on social conditions rather than on those disseminating propaganda is more difficult. There’s not a simple answer that provides a sense that we are dealing with the issue at hand. A complex solution also undermines a sense that the “information professional” has the solution, when in reality it is a problem that can only be tackled as a society. As with everything in our society, it’s reassuring to know that problems have readily identifiable solutions. The reality, in my view, is that very often the problems require a certain complexity in their solution. There is no magic bullet.

Public libraries and the UK Digital Strategy

digital inclusion

Are libraries becoming nothing more than data cash cows for the private sector?

Last week the Department for Culture, Media and Sport published its UK Digital Strategy, to much fanfare and eager anticipation amongst those of us with an internet in digital inclusion and how we advance it. The report made mention of libraries as crucial elements in the efforts to advance digital inclusion (yay!), but not quite in the way many of us advocating for public library services would want (boo!). And as for how this strategy squares with the Investigatory Powers Act, well…we’ll come to that. But let’s start with the role of public libraries…

In section two of the report, under the heading “How libraries deliver improved digital access and literacy”, great play is made of the role of libraries. They “have an important role”, they “tackle the barrier of access” and they make “significant inroads towards tackling the combined barriers of skills, confidence and motivation by offering skills training”. All of these things are true, however this role is not the preserve of libraries and library staff alone. As the report makes clear:

“Public libraries work in partnership with charities and private partners such as Halifax, BT, and Barclays to improve the lives of some of the most socially and digitally excluded people.”

They do work in partnership with these private partners and, from the private partners’ points of view, there is a big win for them in doing so. As I’ve pointed out before, the way such skills sessions are delivered is a particular bonus for companies such as Barclays. By guiding the members of the public towards using tools that are, shall we say, less then privacy friendly, it just so happens that they gain a certain advantage in terms of marketing their products. Something, of course, that would not be encouraged had library workers been providing such support (were they to receive the proper funding in which to do so).

Indeed, it seems to me that rather than being places where people can get online and gain the basic digital skills our society increasingly demands, they are becoming a gateway to massive data collection for corporations eager for more and more data to drive their marketing campaigns and, ultimately, to drive growing profits. Let’s make no mistake here, if libraries were properly funded, proper training was provided and the service was delivered according to the ethical principles by which the professional body for librarians guides its members, digital skills would be delivered in an entirely different way.

For example, there is no known reason as to why search engines such as Google or Bing are advocated for over and above alternatives such as DuckDuckGo. They work in a similar way, one is not somehow easier to learn than the other. There is one fundamental difference however. Google is an extremely successful data harvester. Create a Google account, login to your Google Chrome browser, use your Google Mail account and voila, huge amounts of data is being gathered about your online activities. And if you are Barclays, providing members of the public with guidance on using the internet and you just so happen to have additional guidance on the Barclays website, well…there’s certainly an opportunity there for free direct marketing to Gmail accounts. With DuckDuckGo, there is no data. No trail of your search history. You simply search, find what you want and no data is left behind.

As someone who is concerned about digital inclusion, I can only conclude that the current strategy amounts to not getting people online for the benefits it brings to the individuals, but getting more people online to create benefits for corporations and the government. The more people that are online, the more data is created and, ultimately, the more profit is created. Getting people online is good for business. It enables a marketing strategy that is not possible if people remain offline. For little outlay, large corporations like Barclays can get people online, teach them how to expose their data, then take advantage of this for profit and business growth. Let’s not kid ourselves into believing that any corporation is seeking to tackle digital inclusion because, for example, it increases democratic engagement or accrues any other benefit. Likewise, given the Investigatory Powers Act and the mass surveillance it permits, the more online the better the government are able to monitor the people. If you are not online, you are a black hole of data. Get connected, and you become a useful source of information. And what of the Investigatory Powers Act…

On scanning through the report it’s interesting to note that there is not a single mention of encryption technologies. Not one. There is even a section in the report called “A safe and secure cyberspace – making the UK the safest place in the world to live and work online”, it doesn’t mention encryption once. Why? It is the single most important tool available to ensure individual safety and security online. So why isn’t it even mentioned? Because the Investigatory Powers Act is explicitly hostile to it. It wants to discourage encryption technologies wherever possible. Because encryption technologies obscure data from the state. And it doesn’t want your data obscured, because it might be useful for intelligence purposes (it won’t…). Not only is it not welcome for the government, it is also not welcome for corporations. Use encryption technologies and you are obscuring data from them too. Data that they could use to sell you products, to generate sales, to drive profit. Encryption is bad for business when it is used in a way that limits the harvesting of data used for profit. (But good for business when it enables secure transactions they benefit from of course.) As Paul Bernal notes about the strategy document in terms of encryption and safety online:

Which takes us back to where we are in terms of digital inclusion. It seems to me that the overall digital inclusion strategy is not one driven by the needs of the public (if so, why isn’t individual privacy at the forefront of the strategy when privacy is a growing concern?), but driven by the needs of government to get people online for the cost benefits and surveillance benefits it brings, and the needs of corporations that need data to be freely exchanged so that it can be utilised and monetised to drive profit. The needs of the general public are secondary, the prime motivator (for policy makers) is the creation of data. If our libraries were properly funded, if the people working in them were properly trained, that data would not be created on the scale it is when the banks (the banks!!) are providing that kind of support. Which of course, should not surprise us. The weakening of public services is exactly designed to lead to a full consumerist society.

How we prevent this is a more difficult question to tackle. The causes are deeply-rooted in an ideology hostile to public services and strongly in favour of shifting people from being citizens to being consumers. The digital strategy simply makes more explicit the extent to which the government (and corporate Britain) seeks to turn us into consumers driving profits, rather than citizens engaging in the democratic process and using access to information purely for our own benefit. With the sidelining of privacy and individual freedoms in the drive towards a mass surveillance state and in the push towards “digital inclusion”, it’s clear how close that goal is to being realised.

Digital privacy and digital citizens

digital privacy and digital citizenship

Earlier this week, I delivered a talk at the MmIT 2016 Annual Conference in Sheffield about digital privacy and digital citizenship. The talk covers a range of themes (to the extent I think I possibly try to cover too much ground in one short talk), with everything from ethics to democracy to surveillance to encryption touched upon to varying degrees. As is my way, the slides I posted online make little sense to the casual observer, because they are mainly text light and image heavy. So I thought I’d break it down here into various chunks by way of providing context for the talk (out of sheer laziness, all references are all on the slides at the end of this post in the relevant places…where they aren’t, I’ve added them in the text below).

