The battle between surveillance and secrecy in the digital age

You are being watched. Your movements are being recorded, your searches chronicled, your connections and acquaintances tracked.

The western spy agencies NSA and GCHQ probably have access to your SIM card, your phone calls and all sorts of metadata. Ad-funded tech powerhouses Google and Facebook almost certainly have a data file on you, trying to work out everything you do and everything you may want to buy, and even electronics firms like Lenovo and Samsung could be listening to and tracking you.

In the post-Snowden world – where the whistleblower leaked the US and UK governments’ mass surveillance schemes – we’re all becoming more and more aware of how we are caught up in giant surveillance programs that are said to be for our own protection. Equally, the fact that Google and Facebook collect enormous amounts of data on us is becoming common knowledge.

But so what, right? Chances are, you’re not a terrorist or a paedophile, and you’re against those who are. If you have nothing to hide, then what’s the big deal?

Jon Bains, who founded one of the first digital agencies, Lateral, is currently the founding partner of the What & Why agency, and writes online about the importance of not being watched.

In his view, people should have a right to be able to conduct a private conversation: “Privacy is a basic human right, and it’s not something we should give up easily, at least without asking why,” he says.

“Governments tend to make really, really bad legislation when they don’t understand how things work or things change.” Jon Bains

After the Charlie Hebdo killings, however, British Prime Minister David Cameron said he wanted to ban apps such as Snapchat, WhatsApp and iMessage because their communications are encrypted and private.

“Governments tend to make really, really bad legislation when they don’t understand how things work or things change,” says Bains.

There are other dangers with mass surveillance and bulk data collection.

The more obvious examples are the simple mistakes, such as when a German grandmother was incorrectly blocked from the internet for illegally downloading movies and left unable to work at her online-only job, or when innocent people with similar names get caught on a no-fly list.

“There’s more and more stories of normal citizens being harassed by the government, but most of that’s kept under the table through gag orders,” Bains says.

There’s also the potential for privacy invasions due to the data, such as when US retailer Target calculated that an underage girl was pregnant and sent her flyers for baby products, before she had even told her father.

“Facebook has launched Atlas, which tracks you from looking at an ad all the way to retail. As somebody who has worked in marketing for 20 years, I go ‘oh that’s cool’. As a human being, I go ‘fucking hell, this is dark’. And that data’s not secure either, if you wanted to work out how to kidnap somebody or extort money, this would be a playbook,” says Bains.

These companies require their own privacy, such as for our data or bank transactions, which are put at risk by government plans to work around encryption by installing “backdoors” that they can access.

Equally, the data is at risk due to security failures on their end, as Bains points out: “The governments are relatively under scrutiny, but marketeers? Not so much. The Sony hack showed just how open this data is.”

“So, as a taxpayer, I’d say that frankly it’s not a terribly good use of money. And from a practical level, there’s no such thing as a secure system, so somebody’s going to hack into it. It’s just bound to happen.”

Jamie Bartlett at Cybersalon [Corali Houlton]

Jamie Bartlett believes many users will adopt Tor-like access to the internet. [Corali Houlton]

Into the darkness

As awareness of government and corporate surveillance grows, people have increasingly looked to cover their tracks online.

It’s virtually impossible to live a normal life in the internet age and stay completely undetected. But there are ways to hide a lot of what you do from outside eyes. One such method is the Tor Browser, a simple browser like Chrome or Firefox, except that it – among other things – routes your data connection through various points across the world, making it hard to track.

The Tor Browser isn’t perfect: if the NSA really wanted to know what you did online, they could, but it makes it a lot harder. Plus, if the NSA isn’t already looking at you in particular, the browser can keep you hidden quite effectively.

You can also visit websites that your government or internet service provider has blocked. Here in the UK, that can include file-sharing websites like ThePirateBay, KickassTorrents or sites with adult content, but worldwide can include important whistleblowing sites or anti-governmental free speech blogs.

In fact, the Tor browser project was originally developed with the US Navy in mind, for the primary purpose of protecting government communications. It’s used by law enforcement, journalists and the military, as well as those in countries with oppressive regimes to get online, communicate, and work as whistleblowers and in human rights without their nations being able to watch or track them.

But Bains points out that sites are being taken offline at an alarming rate: “The UK government can take down websites with no judicial oversight, there’s more dropping off the net than ever. And because people conflate privacy with piracy or criminality, it’s not seen as a big deal. That’s just a dangerous precedent to set.”

And then there’s the websites you can only visit with a hidden browser, ones you won’t find through a Google search or on the normal internet. This is the dark net, with its perhaps most infamous site being the now defunct The Silk Road – on online market for buying and selling illegal drugs.

