I was invited to speak at a forum in Wellington on the “Privacy Security Dilemma.” It included a variety of people from government, the private sector, academia and public interest groups. The discussion basically revolved around the issue of whether the quest for security in the current era is increasingly infringing on the right to privacy. There were about 150 people present, a mixture of government servants, students, retirees, academics, foreign officials and a few intelligence officers.
There were some interesting points made, including the view that in order to be free we must be secure in our daily lives (Professor Robert Ayson), that Anglo-Saxon notions of personal identity and privacy do not account for the collective nature of identity and privacy amongst Maori (Professor Karen Coutts), that notions of privacy are contextual rather than universal (Professor Miriam Lips), that in the information age we may know more but are no wiser for it (Professor Ayson), that mass intrusions of privacy in targeted minority groups in the name of security leads to alienation, disaffection and resentment in those groups (Anjum Rahman), and that in the contemporary era physical borders are no impediment to nefarious activities carried out by a variety of state and non-state actors (various).
We also heard from Michael Cullen and Chris Finlayson. Cullen chaired the recent Intelligence Review and Finlayson is the current Minister of Security and Intelligence. Cullen summarised the main points of the recommendations in the Review and was kind enough to stay for questions after his panel. Finlayson arrived two hours late, failed to acknowledge any of the speakers other than Privacy Commissioner John Edwards (who gave an encouraging talk), read a standard stump speech from notes, and bolted from the room as soon as as he stopped speaking.
Thomas Beagle gave a strong presentation that was almost Nicky Hageresque in its denouncement of government powers of surveillance and control. His most important point, and one that I found compelling, was that the issue is not about the tradeoff between security and privacy but between security and power. He noted that expanded government security authority was more about wielding power over subjects than about simply infringing on privacy. If I understand him correctly, privacy is a commodity in a larger ethical game.
Note that I say commodity rather than prize. “Prize” is largely construed as a reward, gain, victory or the achievement of some other coveted objective, especially in the face of underhanded, dishonest, unscrupulous and often murderous opposition. Â However, here privacy is used as a pawn in a larger struggle between the state and its subjects. Although I disagree with his assessment that corporations do not wield power over clients when they amass data on them, his point that the government can and does wield (often retaliatory) power over people through the (mis) use of data collection is sobering at the very least.
When I agreed to join the forum I was not sure exactly what was expected from me. I decided to go for some food for thought about three basic phrases used in the information gathering business, and how the notion of consent is applied to them.
The first phrase is “bulk collection.” Bulk collection is the wholesale acquisition and storage of data for the purposes of subsequent trawling and mining in pursuit of more specific “nuggets” of actionable information. Although signals intelligence agencies such as the GCSB are known for doing this, many private entities such as social media platforms and internet service providers also do so. Whereas signals intelligence agencies may be looking for terrorists and spies in their use of filters such as PRISM and XKEYSCORE, private entities use data mining algorithms for marketing purposes (hence the targeted advertisements on social media).
“Mass surveillance” is the ongoing and undifferentiated monitoring of collective behaviour for the purposes of identifying, targeting and analysing the behaviour of specific individuals or groups. It is not the same thing as bulk collection, if for no other reason than it has a more immediate, real-time application. Mass surveillance is done by a host of public agencies, be it the Police via CCTV coverage of public spaces, transportation authorities’ coverage of roadways, railroads and airports, Â local council coverage of recreational facilities and areas, district health board monitoring of hospitals, etc. It is not only public agencies that engage in mass surveillance. Private retail outlets, shopping centres and malls, carparks, stadiums, entertainment venues, clubs, pubs, firms and gated communities all use mass surveillance. We know why they do so, just as we know why public agencies do so (crime prevention being the most common reason), but the salient fact is that they all do it.
“Targeted spying” is the covert or surreptitious observation and monitoring of targeted individuals and groups in order to identify specific activities and behaviours. It can be physical or electronic (i.e. via direct human observation or video/computer/telephone intercepts). Most of this is done by the Police and government intelligence agencies such as the SIS, and most often it is done under warrant (although the restrictions on warrantless spying have been loosened in the post 9/11 era). Yet, it is not only government security and intelligence agencies that undertake targeted spying. Private investigators, credit card agencies, debt collectors, background checking firms and others all use this as a tool of their trades.
What is evident on the face of things is that all of the information gathering activities mentioned here violate not only the right to privacy but also the presumption of innocence, particularly the first two. Information is gathered on a mass scale regardless of whether people are violating the law or, in the case of targeted spying, on the suspicion that they are.
The way governments have addressed concerns about this basic violation of democratic principles is through the warrant system. But what about wholesale data-gathering by private as well as public entities? Who gives them permission to do so, and how?