Ethics

I think our ethics as library workers (as outlined by CILIP and IFLA) are crucial to how we see privacy, surveillance and the relationship with democracy. Two ethical principles in particular stand out for me:

“Commitment to the defence, and the advancement of, access to information, ideas and works of the imagination.”

“Respect for confidentiality and privacy in dealing with information users.”

IFLA argue that:

“Library and information services should respect and advance privacy both at the level of practices and as a principle.”

(The key element for me in that quote is the notion that we should “advance” privacy, we should not be passive, we should actively promote and encourage it amongst library users.)

Compare and contrast with what is potentially coming down the track:

“Small-scale networks such as those in cafes, libraries and universities could find themselves targeted under the legislation and forced to hand over customers’ confidential personal data tracking their web use.”

There’s a clear and present threat here to library and information services, in all their forms. If we are required to retain data on the information seeking habits of our users and pass to the security services on demand, then our users have no privacy and we are complicit in its violation. How we tackle this threat to our ethics is crucial, both in terms of our relevance (if we violate ethical principles as a matter of course, what is the point in their existence?) and, more importantly, in terms of the communities that rely on us.

When it comes to ethics and government surveillance policy there are big questions we need to confront and we need to find the answers that defend our communities. Ultimately the communities we serve must take priority over government policy. Governments come and go, the social inequality afflicting our communities never goes away.

What is surveillance?

Surveillance is presented as a tool of protection. It’s a way to protect you, your communities, your country. But surveillance is not solely about protection, it has a number of other effects. David Lyon, a leading figure when it comes to surveillance studies (I’d urge those engaged in labour and information labour to seek out his works on this topic), defines surveillance as follows:

“…the focused, systematic and routine attention to personal details for purposes of influence, management, protection or direction.”

It’s not solely a tool for protection. When we consider it in the other direction, it’s also about influencing, managing and directing. When a CCTV camera is placed on the streets, it’s not merely there to protect citizens, it’s effect is to manage the behaviour of those under its gaze, to make them behave in a particular way. This is the crucial element of surveillance that we need to consider, particularly when it comes to mass surveillance. Its existence, as Foucault argues, is enough on its own. It does not need to be active, its “permanent visibility…assures the automatic functioning of power”.

slide8

History of surveillance

Of course, the use of new technology in conducting surveillance is nothing new. In 1913, for example, suffragette prisoners had their photos taken without their knowledge, photos that were then used to conduct surveillance upon them after their release. The reasoning? They were a threat to the British Empire.

Similarly, in 1963, Robert Kennedy authorised the FBI to wiretap the telephones of Martin Luther King Jr. Following King’s assassination in 1967, Johnson ordered the army to monitor domestic dissident groups. The adaption of new technologies to be utilised for “national security” purposes has a long history. It should have come as no surprise to anyone that the internet would also be used in this way.

But it’s not as though surveillance was pursued uncritically by the state. In a report published in the same year as King’s assassination, the President’s Commission on Law Enforcement and Administration of Justice argued:

“In a democratic society privacy of communication is essential if citizens are to think and act creatively and constructively. Fear or suspicion that one’s speech is being monitored by a stranger, even without the reality of such activity, can have a seriously inhibiting effect upon the willingness to voice critical and constructive ideas.”

Democracy

The ability to communicate and seek out information freely is vital in a functioning democracy. As Bauman notes:

“Democracy expresses itself in a continuous and relentless critique of institutions; democracy is an anarchic, disruptive element inside the political system: essentially, a force for dissent and change. One can best recognize a democratic society by its constant complaints that it is not democratic enough.”

The ability to investigate and critique is crucial, without that ability our system simply cannot be defined as democratic. Post-Snowden we can already see the impact mass surveillance has had on people’s willingness to seek out information on controversial topics. As Penney notes, Wikipedia pages on Al Qaeda et al have seen a marked decrease in views. The consequences of being discouraged from seeking out information on such topics is the impoverishment of political debate, something the National Telecommunications and Information Administration have warned of.

Corporate Surveillance

The growth of the internet has been coupled with the growing importance of data as a commodity. As with all commodities that can be harvested, companies seek to find ways to gather a larger and larger amount of data. As Sadowski warns:

“It has created an arms race for data, fueling the impulse to create surveillance technologies that infiltrate all aspects of life and society. And the reason for creating these massive reserves of data is the value it can or might generate.”

We see this approach taken by companies such as Google and Facebook who seek out new and innovative ways to collect more data that they can use to generate a profit.

Corporations also work with the state, sharing these new innovative data harvesting techniques. For example, Operation Mickey Mouse is a partnership between the Department of Defense and Disney whereby the former studies Disney’s use of technology and works in conjunction to “collect information on Beta testing operations that the popular theme park uses on their customers”.

21st Century Surveillance

Some terms to be familiar with:

The Five Eyes – an intelligence sharing partnership that comprises the United States, the United Kingdom, Canada, Australia and New Zealand.

Karma Police – Initiative launched in 2008 by GCHQ intending to record the browsing habits of “every visible user on the internet”. The system was designed to provide GCHQ with a web browsing profile for every visible user or a user profile for every visible website on the internet.

Tempora – GCHQ programme that led to interceptors being placed on 200 fibre optic cables catting internet data into and out of the UK. Potentially gives GCHQ access to 10 gigabits of data a second, or 21 petabytes a day. Around 300 GCHQ and 250 NSA operatives are tasked with sifting through the data.

slide44

Investigatory Powers Bill

The key thing to look out for here are ICRs (internet connection records). From the Bill:

190 Subsection (9)(f) provides for the retention of internet connection records. Internet connection records are a record of the internet services that a specific device connects to – such as a website or instant messaging application – captured by the company providing access to the internet.

Those that hold the data requested for under the provisions of the bill are also prevented from communicating this request with the individual who created the data requested. So, for example, if a request was made to a public library authority for information regarding an individual’s search history, the library authority would not be able to inform the individual in question. An invasion of their privacy compounded by the inability to flag this violation with them. Ultimately, the Bill undermines the ethical principles by which we should adhere and prevents us from warning our users of any violation of their privacy.

Encryption Technologies

The UK government have been publicly hostile to the use of encryption technologies for some time, despite the fact that such technologies protect every single one of us from rogue states or individuals with malign intent. For David Cameron, the notion that individuals can communicate in private was an affront and a threat. Whereas in reality, in terms of democracy, the reverse is true: invasions of the privacy of communications are a threat and one that citizens should take seriously.

As for Theresa May, the new Prime Minister, she rejects the notion that we experience mass surveillance and yet proposed the investigatory powers bill which legislates for…well, mass surveillance. A bill that has also been rubber-stamped following an “independent” review by David Anderson QC who argued that there was a “clear operational purpose” in gathering large volumes of data about individuals.