The price of freedom

Cybersecurity and cryptography researcher Dr Gareth Owen, a senior lecturer at the University of Portsmouth, hit headlines earlier this year with a controversial study that suggested that 80 per cent of dark net visits were to child abuse websites.

Dr Gareth Owen at Cybersalon [Corali Houlton]

While most Tor users are accessing the normal web, dark net users often visit child abuse sites – Dr Gareth Owen [Corali Houlton]

“What we’re measuring is the important point: we’re measuring requests for the website. There are some uncertainties here; if someone restarts Tor, they’re counted as twice, for example. Webcrawlers [bots that scan the net] would also count, but are a small percentage at best. We’re counting visits, so it gives you a loose overview.” It’s also important to note that 98 per cent of Tor use is to the normal internet, not the dark net.

Of the 45,000 sites discovered on the dark net, only two per cent hosted child abuse, but they still received the majority of visits. “We’re seeing 100,000 requests to just one site,” Owen said.

Owen has suggested the idea of blocking child abuse sites through blocklists, but doesn’t openly support the notion, just the idea of debating it.

“It’s possible to block hidden sites. The directory for sites is spread across all these servers on the network. If 90 per cent of servers agreed to implement a blocklist, then it could effectively take a site offline. And the blocklist can be distributed among the server hosts: they can all inspect it and all opt-in or opt-out, and it only works if enough people do it. Or the Tor Foundation could implement a public blocklist.”

The problem is that the community is very against the idea of censorship or a blocklist, as they feel it undermines the project and puts it at risk from outside control that may block the whistle–blowing or free speech sites that make the network so valuable. Owen stresses that we have to have an open mind: “We’ve got a technology that protects freedoms, but we don’t want to support child abuse. We have to be pragmatic.”

“The problem is that the community is very against the idea of censorship or a blocklist, as they feel it undermines the project and puts it at risk from outside control.” Dr Gareth Owen

With regards to terrorism, another bogeyman raised by those trying to crack down on encrypted and anonymous networks, some are also calling for more discussion over what we as a society are comfortable with.

“I guess the million dollar golden question is where is the line?” asks Dr Doug Weeks, research fellow at Handa Centre for the Study of Terrorism and Political Violence, University of St Andrews.

“I think that there are laws or protections that are generally put in place that need to be adhered to, and that needs to be decided by society at large. But it can become problematic: if you look at the surveillance and the other counterterrorism measures that have been deployed in Britain since the Terrorism Act 2000, such as stop and search and control orders and all the other hard elements of policing that is being done, there’s a lot of pushback by Muslim communities.”

But equally, people have called for increased surveillance, says Weeks: “The family of some of those girls [who have gone to Syria have] been critical of the government for not stopping their own children from accessing certain things on the internet. You can’t have it both ways, you can’t say ‘this is way too invasive, you can’t do those types of things’, and then when something bad happens say ‘it’s your fault because you should have pre-empted this’. That’s where the balance comes in, and in a functioning democratic society, I think that balance has to be negotiated.”

Jamie Bartlett, who works for the think-tank Demos, specialising in social media analysis on extremist movements, wrote the book The Dark Net, an immersive look at a number of the most shocking, surprising and often quite terrifying subcultures on the internet.

He says: “Acting under conditions of anonymity is like holding a magnifying glass over human behaviour, so it becomes easier to do nasty things, it becomes easier to do more destructive things. It’s easier to get sucked into more subcultures that are really negative, it’s easier to bully people, it’s easier to harm people.

“But equally it’s easier to be incredibly creative, to be incredibly interesting, to be able to truly speak your mind, truly express yourself without fear of not falling within accepted standards of behaviour.”

His view is that the level of government and corporate tracking will push the majority of people onto Tor-like systems in the near future.

“If you had a choice between using Chrome or using Tor and being able to be more comfortable that no one was watching what you were doing, but it was as easy and as reliable and as fast as Chrome, I think nearly everybody would use Tor. So I think that’s where it’s going to go.”

Again, the question remains, while privacy may be what individuals want, is it what we as a society want? Will an encrypted future be a good thing?

“I’m very worried about that, I think that’s going to cause huge problems in the future. As well as all the benefits it will bring for individuals and securities of people’s personal data, we’re fooling ourselves if we think that won’t also cause difficulties. I’m quite convinced in the future it’s going to be far more difficult to censor material, it’s going to be far more difficult to monitor the ‘bad guys’ for the police and the intelligence agencies,” said Bartlett.

“So that combination of more privacy and less censorship takes us where it takes us… I think, as a society, we’ve got to learn to live with that and work out what that means for us.”

Featured image – Flickr: Todd Kopriva; photography by Corali Houlton