Tuesday, March 31, 2009

About More Than Expenses?

The Guardian's Henry Porter has an alternative take on the embarrassing revelations that Home Secretary Jaqui Smith's husband charged pay per view pornography to the taxpayer. Porter reckons this story shows the vulnerability of centrally held information:


But with all the talk about the home secretary's loss of moral authority, we should not forget a crucial point in this affair, which will surely interest any politician who declares confidence in the security of public databases. For this is also a story about another security breach in an official database – indeed, there are rumours in Whitehall about how details of Smith's expenses bill emerged, following as it does a run of recent scandals, suggesting stories are being leaked from the parlimentary office for expenses claims.


Whatever the rights and wrongs of this – and actually, I suspect that it is wrong – it must underline the fact that sensitive information pooled in digital form is amazingly vulnerable. If someone can without much trouble lift this data, does it not follow that databases like the national identity register and the children's database, ContactPoint, are similarly insecure?

Monday, March 30, 2009

Massive Chinese Online Spy Programme Revealed

An enormous and elaborate programme for the purpose of spying on foreign government agencies has been discovered in China - though the Chinese government has denied any involvement. It seems that the programme extended beyond snooping on the machines: several computers were hacked such that the programme could have sent messages from the computers or used their mics and webcams.

This case involved spying on government agencies, but it raises an interesting thought: many of us worry about our own governments spying on us and seek to limit their ability to do so. However, we have no ability to limit the ability of foreign governments to spy on us. If foreign governments spy on our citizens, is that in any way not as bad as our own government spying on us? If foreign governments already have access to your most personal information, does that in any way weaken your desire to stop your own government from having access to it?

Government to Monitor Facebook

The BBC is reporting that the government proposes to keep a record of interactions on social networking sites like facebook. They claim they will not be looking at message content, just who is talking to who.

Apparantly this will help to tackle crime gangs and terrorists. Some friends of mine have expressed amazement at the idea that any terrorist or gangster worth his salt would ever post anything remotely compromising on something like facebook.

As it happens I recall reading an odd case in Private Eye a month or two back where some racist bigots got someone Asian sacked at work and then were stupid enough to boast about it in an easily accessible group on Facebook. So I think monitoring facebook in this way will help to catch some criminals.

But I think the sorts of cases it will help in aren't those involving organised criminal gangs or terrorists. Anyone involved at that level will know that their internet activity can easily be monitored. If you think that there is a loss of privacy in police having access to who you are interacting with (which I do) I'm doubtful that you can point to 'the war on terror' as a justification. Does the potential for dealing with less serious criminality justify police monitoring these sites?

Has Work Given You a New Phone Recently?

It is now possible to buy over the counter, a mobile which functions as a bug in the pocket of the user. 'Spycatcher of Knightsbridge' are pleased to offer 'Interceptor Software with a nokia phone included'. Coming in a range of models, in addition to operating as a normal phone, their model will:


Alert you when the phone is switched on, via SMS, so that you can see the number in the phone no matter how often it is changed.


Alert you when ever a phone call is made or received by the phone, via SMS, and will also show the number of other party.


Send you a copy of any text message sent or received by the phone, via SMS as well as the other persons number.


If you dial the phone from a pre-defined number it will open the microphone, without the holder knowing, so that you can hear room conversations, from anywhere in the world.


If you dial the phone from a pre-defined number when it is being used for a phone call you will actually intercept both sides of that conversation and be able to hear the everything that is being said.


You can remotely change the pre-defined number as much as you like, by a discreet SMS.


You can turn each function on and off as much as you like, by a discreet SMS



When my phone is not in my pocket, its on the table by bed and I am asleep. If someone were to dupe me into using one of these phones, they would have 24 hour coverage of all that I do. That really would be the death of privacy.

At the end of the day I'm not all that worried about someone going to the effort (and expense - the phone comes with a price tag of £1437:50) of spying on my every movements. But there's still plenty of room for paranoia here - this is a software application and one can only presume that access to it is going to become more widespread over time. Now what I want to know is what does someone have to do to put this software on my phone: how close am I to my phone being a bug?