The “danger” of encryption

Repeatedly and persistently, encryption has been portrayed as a tool that assists terrorists perpetrate violent acts. This was true in Paris and in Brussels. In both cases, politicians and law enforcement pointed to encryption technology and the awareness of such technologies by the perpetrators as a key component in their ability to plan such attacks. In neither case has it been demonstrated that encryption played a crucial role. In terms of the latter attack, a laptop was found in a rubbish bin, which included an unencrypted folder called “Target”.

There has also not been any evidence in the growth in the use of encryption technologies. A 2015 wiretap report, for example, found a decline in the instances where law enforcement encountered encryption when authorised to conduct wiretaps.

 

Nothing to hide?

Of course, any discussion around security results in the old “nothing to fear” trope being thrown around by those seeking to degrade privacy. This is, of course, a nonsense. Did Doreen Lawrence have anything to hide when she and her family were placed under surveillance as a result of their efforts to apply pressure upon Scotland Yard to investigate the racist murder of Stephen Lawrence?

People of colour, immigrants, welfare recipients and political activists are all in the front lines when it comes to testing out surveillance techniques that are then utilised on the general public. As Virginia Eubanks argues in terms of America:

“Poor and working-class Americans already live in the surveillance future. The revelations that are so scandalous to the middle-class data profiling, PRISM, tapped cellphones–are old news to millions of low-income Americans, immigrants, and communities of color. To be smart about surveillance in the New Year, we must learn from the experiences of marginalized people in the U.S. and in developing countries the world over.”

As true in the United Kingdom and Australia as it in the United States.

And of course, we must remember that the state is fluid, not fixed. It changes and adapts and criminalises. Furthermore, it is not us that determines whether we as citizens have done nothing wrong, it is the state. We simply do not have the power to determine that our actions will not result in sanction by the state. We may believe that they cannot sanction us, but ultimately it is not a decision that rests on our intuition, it rests on the interpretation and actions of the state.

slide76

The tools to help

There are, however, tools that can help protect our privacy. Tor Browser, for example, can help obscure our web browsing, protecting our intellectual privacy as we seek out information. PGP (Pretty Good Privacy) encryption helps ensure that individuals can communicate with each other securely and privately. But using PGP is not easy, it requires effort and a degree of social and cultural capital that not everyone can call upon.

Indeed, for many tools that provide protections, there are difficulties in terms of economic, social and cultural capital. In terms of smartphones, for example, 95% of Apple devices are encrypted by default, only 10% of Android devices in circulation currently are encrypted (estimates from earlier this year). Not everyone can afford an Apple device, and not everyone is aware of how to encrypt an Android device – resulting in what Chris Soghoian describes as a “digital security divide” (which I’d argue reinforces an intellectual privacy divide).

There are also a range of smartphone apps that offer secure communications (or at least claim to). But these must be treated with care. Smartphones are not a secure device for communication, no matter how secure the app claims to be (or how secure the app actually is). They leak metadata like nothing else. Alongside location data, they have a tendency to leak your mobility pattern (ie commuter routes between home and work which can easily identify individuals), calls received, numbers dialled, keywords, mobile device ID etc etc.

Tools such as Signal provide the best protection, but they protect for confidentiality not anonymity. Consequently, there is a need to know which app is best (Signal is a “better” choice than Whatsapp for example). Again, social and cultural capital are key components in being better able to secure communicates and information seeking activities.

Digital divide

Given the extent of the digital divide, it is questionable to what extent individuals have the knowledge and capability to protect their communications and seek information in private. For example, 65% of C2DE households (defined as skilled, semi-skilled and unskilled manual workers and non-working individuals) lack basic online skills (managing, communicating, transacting, creating and problem solving). 42% of internet users use the same password on multiple platforms and only 25% of individuals read a privacy statement before using a service. On the other hand, 39% of internet users claim to be reluctant to hand over personal information before they can use a service.

The role of library workers

Of course, library workers have played a key role in helping to extend digital inclusion. But they have also seen their jobs diminished, libraries closed and services they previously provided outsourced to the private sector, eg Barclays Bank. The consequences of this are obvious. Many private sector companies have no interest in ensuring the privacy and security of individuals on the internet because that limits their opportunities to market towards them or to generate profit from the data they create.

In the case of Barclays, helping individuals create a Google Account then showing them around the internet before closing by directing users to the help guides on the Barclays websites, runs the risk of delivering Barclays ads directly to the individual’s inbox. An individual that, by virtue of the fact that sought our guidance on getting online, will more likely than not lack the knowledge and awareness to understand or limit the delivery of such adverts.

slide103

How library workers can help

A Council of Europe statement (backed by CILIP) on freedom of expression, declared that individuals must “decide for themselves what they should, or should not, access” and those providing the service must “respect the privacy of users and treat knowledge of what they have accessed or wish to access as confidential”. IFLA’s Statement on Privacy in the Library Environment reminded library workers that they have a responsibility to “reject electronic surveillance”, provide training on “tools to use to protect their privacy” and “respect and advance privacy at the level of practices and as a principle”.

The Library Freedom Project in the United States has been leading the way in this area, and slowly but surely it is being recognised in the UK by library workers that this is an area we need to be taking a lead on. The collaboration between Newcastle City Library and the North East branch of the Open Rights Group has shown the way. It is possible to teach privacy skills, to work to protect the intellectual privacy of our users, either within the confines of our work, or outside of it. It is possible. We just need to act collectively to ensure that it happens.

Conclusion

We are in a position to empower our library users, to give them the freedom to seek out information without impediment, to think freely, to exchange ideas freely and, ultimately, provide them with the tools to truly and meaningfully engage with the democratic process. Our ethical principles demand this of us, and we should not falter in resisting government policy that undermines these core ethical principles and that threatens the freedom of our users.

Public libraries, police and the normalisation of surveillance

Police presence in libraries, no matter how abstract, normalises state surveillance. (Image c/o Thomas Hawk.)

In an era of unjustified, economically incoherent cuts in investment in public services, there has been an increasing drive to make various parts of the public sector work together to cut costs (“cut costs” in a very superficial sense of course). One such collaboration that keeps popping up is a partnership between the police and public libraries. An idea that should never even be entertained, let alone discussed as a serious and reasonable proposition.

The latest such proposal is one that would see one particular police force close down its inquiry desks and effectively move them to the local public library service, requiring library staff to assist in the reporting of crimes online for those without internet access at home. According to a statement on the Norfolk constabulary’s website:

The six month trial will run from the end of September in Thetford and Gorleston and will involve library staff signposting customers to police services, while also helping them complete online self-reporting forms, a function which will soon be available as part of the Constabulary’s new website.

