The US National Security Agency has been operating a mass electronic surveillance data mining program, PRISM, as we now know courtesy of whistleblower Edward Snowden. For the media the focus has been on what national intelligence agencies should be permitted to do with personal digital information, and where the divide between national security and civil liberties should be drawn. But perhaps the more important question to ask is who is watching us in the first place? Corporations are allowed to build up extensive personal profiles on individuals, but this is not given a second thought.
On 17th July 2013 Chatham House’s International Security department held a discussion on the topic titled “Who Watches the Watchers?”. A recurrent theme at the event was that intelligence agencies have always intercepted and analysed communications which, more recently, have included online communications. This is, after all, one of the reasons why such bodies were created in the first place – to spy on people and gather information.
But rather than discussing who watches the watchers in an information society, perhaps we should be asking who the watchers actually are? In the modern era, for the average person, there is more pertinent personal information available in the public domain than ever before. After all, a key source of information for the business intelligence community is that which is freely available in the public domain. Individuals readily disclose a huge amount of personal information, often without giving it a second thought, and not just on social networking websites.
Supermarkets build accurate profiles of customers’ shopping habits using loyalty cards to record and analyse purchase histories; this then allows them to alert customers to discounts on their favourite items or suggest new ones. Social networking sites target users with marketing campaigns specific to their interests and suggest other users whom they may want to get in contact with. LinkedIn uses powerful algorithms to analyse subscriber information to find others whom users might know – with unnerving accuracy. Touch and go travel cards allow transport companies to track people’s movement across their network. Many see this as a normal part of life and we allow companies to build up much more detailed profiles of our lives than Governments do through their collection of metadata.
Perhaps the focus of concern should be the relative lack of regulation in the private sector regarding the access to and use of personal information. For Government bodies there are clear checks and balances with oversight bodies in place. On 17th July 2013 the parliamentary Intelligence and Security Committee cleared GCHQ of any legal wrongdoing concerning its involvement in the PRISM programme, stating that the agency met all legal rules. The Government accesses and analyses personal information to keep society safe, a mandate that the people have given it, whereas companies use the same information to drive up profits.
The fact that PRISM mined data generated via commercial organisations such US internet firms reflects not just the huge amount of personal data available, but also where it comes from. In previous decades, the amount of information out there was relatively small. With the explosion of social networking and the internet, the amount of information that needs to be collected in order for analysis to be meaningful is now vastly greater. The haystack has grown considerably bigger while the number of needles has remained the same. It is this indiscriminate ‘scooping’ and storing of information that civil liberties groups find alarming. Edward Snowden leaked information because he felt he could not allow the US government to destroy privacy and internet freedom with its massive surveillance machine. It should not be forgotten that much of that personal information came into the Government’s possession via the commercial world.