The MI5 director’s speech to RUSI generated a national debate which singled out for implicit criticism The Guardian for its role in leaking sensitive intelligence. Here, the paper’s data editor questions why the public should be asked to accept blanket assurances that their privacy and security are protected.
By James Ball, Data Editor, The Guardian
The last three years have seen an unprecedented shift in national security journalism: the rise of the large-scale leak.
The world waited forty years for another disclosure on the scale of the Pentagon Papers. In the last three years, we’ve seen the Afghan War Logs, Iraq War Logs, State Department cables, Guantanmo Bay prisoner records, and Edward Snowden’s more carefully curated – but perhaps more explosive – disclosure of documents from the National Security Agency and GCHQ.
For those who have followed each of these, the fallout and debate begins to form an unnervingly predictable pattern: media organisations publish material they say is in the public interest. This is followed by warnings of grave and irreversible harms by governments, militaries and security services. And then, months later, those same agencies concede such harms failed to materialise.
This was certainly the case with the Afghan and Iraq war logs, which engendered the cry that WikiLeaks and the media organisations that worked with it had the blood of innocent civilians on their hands. Months later, officials conceded there was no evidence of harm coming to any individual as a result of the disclosures.
The publication of the US State department cables followed the same pattern: at the time of publication, officials warned of unprecedented harm to US national interests, before privately (then publicly) conceding ‘that a mass leak of diplomatic cables caused only limited damage to U.S. interests abroad’ .
Even the Snowden revelations have, to an extent, followed this pattern. When The Guardian alerted the White House it was preparing to publish the first story from Edward Snowden’s cache, on surveillance of Americans’ phone records – based on a four-page court order to Verizon – the paper was asked not to publish the story or document.
Mere weeks later, the US government declassified and released to the public hundreds of pages on the programme, giving far greater detail than anything The Guardian has published.
Given this track record, it would seem legitimate to treat security concerns raised in public – such as those raised in Andrew Parker’s address to RUSI, and accompanying off-the-record briefings – in the light of reporting with a certain degree of scepticism: what evidence backs up the fears raised? What is different this time?
It would certainly be unfair and irresponsible to dismiss security concerns off-hand, which is why the Guardian has had long and careful conversations about each detail published before each story; a painstaking and time-consuming process. However, it similarly does the public a disservice to take all security concerns at face value.
National security journalism, in any paper, often reveals weaknesses an enemy could exploit: engine problems in nuclear submarines; defence cuts leaving bases exposed; new aircraft woefully inadequate for the job. Such leaks often come from the top, with the intent of pressuring politicians into fixing the problems. But to tolerate these and to dismiss offhand whistleblowers of conscience is a troubling double standard.
While the surveillance carried out by the NSA and GCHQ varies in detail, the broad scope of much of the activities is shared, as is the intelligence produced, and even the technologies used to do so. People in both countries have aired concerns that the laws used to authorise such surveillance were not passed with mass-surveillance in mind.
In the USA the Snowden revelations have to date provoked widespread pressure, more government disclosure, Congressional hearings, a reform panel, and very nearly the defunding of domestic phone surveillance by Congress.
In the UK, the lacklustre political response comprised Intelligence and Security Committee chairman Malcolm Rifkind – who said part of his role is to ‘defend’ the agencies his committee scrutinises – giving assurances that all is well, and the public must take this on trust.
This seems an inadequate response for the Twenty-first century: a public unwilling to trust its political class with taxi receipts is asked to take blanket assurances that their privacy and security are protected. Even if the committee is sincere and earnest in its efforts, do they have the technical savvy to understand what they are signing off?
The implication of mass-surveillance are serious: some object philosophically to such collection, whether abused or not. Others worry about the cost, the scale, data protection, and the risk of being caught up through false alarms, knowing the wrong person, or tripping a rogue algorithm. For some, the way the agencies use the law – or strike deals with private companies – suggest that what appear to be the limits of legal surveillance instead serve merely as the starting point.
Another concern: if finding terrorists is looking for needles in a haystack, does exponentially expanding the haystack really help? A final concern is revealed in the fact of the leak itself: if NSA and GCHQ material is kept so safely, how did it end up with journalists in London, New York, Rio de Janeiro and Berlin in the first place?
None of which, of course, precludes such surveillance programmes making a valuable, perhaps essential, contribution to national security. But they do underline the need for a real, serious, and – crucially – informed debate.
Slowly and belatedly, America is having its national debate on surveillance. The outcome remains unclear, but some degree of reform now seems inevitable.
By comparison, though in recent days Nick Clegg and Vince Cable have both endorsed the need for a debate, Britain seems short-changed.
The British public must take on trust that surveillance is necessary and proportionate. The British public must take on trust that oversight can happen entirely behind closed doors. And the British press should take on trust, without evidence, any claims of harms as a result of peeping behind the curtain.
That seems like a lot to ask.
James Ball is the Data Editor at the Guardian. @jamesrbuk