Such a move changes the library space from a safe one, to one that is subject to a subtle form of surveillance whereby people’s behaviours are modified by the knowledge that the space is one where the police have a presence, even if in abstract. Effectively, it normalises surveillance. The knowledge that it is a space to report crime impedes the library as a space to freely engage in ideas, particularly in the current political climate.

Take Prevent, for example. A racist strategy that demonises non-whites, it has led to a series of actions that have been an affront to the rights of the individual, particularly in terms of intellectual freedom, both directly and via the culture that it has encouraged. The recent detainment of Faizah Shaheen being a good example of the consequences of not only the normalisation of surveillance but the encouragement to “snitch”.

The experiences of Faizah Shaheen and Mohammed Umar Farooq should serve as a warning to library workers and those providing library services. Where there is a police presence, no matter how abstract it may be, there is a risk to people of colour. Facilitating police reports in libraries has a very obvious and malign consequence. It makes the library a space of authority and control. In an environment whereby people are detained due to their reading habits, using a public library as an extension of the police inquiry desk poses threats not only in terms of people reporting individuals (although this online crime reporting will happen in the library whether the library encourages it or not, the key is the normalisation of the space as a place to interact with the police), but also has an inhibiting effect upon those using the space.

Would a person of colour feel comfortable accessing information or borrowing books if they do so in an environment that encourages and enables the reporting of crime, particularly when reading can lead to detainment under anti-terrorism legislation? Individuals will feel that they cannot access information freely in an environment that has become an extension of the police station (which is partly how surveillance works – controlling and directing individuals, preventing activity from taking place).

This relationship with the police continues to be proposed in authorities across the country. Earlier this week it was revealed that police desks in Angus would be moved into the council’s libraries. And there have also been “community police hubs” (how innocuous sounding) relocating to public libraries. And what’s coming around the corner should very much set alarm bells ringing about the suitability of public libraries and the police sharing space, whether it be abstract or physical.

Earlier this year, it emerged that under Theresa May’s proposed investigatory powers bill, public libraries will be required to store internet users’ records for up to 12 months, again, seriously undermining the library as a safe space for intellectual freedom. Not only does such a move normalise surveillance, making it part and parcel of every aspect of every citizen’s life, but it turns public libraries into a space less about intellectual freedom and more about monitoring citizens on behalf of an authoritarian state. It goes without saying, that this poses a threat to the very notion of intellectual freedom, a notion that public libraries should be actively defending and advancing.

As public libraries increasingly become a place where the state seeks to control and observe the intellectual behaviour of others on the basis of supposed threats posed by organised terror, so public libraries lose their purpose. They cease to become places of exploration and interrogation and become nothing more than repositories of state sanctioned ideas and values. This process of normalisation needs to stop, for the benefit of all the communities we serve.

Post-truth politics and librarianship

To what extent can information literacy address so-called “post-truth politics”? (Image c/o freestocks on Flickr.)

Post-truth politics. Nothing screams zeitgeist quite as much as a blog post about the emergence of “post-truth politics”. At present it seems to be everywhere. Political tweets, articles in national media, analysis by the commentariat. In the aftermath of Brexit and with the emergence of Trump as a presidential candidate in the US, it has almost become a short-hand method by which to describe the current political climate. As someone working in the information profession and being politically engaged, the topic itself is like catnip to me. The notion of “post-truth” as someone who deals in facilitating access to information? How could I not jot down a few thoughts?

A few weeks back I was flicking through a collection of essays by George Orwell (living the stereotype). One essay in particular caught my attention: Looking back on the Spanish War. The Spanish Civil War is a bit of an obsession of mine. Being married to a Spaniard has helped feed this (on top of a history A-level where the study of fascism was the basis of the entire course), and I pretty much seek out as much information as I can on the most romanticised of 20th century conflicts. Orwell, of course, was actively involved in the conflict. Along with many other leftists, he left the UK to join the International Brigades and fight fascism in the truest sense of the phrase.

Reading through his reflections on the Civil War, one passage particularly hit home…forgive me if I reproduce it here in its entirety, but I think it is justified:

Out of the huge pyramid of lies which the Catholic and reactionary press all over the world built up, let me take just one point — the presence in Spain of a Russian army [Note: the Russians provided strategic support and hardware for Republican elements, but did not send in their army]. Devout Franco partisans all believed in this; estimates of its strength went as high as half a million. Now, there was no Russian army in Spain. There may have been a handful of airmen and other technicians, a few hundred at the most, but an army there was not. Some thousands of foreigners who fought in Spain, not to mention millions of Spaniards, were witnesses of this. Well, their testimony made no impression at all upon the Franco propagandists, not one of whom had set foot in Government Spain. Simultaneously these people refused utterly to admit the fact of German or Italian intervention at the same time as the Germany and Italian press were openly boasting about the exploits of their’ legionaries’. I have chosen to mention only one point, but in fact the whole of Fascist propaganda about the war was on this level.

This kind of thing is frightening to me, because it often gives me the feeling that the very concept of objective truth is fading out of the world. After all, the chances are that those lies, or at any rate similar lies, will pass into history.

Orwell wrote these words in 1943.

Post-truth politics is, ultimately, a fancy new term for an age old…truth. In many ways this is hardly surprising. There is a tendency to re-package old ideas and present them as somehow new challenges for a new generation, when quite often they are old ideas that are re-packaged and presented as somehow new [citation needed].

When it comes to Brexit though, I wonder to what extent the vote to leave can simply be blamed on untruths or a sense of “post-truth politics”. Of course perhaps the prime example of the notion of post-truth politics was the infamous Vote Leave bus that suggested £350m being sent to the EU could be spent on the NHS instead. Despite being dismissed as “misleading” by the Chair of the Statistics Authority, the statement clearly influenced some, as demonstrated in this recent piece by Faisal Islam for The Guardian:

“I would go mad if this money doesn’t go into the NHS, I will go mad. I want to be assured that this money – because that’s why I voted to come out,” says Shirley.

But to what extent was the reality of Brexit really about “post-truth politics”? Certainly there are those that were misled, and there are those that would have been persuaded by falsehoods, but by no means can we paint Brexit as solely the consequence of post-truth politics. It is, for example, undoubtedly true that the European Union has adopted and pursued an extensive and damaging economic agenda across the continent. Casting an eye towards Greece is enough to underline the extent to which the EU is hardly a benign, friendly force for good. Economically speaking it is highly destructive. This is certainly a truth for those on the receiving end of the economic brutality. And a truth that is felt by the working class across the continent, those who do not feel the economic benefits so many of us take for granted (can anyone seriously argue that the working class in Greece have benefitted from the EU’s interventions?).