That is where informed consent comes in. Informed consent of the electorate is considered to be a hallmark of robust or mature democracies. The voting public are aware of and have institutional channels of expression and decision-making influence when it comes to the laws and regulations that govern their communal relations.
But how is that given? As it turns out, in the private sphere it is given by the phrase “terms and conditions.” Be it when we sign up to a social media platform or internet service, or when we park our cars, or when we enter a mall and engage in some retail therapy, or when we take a cab, ride the bus or board a train, there are public notices governing the terms and conditions of use of these services that include giving up the right to privacy in that particular context. It may be hidden in the fine print of an internet provider service agreement, or on a small sticker in the corner of a mall or shop entry, or on the back of a ticket, but in this day and age the use of a service comes attached with it the forfeiture of at least some degree of privacy. As soon as we tick on a box agreeing to the terms or make use of a given service, we consent to that exchange.
One can rightly argue that many people do not read the terms or conditions of service contracts. But that is the point: just as ignorance is no excuse for violation of the law, ignorance of the terms of service does not mean that consent has not been given. But here again, the question is how can this be informed consent? Well, it is not.
That takes us to the public sphere and issues of governance. The reality is that many people are not informed and do not even think that their consent is required for governments to go about their business. This brings up the issue of “implicit,” “implied” or inferred” consent. In Latin American societies the view is that if you do not say no then you implicitly mean yes. In Anglophone cultures the reverse is true: if you do not explicitly say yes than you mean no. But in contemporary Aotearoa, it seems that the Latin view prevails, as the electorate is often uninformed, disinterested, ignorant of and certainly not explicitly consenting to many government policy initiatives, including those in the security field and with regards to basic civil liberties such as the right to privacy and presumption of innocence.
One can argue that in representative democracy consent is given indirectly via electoral processes whereby politicians are elected to exercise the will of the people. Politicians make the laws that govern us all and the people can challenge them in neutral courts. Consent is given indirectly and is contingent on the courts upholding the legality if not legitimacy of policy decisions.
But is that really informed contingent consent? Do we abdicate any say about discrete policy decisions and legislative changes once we elect a government? Or do we broadly do so at regular intervals, say every three years, and then just forget about having another say until the next election cycle? I would think and hope not. And yet, that appears to be the practice in New Zealand.
Therein lies the rub. When it comes to consenting to intrusions on our privacy be they in the private or public sphere, we are more often doing so in implicit rather than informed fashion. Moreover, we tend to give broad consent to governments of the day rather than offer it on a discrete, case by case, policy by policy, law by law basis. And because we do so, both public authorities and private agencies can collect, store, manipulate and exchange our private information at their discretion rather than ours.
Your fourth paragraph puts me in mind of the title of Hager’s book the GCSB: “Secret Power”.
Hi Paul, thanks for the summary and the kind comments.
I’ve been thinking about the “power not privacy” idea for a while and it’s something I plan to keep working on and expanding.
I note that I don’t think corporations don’t have any power over us, just that it’s a different order of magnitude compared to government power.
Here’s a link to the text of my speech. https://nzccl.org.nz/content/speech-its-about-power-not-privacy
kia ora paul, it was lovely to finally meet you in person. thanx for the mention.
Thanks Anjum and Thomas. It was good to participate in the event with you.
I am not surprised that Finlayson acted like a petulant child. He seems to think that any questioning of the security services is out of bounds.
I suspect that under his watch anything that goes wrong will be swept under the rug rather than acknowledged.
Perhaps he is ticked off because the whole bag is still the PMs baby rather than his, he just get to be the figurehead.
I live in a provincial town and my circle of acquaintance is limited, yet as a result of chance events and meetings I have come across a number of cases of state surveillance.
The first case was of a person who the SIS asked to inform on a colleague and his friends, relatives and associates. That request was declined, and so nothing more came of it. The second was of a person who agreed to inform on his associates, and provided the SIS with verbal reports which he believed, rightly or wrongly, were not damaging to any of those under surveillance. The third was a salaried agent who filed accurate and insightful written reports, which were, however, not particularly well received by his superiors. Only the last came forward unprompted to admit his involvement, but the others freely admitted to their dealings with the SIS when questioned following chance events.
It is pushing things to draw conclusions from such a small number of cases, but here goes. Firstly, there are a large number of informers out there in the community, particularly among those already employed in the state service. Second, there are many, including a few professional SIS agents, who have reservations, to varying degrees, about informing on their colleagues, neighbours and fellow New Zealanders. Third, that despite having those misgivings many will continue to inform over long periods of time either because they believe that it is, on balance, the right thing to do or because they fear certain adverse consequences if they refuse.
So the first concern about state surveillance is that it creates a mentality of deceit and sometimes deep feelings of shame among the informers on the one hand, and on the other hand fear and distrust among many of those who are, or believe themselves to be, subject to surveillance.