Tuesday, March 17, 2009

Oversight and 'The Responsibility to Provide'

A few weeks ago the thinktank IPPR published a paper on the future of intelligence work by Sir David Omand, a former senior Civil Servant. Already people are treating his paper as a representative statement of future government policy. A number of broadsheets praised the paper for its insistence on more oversight of surveillance activity. In particular, he identifies 6 principles which should govern this oversight:

  1. There must be a sufficient sustainable cause.
  2. There must be integrity of motive.
  3. The methods used must be in proportion to the seriousness of the business at hand.
  4. There must be proper authority.
  5. There must be a reasonable prospect of success.
  6. The recourse to the methods of secret intelligence must be a last, not a first, resort.
Don't get me wrong. I definitely think more oversight is a good thing, and I don't disagree with any of the above principles. But I do think there is a major tension between the idea of oversight and another key aspect of what he wants for the future of intelligence. which so far I haven't really seen discussed at all. Early on in his paper he celebrates the way that the intelligence community has moved on from the old paradigm of the 'need to know' to the new era of 'the responsibility to provide':
Authority and information will need to be pushed down to enable local problems to be tackled at local level, but at the same time national authorities must seize the issues that have international dimensions (and local imports), such as terrorism, narcotics, illegal immigration and organised crime. The national intelligence authorities will be expected to both ensure that the local enforcement level - including police, border forces and other local authorities - have the necessary information, and to help manage the international dimensions of these domestic threats. These responsibilities are likely to accentuate the shift away from the highly restrictive 'need to know' culture of the traditional intelligence world to what US Director of National Intelligence, Mike McConnell, has called 'the responsibility to provide', a phrase that captures the spirit of the new approach to the provision of intelligence for the purposes of public protection.
Later, when talking about the dissemination of intelligence already gathered he produces an even more vivid picture of how this would ideally work in practice:
The shift away from the highly restrictive 'need to know' culture must continue. Today dissemination must be both outwards, including to partners and allies overseas, and downwards, where the issues around classification, tear-line reporting and 'fusion centres' are now well discussed in the literature...Finally, the customer community, especially in the military commands, will have to be increasingly able to rapidly pull the intelligence material needed to generate situational awareness and enjoy the 'Amazon.com' ability to find past products and perhaps be told, as you are when you search for a book on Amazon, which other products users of that item also found useful.
Doubtless people in the police and security would enjoy this 'Amazon.com' ability very much. It is easy to see the attraction of more convenient sharing of information. But how easily does this sit with the idea of oversight? Part of what makes amazon's suggestions so useful is that they are instantaneous and automatic - you are never waiting for the time it would take for a human judgement. But it's hard to square the immediacy of the technology with independent scrutiny.

The trouble is that Omand's six criteria for proper oversight seem to require human judgement. True, one could program Omand's 'amazon-style' site to only 'make suggestions' to users with 'proper authority'. But you couldn't use a computational function to assess matters like 'proportionality', 'prospects of success' or that intelligence is used 'as a last resort'.

The need for human judgement is problematic for the convenience of Omand's 'Amazon.com' vision. Ben Goldacre makes a similar point in relation to datamining in one of his recent 'Bad Science' columns. His basic point is that in any case of searching for potential suspects by identifying a potential characteristic correlated with the activity in question, the number of 'false positives', all requiring human assessment, are likely to be so vast that the search will not be worthwhile.

If human oversight was required every time intelligence was passed around, this would slow things down in a way that makes Omand's internet age hopes impractical. Proper oversight in intelligence work surely applies to who get to look at the intelligence, not just how the evidence was acquired? And if oversight requires a human judgement in every instance, this cannot be done quickly. You can have the oversight or the convenience, but not both.

I'd like to get some other people's opinions on this. Maybe you disagree with my analysis. Maybe you think I've misinterpreted Omand. And what restrictions ought there to be on the sharing of intelligence among police? Would retroactive oversight be sufficient? How could this work?