In this respect I was what might be described as a “reluctant remainer”. For me, if it was purely down to the economics of the European Union, I would have voted out. No-one who cares about the poorest in society could possibly consider the anti-democratic and destructive economic policies of the EU and believe that these are things that should be embraced. But then there are the social aspects. I am pro-immigration (indeed, I’m pro-“no borders”), and for me a vote to leave would have had disastrous implications for not only immigrants at home (which given the rise in racism seems to have very much come to pass), but would have given a powerful shot in the arm for far-right movements across Europe (who wasted no time in celebrating Brexit). That I could not countenance. And it was for that reason I voted to Remain. But, there were strong and powerful reasons to Leave, and they were not about “post-truth politics”, but a deeper truth about the reality of how the EU operates.

In terms of how this fits in with our work, would we make much difference here? Certainly, I think librarians clearly have a key role to play in terms of information literacy. We should be out there presenting the facts and working to ensure greater democratic engagement. And when I say “we should be out there” I mean we should be active, we should not just be waiting for folk to come to us in our libraries or institutions, we should be going out to them. Actively engaging wherever possible, working with communities, helping them to make sense of the huge volume of misinformation that proliferates during any political campaign.

But I don’t think better critical thinking amongst voters would necessarily have made a difference in terms of events such as Brexit. Yes there was inaccurate information from the Leave campaign that appears to have persuaded some to vote to leave, but would it have been any different if people were better equipped to assess the information provided? If you see the economic consequences of the EU in the Mediterranean, would you have been none the less persuaded to vote to Remain if you knew that not only were we not spending £350m per week on the EU that could have been spent on the EU, but that Turkey is unlikely to join any time soon and that we would have to join an EU army? Or would these truths make no difference whatsoever? Would the truth of the economic conditions enforced by the EU outweigh such “truths”? Or would the evident democratic deficit? And there are, of course, the racists and xenophobes who will take a racist position and disregard any “truths” that they are confronted with.

“People have had enough of experts,” said Michael Gove. I think we need to hear the voices of experts now more than ever. One look at the state of our media underlines how little the experts are heard, dominated as they are by commentators who pontificate on what they “reckon”. But experts and professionals can’t change realities or affect the lived experience of others. An individual critically analysing information in the run-up to the referendum could just as easily have voted to leave as voted to remain. Criticality and information literacy are not panaceas, but they help shine a light that can be shone into the darkest corners. Ultimately, it is not truth alone that will determine voting intentions, but how heavy that truth weighs.

Theresa May, The Opposition and the threat to librarianship

Mass surveillance is a serious threat to the ethical principles of librarianship and the communities we serve. (Image c/o Thomas Hawk on Flickr.)

Despite not being a member of the professional body, one of my current favourite documents (there’s a series of words you don’t often see next to each other) is CILIP’s Ethical Principles for Library and Information Professionals (bear with me). Two elements particularly stick out for me and have become key elements of the presentations I have been delivering lately (and will deliver in the future):

3. Commitment to the defence, and the advancement, of access to information, ideas and works of the imagination.

8. Respect for confidentiality and privacy in dealing with information users.

The post-Snowden era has resulted in a very clear and serious threat to these ethical principles. Indeed, I would argue that we have largely failed in this regard following the introduction of internet access in our libraries (in whatever form the library takes). Under conditions of mass surveillance it is clear: we cannot defend access to information and we cannot ensure the privacy of our users without providing the tools to ensure online privacy – whether that be through the availability of privacy enhancing tech in libraries or through working with users to provide them with the skills and knowledge with which to do so.

The current lay of the land politically suggests that this problem is not about to go away, it is actually going to get much worse. The elevation of Theresa May (presented as a kind of softer One Nation Tory – see here for more on One Nation Conservatism) certainly suggests that the threats we face to our ethical principles are not about to be brushed away, but instead become more pressing. We know that May has a particularly strident approach to mass surveillance, not for nothing was May named “internet villain of the year” at last year’s Annual UK Internet Industry Awards. It seems highly unlikely that upon becoming Prime Minister, May will suddenly abandon a long-held belief in mass surveillance, a policy that is a very serious threat to our ethical principles as outlined by CILIP. The question is, how will we as a profession tackle this threat.

The signs from the forming of Theresa May’s new cabinet are already pretty clear that the pursuit of mass surveillance legislation is very much still on the agenda. Her appointment of Boris Johnson as Foreign Secretary reinforces this threat. As Foreign Secretary, Boris Johnson will also head up both GCHQ and MI6. Johnson has been an outspoken supporter of May’s drive towards enshrining mass surveillance into law. Only last year he declared in relation to the Snooper’s Charter:

“You’ve got to have a very tough security solution, you’ve got to be absolutely determined to monitor these people. You’ve got to know where they are and who they are talking to.

“I’m not particularly interested in all this civil liberties stuff when it comes to these people’s emails and mobile phone conversations. If they’re a threat to our society then I want them properly listened to.”

I’m not particularly interested in all this civil liberties stuff. And if we are in any doubt that his words match his actions, a quick look at his voting record suggests that he is very firmly pro a strategy of mass surveillance.

As for Theresa May’s replacement, well, I think it will come as no surprise to learn that Amber Rudd is also supportive of the rush to mass surveillance. Generally speaking, where she has turned up to vote, Rudd has generally voted for the “mass retention of information about communications” (or “mass surveillance” if we are to avoid euphemisms). So, both of the key main positions related to the introduction of mass surveillance legislation are very much in the “pro” camp. There is no doubt whatsoever that the government is shaping up to pose very serious threats to our ethical principles, as has been standard practice on the right for some time, ethics are simply a barrier to “progress”. It’s of little surprise to learn that our ethical principles continue to be threatened by a right-wing government, it’s what they do.

But what of the Opposition? Well, it’s not that much better. However, the current attempted coup against Corbyn could result in a unified threat to the ethical principles outlined. Whilst there is not conformity across the Labour Party on this issue (ha), Corbyn at least seems a bit more sceptical of mass surveillance than many of his colleagues. He at least voted to reject the Data Retention and Investigatory Powers Act in 2014 for example. What of the plotters in his party though?

