23 Jan 2014

Why the row over spying is about human nature, not metadata

For all the bamboozling hi-tech talk of “meta-data” and “bulk traffic collection”, the row over spy agencies’ electronic snooping comes down to two competing views of human nature.

07_data_g_w

Political theorists have speculated for centuries about how people would behave in a “state of nature”, i.e. left to themselves in a mythical land of plenty. Thinkers like Rousseau believed we’d rub along just fine. Thinkers like Hobbes reckoned we’d tear each other apart.

How does this relate to electronic surveillance? Well, if you side with Rousseau you see little point in monitoring everyone, because wrongdoing is an aberration and the majority of people will happily obey the rules.

If you side with Hobbes, you believe that at heart humans are a warlike and greedy bunch, so it’s probably worth keeping an eye on everyone, to catch people before they turn nasty.

The 9/11 terror attacks gave a boost to the Hobbesians. To many people, America’s aggressors seemed to arrive suddenly and unexpectedly, and there was a pervading sense that the enemy was an insidious force that could be lurking, unsuspected, in any neighbourhood.

More from Channel 4 News: What GCHQ knows about us

This led to a massive expansion of surveillance powers as America’s law enforcement and intelligence services fought to understand a new and asymmetric threat.

Barack Obama‘s announcement on Friday is evidence that the pendulum is starting to swing the other way, and that those who would monitor all of us all the time are increasingly required to justify that behaviour.

Our view of human nature not only helps inform this debate: it can help us make decisions about specific actions. For example, America’s National Security Agency has been accused of cracking the encryption standards used to encode our emails. Personally, I think that’s acceptable, because it’s likely that those who would do us harm will seek to use encryption to hide their communications. Giving law enforcement the ability to monitor that traffic seems sensible.

Cracking encryption does not assume that anyone, at any time, can suddenly turn bad. It gives states the ability to monitor those they suspect may have malicious intent.

However, the mass collection of innocent people’s data, to be stored for future access, is an essentially Hobbesian activity, for it assumes that on the balance of probabilities enough people are going to turn out to be evil to justify the harvesting of their traffic.

As the electronic surveillance tussles continue, we’re not going to decide once and for all which view of human nature is correct; it’s a broad spectrum of belief and there are many position on it for us to occupy. But let’s hope we don’t lose sight of it as a fundamental part of the discussion.

Follow @geoffwhite247 on Twitter

4 reader comments

  1. PaulM says:

    I think that people’s reaction to this is less influenced by whether you side with Rousseau or Hobbes and more on whether you side with Orwell or Marx.

    If you think that government is a benign carer then this information doesn’t do any harm unless you are breaking the law.

    If you think that the government is, or could become, a sinister repressive force then information gathering is extremely worrying.

    It is interesting to note that some on the American right (who are supposed to believe in small government) support the information gathering. Equally many on the left in Europe, who believe in a big caring government, are less enthusiastic and trusting.

  2. Philip says:

    While I don’t feel I have a clear view either way, I can understand governments and agencies like NSA/GCHQ faced with the knowledge that if there’s another 9/11 or a terrorist lets a bomb off at Victoria tube station at 8.45 am and 500 people are killed, they could have prevented it if they had information available from conversations in cyperspace, they would wish to avoid being attacked subsequently for their failures to prevent these deaths.
    It seems to me there are problems of (a) proportionality (b) effectiveness and (c) avoidance of misuse of the information collected which need to be clarified and discussed openly and fully.
    I’m not sure I agree that this is about different views of human nature. I believe that after 9/11 and 7/7, governments & the relevant agencies panicked, realising how potentially vulnerable our societies are. This sort of data gathering and mining was seen to be one potentially valuable way of identifying potential future terrorists & stopping them. I doubt whether anyone considered that most of us were inherently evil…or inherently good. Both views present a false dichotomy. People seek their own best interests – quite often incoherently and sometimes wrongheadedly because their environment (e.g. the media) can provide false or misleading signals. Occasionally – whether deliberately or not – people do evil things….& I suspect that some of those involved in suicide bombings believe they are doing a good thing….and that probably also includes the people who have brought them to that belief. In the same way that there are genuinely evil people, there are a lot more whose mistaken beliefs cause them to do evil…yet if you examined them from their perspective, they would believe they were doing good. The world, the agglomeration of the minds & actions of individual people, is highly complex – which is why so many of our simplistic attempts to have fairness & peace even within the UK, let alone in the rest of the world, have been so unsuccessful.

  3. BlackPhi says:

    Presumably if you believe Rousseau then it doesn’t matter so much that these people are spying on us, because they’re all trustworthy anyway; but then there’s no need for them to collect all this data, as so are we.

    On the other hand, for Hobbesians there may be reasons to spy on people, but there is certainly no reason to trust the spies, as they are likely to be at least as corrupt as those they are spying on (cf http://www.theregister.co.uk/2013/09/30/nsa_gmen_snooped_on_lovers/ or http://www.theregister.co.uk/2014/01/06/nsa_refuses_to_deny_spying_on_members_of_congress/).

    Either way, this data collection is either unnecessary or highly dangerous.

  4. J M Ward says:

    Do you really think it’s acceptable that the NSA or GCHQ should be able to crack the encryption protocols (SSH, TLS) for our e-mail transactions? Don’t forget that, for example, lawyers use e-mail for confidential communications with their clients, journalists use it with their sources (surely that has some resonance for you in particular), and dissidents use it to communicate outside their repressive regimes.

    Moreover, we use these encryption protocols every time we do internet shopping or banking. Are you comfortable with Government being able to access your credit card or banking transactions? Worse, if the Government can do it, so can the bad guys, some of whom are every bit as smart as anyone in GCHQ or the NSA.

    Fortunately no-one has actually “cracked” the encryption itself. What the Government has done is to subvert the protocols, either by stealing or coercing the security encryption certificates from the institutions involved, or by complex methods involving fake security certificates used in “man-in-the-middle” attacks. In these, the attacker arranges for his interception system to be between you and your intended recipient, so he can intercept, read, and perhaps modify, your communications.

    The problem is that criminals can, and do, do exactly the same thing; if the Government uses weaknesses in the system without telling anyone in the security fraternity that they exist, then almost certainly the criminal fraternity will find the same weaknesses and exploit them. This is why Government subversion is so dangerous, especially when GCHQ is mandated to ensure that the UK’s cybersecurity is up to scratch.

    The good news is that fully-encrypted e-mails and documents (using encryption standards such as PGP and AES) cannot currently be decrypted by anyone within any reasonable time frame (i.e. less than hundreds of years). The best current standards are estimated to be good up to the year 2020 – 2030 and beyond.

    Just because “those who would do us harm” also use encryption does not mean that the rest of us should not use it for legitimate good purposes, and that it should not be secure. The bad guys also use motor vehicles and guns, but I never hear of any governments moving to ban the production of high-quality versions of either of those.

Comments are closed.