The second concern is that as often as not there is consequential damage to the lives of those under surveillance. Even if the security agencies themselves do not act against the person under surveillance, the informers may do so, perhaps unwittingly, because more often than not they are in a position to affect the subject’s vocational, social and political progress and because it is psychologically difficult to be socially impartial with regard to the person against whom they are informing. Added to this, informers are not chosen at random. They are selected because they have privileged access to or particular knowledge of the subject of surveillance. Therefore they can influence the subject’s prospects, and they will tend to do so, even if without any conscious intent. This comes at a cost to the state and society as a whole. Good people, original thinkers and people of strong principle are lost to the state service, and quite often to the nation, although of course that must be balanced against other consequential benefits to the community. For example individuals whose progress is blocked in the state service may contribute through direct service to their community. In a slightly different context, our former intelligence officer spent the latter years of his life working, teaching, and helping the community in significant ways which he would not have been able to do while employed in state security.
So in a surveillance state some good people are lost to the system and other good people are lost within the system. They may not be lost absolutely and forever, but they are lost and the state and society withers from the heart.
Finally, organisations which operate in secret are not ideally placed to deliver the truth, even if their stated purpose is to provide intelligence, which by definition must be true. Within surveillance agencies, false ideas and beliefs tend to gain popularity. These ideas are founded firstly on a particular organisational agenda and secondly on organisational dynamics which tend to favour those who most strongly adhere to the presumptive premises of the organisation. An agency will have internal debates, but those debates take nothing like the form that they would take in an open society. Added to that, their sources or informants are limited and to a degree are a self-selecting group, and therefore open to bias. Thus surveillance agencies tend to go off track, and New Zealand history (as well as recent British and US history) is full of quite serious “errors” and “mistakes” made by its intelligence services.
Privacy is not the real issue. We are not harmed by what people know about us, but we can be harmed by what they do to us and by the climate of deceit, suspicion, distrust, shame and resentment which goes with the territory of a surveillance state. The damage to society is insidious but real, and in the end it comes down to a bunch of wasted lives and mis-used talents. State surveillance is a model of social control which has failed wherever it has been tried, including here in New Zealand, and the arguments against it go much deeper than the question of privacy.
Pablo, the issue is really about how we can hold state agents and their employers accountable for misbehaviour. Naive trust in authorities, complacent faith that they will serve the public interest, are part of traditional kiwi culture. However, those who are cynical or paranoid can be as unrealistic too.
I appreciate Geoff Fischer’s contribution above and agree that state control induces unethical conduct in some state employees, and I agree with Thomas Beagle that it’s an abuse of power issue as much as an invasion of privacy issue. I once had personal experience of secret spying that illuminates both dimensions. It happened during the decade I spent working in the TVNZ newsroom.
It was early afternoon (1994 or thereabouts) when the Te Karere came into the editing suite where I was working solo on some story, sat down with me & told me the surreal account of what had happened to her. Her desk phone rang in the TK office, she picked it up but instead of someone talking to her she heard the replay of a conversation in which she had participated in the office earlier that day. She asked me what I thought she should do.
Why me? I’d become friendly with a couple of TK’s fontline reporters & freely gave my opinion on issues of the day, and that had been happening for years. She’d been trying to figure it out with them & decided to seek advice from someone independent of the office. I advised her to report it to her boss. The obvious problem with this sensible tactic is the naive assumption that her boss has the mana to deal with the situation. Any manager in an organisational hierarchy has such a domain of responsibility, but of course if someone higher up ordered the bugging then the tactic may be ineffective.
Nonetheless, it was the right thing to do. I refrained from offering her any opinion about who or why in regard to the spying. Intertribal politics is a can of worms at the best of times: for all I knew, it could have been a major tribe eavesdropping on their office gossip to seek advantage in an intertribal dispute. But I thought it more likely that the Bolger government figured it was the ideal way to get secret intelligence on Maori treaty claims to fast-track settlement negotiations.
Of course it suggested that politically-motivated spying was also happening in the newsroom and even our editors’ crew-room. Those of us most critical of management were paid off in forced redundancies several years later in the Horizon Pacific amalgamation.
The person who replayed the recording to her was alerting her to the existence of the spying operation. Such a warning seems evidence that the spy thought the operation unethical, and was clever enough to find this way to ease his/her conscience. The fact that this spying never hit the headlines suggests the TK folk dealt with it in-house satisfactorily.
Readers ought to ponder where the public interest lies in this situation. TVNZ morphed into an SOE from a government service, and as an employee I joined the PSA. Do enough people still see it as a state broadcaster to be politically significant?? Do TVNZ employees nowadays have the right to a guarantee that secret spying operations will not be installed in the building by their managers?
Whistle-blower protection legislation is essential.