Angela Eagle appears to offer little in the way of opposition in the threat against our ethical principles. Generally speaking, she has voted in favour of the mass retention of information about communications. And what of the other challenger, Owen Smith? Well, Smith has voted consistently in favour of mass retention of information about communications. So, should the coup be successful then it seems pretty clear that both sides of the house will be united in the belief that mass surveillance of the population is necessary. Of course, given the lack of party discipline at present, they will be effectively united even if Corbyn remains as leader because he is unable to command so many of his colleagues. There are really only two options I can see in terms of serious opposition to mass surveillance, the party respecting the wishes of the members and uniting around Corbyn, or mass deselection. Otherwise, mass surveillance is a foregone conclusion and CILIP will need to re-write their core ethical principles – because they will be worthless.

(I feel I should add here by way of caveat…I am not a Labour voter. Nor am I a Labour Party member. I’m not sure Corbyn is the right person to take the Labour Party forward, but I do think his politics are right for the future of the Labour Party. Corbyn may not be the right leader, but he holds the “right” politics. Unfortunately for those seeking to unseat Corbyn, they think both his leadership and his politics are wrong. I think this is a strategic error that will likely end the Labour Party for good. For me, a return to the gentrification of the party to ensure its appeal to the middle class will ensure its final demise in a climate where the working class have been hammered hard. But the fight for the party is not my fight, I am merely an observer.)

Whatever the future holds in this uncertain time, I’d recommend that all information professionals take a good look at those ethical principles and ask the question as to whether they are currently holding true to them. I’d also argue that we need to raise awareness of encryption technologies across the profession and beyond (taking the lead from key figures associated with the Radical Librarians Collective), particularly if we hold that our ethics are worth defending and advancing. We particularly need to be aware of what encryption tools will be effective and which will not, given the proposed legislation heading our way. I hope that CILIP batters the doors of government every single day brandishing those key ethical principles and fights for our profession and the communities we serve. These principles are under serious threat, by both sides, and for the sake of our existence and the sake of the people and communities we support, we must not allow them to become redundant.

Useful Links

Library Freedom Project

Open Rights Group

Privacy International

Why librarians need to act on mass surveillance

We need to speak out as a profession against mass surveillance. Image c/o floeschie on Flickr.

Today the Investigatory Powers Bill has its second reading in parliament. The introduction of the Bill is not only a threat to society in general, it poses a serious threat to our profession and, in particular, our commitment to defend the intellectual privacy of our users. We must speak up as a profession to defend the rights of our users and, wherever possible, seek to defend their intellectual privacy.

Ever since the disclosures by Edward Snowden in 2013, I’ve been concerned about the impact of mass surveillance both on our society, and on us as professionals. Disappointingly, there seemed to be little in the way of action by the profession (particularly in the UK – hampered by a professional body that cannot be overtly political), until the Library Freedom Project came along and started making waves in the United States. Inspired by Alison Macrina’s work, I started to consider more deeply the impact of mass surveillance on our communities and the various issues it raised. For me, alongside concerns about intellectual privacy, it highlighted a further aspect of the digital divide: autonomy of internet use. Given the limited amount of literature on the relationship between the digital divide and surveillance, I decided this was an important area to explore more extensively. So, I started reading around and pulling together an extended piece for the Journal of Radical Librarianship on the topic.

The main inspiration for the piece was the article Intellectual Privacy by Neil Richards (which is available OA here and is highly recommended). For me this really crystallised some of the key issues around surveillance and the protection of intellectual privacy (the ability to read, communicate and seek out information without being observed doing so). Aside from the very crucial focus on intellectual privacy and its importance, Richards also highlighted the role of librarians in supposedly developing some of the “norms” of the concept itself. This role seems particularly strong in the United States (where Richards drew most of his examples), with even the ALA taking a role in advocating for the intellectual privacy of individuals through a variety of initiatives.

As well as Richards’ works, David Lyon also played a key role in forming my views. Lyon is a leading figure in surveillance studies and has written a number of invaluable pieces on the topic that, as with Richards, helped to clarify my thinking (see, for example, his paper on understanding surveillance today). For example, Lyon’s definition of surveillance was particularly useful in understanding how surveillance operates upon individuals. For Lyon, surveillance is about the “focused, systematic and routine attention to personal details for purposes of influence, management, protection or direction”. It’s interesting (yet unsurprising in some respects) the extent to which surveillance within the UK is seen as primarily about protection, with little consideration with regards to how mass surveillance controls or “manages” individuals (or maybe we just don’t care that it controls us). What I also found particularly useful here is that Lyon’s definition doesn’t solely apply to the mass data collection by the state, it also relates to that growing phenomenon: corporate surveillance.

Surveillance and ethics

Clearly, there is a conflict between intellectual privacy and mass surveillance. If you exist in the conditions of the latter then you clearly cannot have the former. For society it presents a serious issue – for librarians it presents a critical issue that gets to the core of our professional ethics. If we cannot (or do not) protect the intellectual privacy of our users, then we are failing as professionals. Indeed, given we exist in a state of mass de-professionalisation, where volunteers are seen as adequate replacements for “expensive professionals”, we are rather making the case for our own extinction. If we do not have a set of ethics and professional values that we not only espouse but actively promote, what makes us any better than a volunteer?

In terms of the profession in general, there are clear guidelines from organisations representing our profession regarding the conflict between mass surveillance and our ethics. In 2005, for example, the Chartered Institute for Library and Information Professionals (CILIP) produced a “Statement on intellectual freedom, access to information and censorship” and endorsed the Council of Europe’s ‘Public access to and freedom of expression in networked information: Guidelines for a European cultural policy’. The Council of Europe’s guidelines clearly stated that individuals are to “decide for themselves what they should, or should not, access” and that those providing the service should “respect the privacy of users and treat knowledge of what they have accessed or wish to access as confidential”. Furthermore, the International Federation of Library Associations and Institutions (IFLA) advised in their ‘Statement on Privacy in the Library Environment’ that information professionals have a responsibility to “reject electronic surveillance”, provide training on “tools to use to protect their privacy” and “respect and advance privacy at the level of practices and as a principle”. The message is clear, we have an obligation to ensure the privacy of our users and to provide them with the tools necessary to enable them to ensure the can defend their intellectual privacy.

Tackling the digital divide

This task is made even more urgent given the nature of the digital divide. We know well enough that access isn’t merely enough, but that individuals also require the skills with which to exploit the internet to their own advantage. In a report published in 2014, the BBC found that 1 in 5 adults lacked the four basic skills (send and receive emails, use a search engine, browse the internet, and fill out an online application form). Given that the most disadvantaged are most likely to be affected by mass surveillance it’s clear there is a need to provide the necessary support to ensure that everyone is able to ensure their intellectual privacy, not merely those with the means by which to do so. What is clear, post-Snowden is that the digital divide is as much about the gap between those who can protect their intellectual privacy and those who cannot, as it is about having the skills to be able to use the internet to benefit individuals economically, educationally and in terms of healthcare.

