Beyond cyber and Edward Snowden: What is the next big thing for UK security?
The overhaul of investigatory powers recommended in the report by David Anderson QC, following his independent review of counter-terrorism legislation, would go further than the two previous governments' proposals on communications data legislation (aka the Snoopers' Charter).
The new laws are expected to address the fallout from the Snowden revelations by covering the full spectrum of intrusive powers. The legislation is being put forward in a context where media commentary and public sentiment swings quite dramatically between the opposing priorities of privacy and security.
However, a poll commissioned by the Joseph Rowntree Reform Trust showed the public supported the police and UK intelligence agencies having the ability to access suspects' information for investigations into minor crimes (61%), serious crime (86%) and for terrorism and threat to life (88%). It is also clear the public has a high level of trust in the British police and the Security Service (MI5).
Where there is opposition, it is driven by misplaced fears of a government-sponsored mass surveillance regime that is neither being sought, nor achievable.
Even this type of highly intrusive state surveillance has some support. An Amnesty International poll found 38% of respondents thought the UK government should intercept, store and analyse the internet use and mobile phone communications of all UK citizens and the majority (56%) thought that this should be permitted for non-UK nationals in the country.
We also freely and knowingly trade our privacy for a range of personal benefits. Indeed, the scale of use of personal data by private industry (such as retailers) is eye watering in comparison to the restricted use by the police. This suggests the public might be willing to trade privacy for wider societal benefits such as reduced crime and greater public safety.
Key to this acceptance will be the modernisation and simplification of investigatory powers. The recent Intelligence and Security Committee report on privacy and security highlighted "some elements of the legislative framework governing the Agencies' work are overly complex, difficult to interpret in relation to certain internet technologies, and lack transparency".
This will be particularly important as technology – and the ways we use it – continues to evolve. It also needs to be made clear that, far from enabling wide-scale "snooping", the proposals for the request and disclosure of communications data are designed to be precisely targeted and tightly restricted.
Intrusive surveillance powers need to be proportionate to security threats
This means the concerns raised by the Snowden revelations about mass surveillance are unfounded. As Professor Sir David Omand has explained, the most intrusive powers relate to bulk access by computers to the internet.
This bulk data is used by parts of the intelligence community to tackle only the most serious threats to national security and from serious and organised crime, particularly from overseas. Conversely, the powers used by the law enforcement community in the UK are very precisely targeted against known individuals with strict controls to prevent "collateral intrusion".
There are a relatively small number of cases where the secretary of state authorises investigators to acquire the actual content of private communications (the total number of warrants issued during 2014 was 2,795). But, in each case, the government needs to be much clearer about the types of data that is collected, for what purposes and the safeguards in place.
Finding the right balance between security and privacy
It is clear the British public will not accept excessive intrusion but neither will it forgive a government that fails to take the necessary precautions to prevent attacks such as 7/7 and Woolwich, or to permit "no go" areas on the internet where the criminals can operate with impunity.
So, officials and police leaders need to do a far better job of communicating the case for change. There needs to be an informed debate about what level of intrusion is reasonable in relation to the benefits for individuals and society.
This debate should also address the need to ensure our personal information has the same protection from private sector intrusion as from government surveillance. By stimulating and informing that debate, the government will be able to develop effective legislation that has public support and keeps us safe.
Nick Newman and Graham Lovell are security experts at PA Consulting Group.
Nick leads PA's work on digital investigations and intelligence for UK government, security and police clients. He specialises in the technology, operational, legal and policy changes needed to enable investigators to respond to new and emerging communications technologies and has nearly ten years' experience working across the national security and law enforcement communities.
Graham specialises in solving complex business change problems. He has experience in applying Systems Engineering through the use of Enterprise and Systems Architectures across both distributed information systems and platform based systems. He works at the intersection of government departments to design complex information systems that represent a radical change from current business processes.
© Copyright IBTimes 2024. All rights reserved.