Security versus privacy in the online age
The delicate balancing act between public safety and online privacy presents an unavoidable practical and political challenge.
Published on 26 February 2016 in
ISS Today
By
Investigations into recent terrorist attacks, such as those in Paris and Jakarta, led to reports of extremist groups using encrypted cell phone apps, such as Telegram, to avoid government surveillance. This has fuelled further calls from government officials and security agencies worldwide for stricter regulations to monitor Internet users and the use of encryption.
In a statement to the United States (US) Senate, Federal Bureau of Investigation (FBI) Director James Comey said that the use of encryption had allowed for terrorists to ‘go dark’ and that ‘changing forms of Internet communication and the use of encryption are posing real challenges to the FBI’s ability to fulfil its public safety and national security missions.’
A recent court order by the FBI, which compels Apple to help unlock the iPhone of one of the San Bernardino shooters, reflects the core of these debates. Where is the line between giving security agencies enough power to do their jobs, and limiting that power so that privacy rights are protected?
Julian Assange equates the battle for encryption to the right to bear arms
The delicate balancing act between public safety and privacy presents the international community with an unavoidable practical and political challenge.
Julian Assange, founder of the whistle-blower website, Wikileaks, has equated the battle for encryption to the right to bear arms. The drafters of the US Constitution included the right to bear arms in the Second Amendment on the premise that it would provide citizens with the means to defend themselves against a totalitarian government and ultimately, ensure their freedom.
Privacy activists such as Assange and Edward Snowden see encryption and Internet privacy in the same light. Without privacy, there can be no freedom of speech, and without freedom of speech, states cannot be held accountable for the power they exercise in maintaining security.
In 2011, two years before the Snowden revelations, the Arab Spring showed the world how powerful the Internet can be in influencing politics. Using resources like the Tor network – a web browser created by the US Naval Research Laboratory, which uses encryption and hides the identity and location of the user – journalists and activists could circumvent the surveillance of authoritarian governments seeking to stifle free speech.
This technology allowed for the safe online sharing of information and organisation of protests. In response, states like Egypt, Libya and Syria, went as far as to ‘turn off’ the Internet in their countries. The ability to use the Internet anonymously had become a ‘weapon’ in the fight for liberation.
Being able to use the Internet anonymously has become a weapon in the fight for liberation
Encryption and the ability to use the Internet without being tracked is becoming an increasingly necessary tool for journalists and activists across the world.
In Africa, government accountability and democratic values such as free speech are already often found lacking, and massive-scale government surveillance is a frightening prospect.
In 2011, Facebook discovered that the Tunisian government had been using malicious code to steal the Facebook passwords of its citizens to delete the accounts of users who had shared ‘undesirable’ material. Bloggers and activists had started using Facebook as a means to upload and share videos – such as footage of police brutality – after all other video-sharing websites had been blocked.
Hassiba Hadj Sahraoui, Amnesty International’s Middle East and North Africa Deputy Director, explains the dilemma in the context of the Egyptian government’s revamped surveillance programme. ‘The Egyptian authorities have an abysmal track record when it comes to respecting the right to freedom of expression, association and assembly. A system to conduct indiscriminate surveillance of social media on a mass scale risks becoming yet another instrument in the Egyptian government’s toolbox of state repression.’
Activist groups are often targeted as well. The Free Tibet movement, for example, has often come under attack from suspected Chinese government hackers. This is no surprise considering China’s history of suppressing free speech and monitoring its citizens.
Our security as individuals is significantly tied to being able to hold governments to account
A new social tool called Sesame Credit, introduced by the financial arm of the Alibaba group – China’s online commerce giant – shows the extent to which surveillance can come to dominate our lives. The programme determines an individual’s credit score based on their online activity. So-called ‘dissident activity’ – like voicing anti-government opinions or discussing forbidden subjects, such as the Tiananmen Square tragedy or the Shanghai market crash – lower an individual’s credit score. Simply being online friends with ‘dissident’ individuals could also lower an individual’s credit score. Sesame Credit ratings are currently optional, but the Chinese government hopes to have a similar system implemented nationwide by 2020.
In a world where our lifestyles are increasingly intertwined with online technology, this level of surveillance is a few small steps away from being all-encompassing.
Michael Hayden, a former director of the US government’s National Security Agency, once said, ‘…to be effective, [the] NSA really needs to be only two things – powerful and secret.’ These qualities are precisely what democracy is intended to guard against, even in the name of security.
The big question is whether widespread and indiscriminate Internet and communications surveillance is as necessary for public security as government agencies would have us believe. At the recent World Economic Forum, Belgian Deputy Prime Minister Alexander De Croo, said that wide-scale surveillance, instead of targeted counter-terrorism efforts, did little to fend off terror attacks. De Croo, who oversees the state’s telecommunication’s industry, said: ‘All of the people that were involved in the [Paris] terrorist attacks, all of them were on lists. And they were on lists because they visited certain mosques that we were looking at.’
If traditional measures were being utilised more successfully, mass surveillance could become excessive. Another key question is whether we would be willing to give up more of our privacy in exchange for the sense of security that mass surveillance may offer.
Our security as individuals is significantly tied to our ability to hold governments to account – and free speech remains the cornerstone of this endeavour. In the digital age, securing freedom of speech means securing the ability of citizens to use electronic communications without fear. Subjecting citizens to surveillance restrains all of us; not just the minority that intends to cause harm.
Albertus Schoeman, Consultant, Transnational Threats and International Crime Division, ISS Pretoria