We, as a profession, have a clear commitment to tackle the digital divide. We play a crucial role in levelling the playing field, ensuring both access to the internet and support as individuals seek to exploit it to their own advantage. This crucial role is, of course, being undermined by the delivery of such support by the private sector, in particular banks (see Barclays Digital Eagles). Of course, corporations have no interest in ensuring privacy of the individual online, because greater privacy results in the exposure of less personal data which large corporations can exploit to drive profit. We, as a profession, are not beholden to share-holders. We have no reason to expose our users’ personal data for exploitation. We have ethical obligations not to expose the reading habits of our users. It is this that distinguishes us from banks and from volunteer run libraries.

It is, therefore, incumbent on us as library and information professionals to develop our skills with regards to online intellectual privacy, to seek to defend the intellectual privacy of our users and, more broadly, to speak out against government legislation that attacks our professional values as well as posing a threat to society in general. We have an obligation as professionals to defend intellectual privacy and to ensure that it is not only a value afforded to those endowed with social, cultural and economic capital, but also to the most disadvantaged and vulnerable in our communities. If we are serious about tackling the digital divide in all its manifestations, then we need to be serious about ensuring autonomy of use for all. So long as our communities are vulnerable to mass surveillance we will not achieve true equality of access to the internet and the wealth of information it provides. That is why we must act.

 

Clark, I. (2016). The digital divide in the post-Snowden era. Journal of Radical Librarianship, 2, 1-32. Retrieved from https://journal.radicallibrarianship.org/index.php/journal/article/view/12/24

The Imbalance In Transparency

Transparency

Image c/o Jonathan McIntosh on Flickr (CC BY-SA).

Yesterday was a big day in terms of transparency, democracy and information rights. After months of criticism for the way in which it has been loaded to discriminate in favour of curbing Freedom of Information legislation, the Independent Commission on Freedom of Information published their findings, followed by publication of the government’s response. On top of all this, the government published its revised Investigatory Powers Bill (or “Snooper’s Charter”). In terms of the information flow between state and the individual, these two developments couldn’t be more important. The question is, to what extent is the information flow weighted in favour of citizens rather than the state? A question to which the answer is, I think, obvious to anyone with even the vaguest grasp of the history of the British state.

Given the sheer size of the debate and discussion in these two areas, I thought I’d bang all this together in one post, but split it up into two many themes: Information From Them and Information FOR Them. Seems to me that both these areas say a lot about where we are as a country, and I think such a distinction further emphasises the current state of play.

Information From Them

The FoI commission may have found that there is no case for new legislation with respect to the Act (meaning no substantial changes to how it operates), but this does not mean that it won’t continue to have serious limitations. The Act itself is imperfect as it stands now (and the increased outsourcing of public services to the private sector further limits its scope), and it’s not clear to what extent the government will use the findings of the Commission to come up with new and innovative ways to further restrict its impact. As Maurice Frankel, director of the Campaign for FoI, notes, rather than changes to the legislation it “could be that they are now possibly talking about various forms of guidance”.

For the government, the FoI Act has a very narrow appeal. It’s less about creating a culture of full transparency across government, both nationally and regionally, and more about beating the drum for value and efficiency. The Freedom of Information Act is more than just providing citizens with access to information on how taxpayers’ money is spent, it’s about holding politicians to account, ensuring that that all of their decisions are subject to scrutiny, not merely about how money is spent. This narrow perspective is still very much central to the government’s thinking, as evidenced by Matt Hancock’s statement in response to the findings:

“We will not make any legal changes to FoI. We will spread transparency throughout public services, making sure all public bodies routinely publish details of senior pay and perks. After all, taxpayers should know if their money is funding a company car or a big pay off.”

For the Conservatives, it makes sense that this is the extent of their endorsement of transparency. Spending taxpayers’ money plays directly into their narrative of difficult economic conditions that warrant the rolling back of public spending. Ensuring a focus on FoI as purely a mechanism to monitor local government spending shifts the emphasis and, ultimately, sends a message about how they view FoI. It’s not about transparency, or holding politicians to account. It is purely and simply about being a stick with which members of the public can beat local government profligacy.

One recommendation that is worth noting is the position regarding the “Cabinet veto”. The Commission recommended that:

“…the government legislates to clarify beyond doubt that it does have this power. We recommend that the veto should be exercisable where the executive takes a different view of the public interest in release, and that the power is exercisable to overturn a decision of the IC. We recommend that in cases where the IC upholds a decision of the public authority, the executive has the power to issue a ‘confirmatory’ veto with the effect that appeal routes would fall away, and any challenge would instead be by way of judicial review of that veto in the High Court.”

Although the government have decided that the veto will only be deployed “after an Information Commissioner decision”, the Minister’s statement adds that so long as this approach proves “effective”, legislation will not be brought forward “at this stage”. This is, to say the least, disappointing. As has been noted before, the veto simply acts as a way for ministers to avoid embarrassment (see the Prince Charles letters for example). Of course concerns about this particular aspect need to be considered in the context of the fact that the worst case scenario regarding Freedom of Information has not come to pass, but the phrase “at this stage” should put us all on alert regarding the government’s intentions.

That said, contrast the government’s position on freedom of information (where openness comes with caveats) with their position on surveillance (where caveats barely seem to exist)…

Information For Them

Following a number of critical reports about its Investigatory Powers Bill, the Home Office yesterday put forward revised draft legislation seeking to, in their words, “reflect the majority of the recommendations” from these reports. The reality is quite different, and very troubling on a number of levels, not least because of the intention to rush this bill through parliament at a time where other stories with substantial ramifications are dominating the news cycle (the intention seems to be to rush it through before DRIPA expires at the end of the year).

What of the proposals themselves? Well, they don’t make for comforting reading if you care about individual liberty and intellectual privacy. Despite criticism that the initial draft lacked any sense that privacy was to form the backbone of the legislation, the only change in this respect has been to add the word “privacy” to the heading for Part 1 (“General Protections” becomes “General Privacy Protections”). This tells you all you need to know about how the government views privacy. It’s a minor concern when compared to the apparent desire to engage in mass surveillance.

The Bill proposes that police forces will be able to access all web browsing records and hack into phones, servers and computers. Although the Home Office later claimed that hacking powers date from the 1997 Police Act and would only be used in “exceptional circumstances”, when giving evidence to the scrutiny committee, Det Supt Paul Hudson noted that these powers were used “in the majority of serious crime cases”. Needless to say, he refused to provide any further detail on the record. But there does appear to be a shift here from the police being able to view any illegal sites you have visited, to enabling them to view any website you visit.

