Sir David Omand, former government intelligence chief, warns that cyber surveillance laws need to ensure a balance between security and privacy, or they could have a "chilling effect" on social media.
A report by the think-tank Demos, which Sir David co-authored, said existing laws regulating police and intelligence agencies' access to online data, needs to be overhauled to meet the complexities of social media.
The Demos report, entitled #intelligence, says that while intelligence gathered from social media - dubbed 'socmint' - could be a vital source of information in identifying criminal activity or providing early warning of disorder, it said the public needs to be confident it is not being abused.
It follows public outcry over a preview of government plans for wider state access to our email and digital communications.
Sir David, former GCHQ director and ex-cabinet office security and intelligence chief, last week told MPs that the government's cyber-security centre did not have the expertise or mechanisms in place to defend potential threats. But the report says that while current regulation (Regulation of Investigatory Powers Act 2000) needs to be overhauled, a respect for privacy is essential.
Current legislation demands that where new methods of intelligence gathering are introduced, they should be on "a firm legal basis and rest on parliamentary and public understanding of what is involved" the report read: "In respect of Socmint these conditions of democratic legitimacy are presently absent."
It also warned of "the danger that Socmint could result in a chilling effect on the use of social media itself", which it said would have negative economic and social consequences for the country as a whole.
Demos's six ethical principles for social media intelligence gathering:
- There must be sufficient, sustainable cause
- There must be integrity of motive
- The methods used must be proportionate and necessary
- There must be right authority, validated by external oversight
- Recourse to secret intelligence must be a last resort if more open sources can be used
- There must be a reasonable prospect of success
Peter Sommer, visiting professor at the LSE and co-author of the OECD study reading systemic cybersecurity risk, told Channel 4 News: "It is always refreshing to see a distinguished retired spook like David Omand associated with a view that 'security' is not just about surveillance and protective measures but also about preserving the values of openness in society and due legal process."
He added that some of Sir David's former colleagues "are busy lobbying for much greater powers - via the communications capability development programme" which is expected to be announced in the Queen's speech.
Public vs private
The report also emphasised the distinction between information made openly available on social media sites by users, and that which is protected by privacy barriers such as a password. The report advises that access to the latter require a warrant issued by a minister or a judge if the authorities wish to access it.
Without an explicitly articulated approach towards generating Socmint based on respect for human rights and the associated principles of accountability, proportionality and necessity, there is a serious risk that this vital confidence and trust will be undermined. Demos report: #intelligence
"People now share vastly more personal information about themselves, their friends and their networks in new a varied ways: what is 'public' and what is 'private' is not always obvious and differs greatly across social media platforms and even within social media platforms," the report read.
"Moreover, new and emerging technology potentially allows more invisible and widespread intrusive surveillance than ever before.
"Without an explicitly articulated approach towards generating Socmint based on respect for human rights and the associated principles of accountability, proportionality and necessity, there is a serious risk that this vital confidence and trust will be undermined."