In terms of encryption technologies (the bête noire of Western democracies hostile to privacy), there has been some clarity and yet there also seems to be somewhat of a loophole that could prove advantageous to those who know what tools to use to ensure their intellectual privacy. In the government’s response to pre-legislative scrutiny it advises:

“The revised Bill makes clear that obligations to remove encryption from communications only relate to electronic protections that have been applied by, or on behalf of, the company on whom the obligation has been placed and / or where the company is removing encryption for their own business purposes.”

The implication here seems pretty clear: to ensure you provide sufficiently strong encryption technologies, move towards encryption that you do not control, rather than those you do. If you don’t control it, you cannot remove it. I suspect the net consequence of this will be a muddying of the waters for those who wish to protect their intellectual privacy. It is already difficult to differentiate between which encryption tools truly protect you from mass surveillance, and which arguably do not (consequence being a new manifestation of the digital divide). Being able to differentiate between which tools do control the encryption placed on communications and which tools do not will undeniably require a degree of social capital that not everyone has the privilege to possess.

There are many significant concerns regarding this draft bill, many of which would take a huge blog post to cover…and I’ve not even read the full bill and accompanying documents yet. Rather than hit the 2,000 word mark, I’ve put together a list of key resources below. As librarians and information professionals we need to be on top of this. Defending the intellectual privacy of our users (whether that be in schools, public libraries, further or higher education) is a fundamental ethical concern. We need to take whatever steps we can to ensure we advance privacy, ensure the protection of digital rights and reject the monitoring and/or collection of users’ personal data that would compromise such privacy.

One thing I will add is that the combination of these two developments speaks volumes about the nature and transparency of government and in the United Kingdom. It is far less about ensuring a democratic system by which elected officials can be held to account, and far more about treating citizens with suspicion and thus undermining the democratic process. Given these circumstances, it is difficult to conclude that we live in a fully functioning democracy. When the state is entitled to more information about us than we are about them, there is no democracy.

Further resources

IFLA Statement on Privacy in the Library Environment

Investigatory Powers Bill – all government documents

Privacy International statement on IPBill

Investigatory Powers Bill – How To Make It Fit-For-Purpose

Don’t Spy On Us (authors of the above report on making it fit for purpose)

Access Now statement on IP Bill

 

Independent Commission on Freedom of Information report

Statement by Matt Hancock on Commission’s report

Campaign for Freedom of Information statement

The Snowden revelations had nothing to do with Paris

Surveillance

Mass surveillance is simply about control, we should resist the calls to permit mass surveillance by our intelligence agencies. (Image c/o Frederico Cintra on Flickr used under CC-BY)

Encryption. It’s the weapon of choice for terrorist communications. At least, that’s what they say. Within days of the attack, the director of the CIA, John Brennan, complained about the hand-wringing over mass surveillance and claimed that the Snowden revelations about intelligence gathering had made it harder to identify figures involved in Islamic State. This was followed by FBI Director James Comey calling for “access to encrypted data” to detect terrorist threats. With the government’s attempts to legalise mass surveillance via the investigatory powers bill, the use of encryption technologies is once again on the agenda.

And yet…

In the wake of Paris it does not appear that encryption technologies were used by the terrorists in planning and organising the events that took place last week. Reports on Wednesday suggested that rather than using complex encryption technologies, the terrorists were simply communicating using SMS. Alongside the fact that at least one of the individuals was known to the intelligence agencies, it’s not clear what difference either mass surveillance or the beloved (and non-sensical) back-door to encryption would have made in this particular case.

This notion that encryption technologies provides a safe space for terrorists to plan their activities doesn’t hold up to much scrutiny. Of course Snowden gets the blame, he’s a “traitor” to the US specifically and the West in general (how dare a whistle-blower reveal that states are monitoring the internet activities of all their citizens), but there’s scant evidence that his revelations have made any difference at all. Much less that they have endangered anyone in any Western state.

A report recently published by Flashlight underlines the extent to which any suggestion by politicians, or intelligence agencies, that Snowden’s revelations have forced terrorists to adapt their communications strategies is complete garbage. Dedicated to gathering intelligence about online communities in the “deep and dark web”, they recently produced a report that suggests the Snowden revelations have had a limited impact. The primary findings from the report include:

  • The underlying public encryption methods employed by online jihadists do not appear to have significantly changed since the emergence of Edward Snowden.

 

  • Well prior to Edward Snowden, online jihadists were already aware that law enforcement and intelligence agencies were attempting to monitor them. As a result, the Snowden revelations likely merely confirmed the suspicions of many of these actors, the more advanced of which were already making use of – and developing –secure communications software.

The second of these is so obvious, it seems bizarre that it needs to be stated. Of course terrorists would have been aware that intelligence agencies would be attempting to monitor them and of course they would have been taking precautions. The Snowden revelations merely confirmed what they already suspected and, ultimately, reinforced that they were correct to make use of secure communications software.

This understanding of the use of encryption software by terrorists is not new. Before the Snowden revelations, in 2008, it was noted that encryption technologies were no more frequently used by terrorists than by the general population. Furthermore, that encryption technologies were more frequently discussed by intelligence agencies rather than by terrorists, primarily because of it is more “technically challenging” and therefore less appealing to use. Those that were technically able were, of course, would clearly have been using the technology back in 2008 – long before the Snowden revelations. If researchers were writing papers on the use of encryption technologies back in 2008, then of course terrorists who were seeking to hide their activities from the state would also be aware of the existence of such technologies. It would be breath-takingly naïve to believe that they weren’t aware of such technologies pre-Snowden. And no-one could reasonable accuse intelligence agencies of being naïve. They know that this is the case, but the political urge for mass surveillance is so strong, the will to talk up the threat of encryption technologies is so tempting and the desire to prevent future whistle-blowers revealing the undemocratic activities of the state, that of course they will link any terrorist attack to the information revealed by Snowden.

What we need to remember is that this is part and parcel of an effort to make Western democratic societies accept the need for mass surveillance. The facts don’t support it, but the desire to create a state in which everyone is monitored ultimately leads to a disciplined populace more easily controlled by the state (see Foucault). Encryption isn’t the problem. Mass surveillance isn’t the answer. As Paris showed, the information was there, the clues were present…mass surveillance or back doors to encryption wouldn’t have made one iota of difference in terms of the tragedy in Paris. As politicians and ignorant political commentators talk up the need for mass surveillance, we must not forget that one simple fact.