Is one terrorism death a year really too high a price to pay for freedom from intrusive surveillance?

Philip Le RicheComputer security veteran Philip Le Riche shares his thoughts on questions raised by the revelations of state-sponsored surveillance, following the leaks by NSA whistleblower Edward Snowden.

If you have an article that you'd like to share on grahamcluley.com, please do get in touch.

One of the more interesting facets of the case of NSA whistleblower Edward Snowden is the way it has polarised opinion.

Normally, that would mean two opposing views, but in this case there seem to be three!

Edward SnowdenThere are those who regard him as a hero, those who believe he has done immense damage, and in between, those who believe what he did was wrong, but are glad he did it.

All three positions are asserted strongly by different commentators. So how do we get behind them to a balanced view? There is more to it than a simple privacy/security trade-off.

Can we ever have our security versus privacy cake and eat it?

The idea that Edward Snowden is innocent, indeed a hero, is the easiest to deal with. Anyone who thinks (as Julian Assange appears to) that you can live without secrets is deluding themselves. You might as well try playing poker with your cards face-up on the table.

Snowden broke the law and betrayed the trust placed in him, and deserves whatever penalties the law prescribes - if it can catch up with him.

That said, paradoxically a healthy democracy requires that citizens have the freedom to break the law, and - if necessary - to suffer for it. The Suffragettes did just that in order to further the cause of democracy, and remitted their case to history as their final judge.

History has yet to deliver its verdict on Edward Snowden.

Whilst secrecy is needed at some level, secrecy breeds secrecy and easily gets out of hand, becoming a cover for incompetence, poor judgement, risk aversion and mismanagement.

On the face of it at least, the Edward Snowden files indicate that the lid badly needed to be lifted on the activities of the intelligence community, and appear to highlight a serious lack of accountability in the Patriot Act, passed in the wake of 9/11.

Snowden leaksThe view that Snowden did what needed doing is probably the easiest to defend. But did he really need to take tens of thousands of files?

And his case is not strengthened by the drip feed of leaks which maximises the revenues of the newspaper industry, whether or not that is a specific intention.

Hardest to judge objectively is the view that the Snowden revelations have done immense damage, since key evidence remains secret.

Security chiefs give impressive figures for the numbers of terrorist plots that have been foiled. If you don’t like the surveillance we have, they say, you certainly wouldn’t like the virtual police state that would be rolled out as a result of a whole series of new terrorist atrocities.

But we need accountability, not just dark assertions of “if you knew what we know but can’t tell you...”.

Phone hacking scandals have amply demonstrated that journalists push the legal boundaries and sometimes exceed them, being strongly motivated by competition for circulation figures. The destitute are strongly motivated to steal in order to feed their children.

SecrecyHow can we expect the spooks not to be strongly motivated to push the boundaries, with the highest motives of keeping us safe from terrorism, and with the cloak of secrecy, and a press ready to jump on any “intelligence failure” as tantamount to incompetence?

Spooks are human, too, after all. But all of us need to stop once in a while and ask ourselves whether what we’re doing still makes sense. The answer can be surprising, and it isn’t always welcome.

So what conclusions do I draw from the whole affair? Can a middle road exist in a dangerous world?

Firstly, with the advent of the internet, the intelligence community has been spoilt by an unprecedented treasure trove of information. But they need to recognise that no intelligence source lasts for ever.

They can whinge about the “internet going dark” with increasing use of encryption, and about their methods becoming known. Crows might as well whinge if hedgehogs ever learnt to look both ways before crossing the road.

There will always be whistleblowers, and sooner or later your adversary is going to realise what you’re up to. Just as impressive as the code breaking at Bletchley Park was the fact that the secret was kept. Good old-fashioned police and detective work has to remain the core intelligence skill.

The second key point is that we need a much more mature public understanding of risk.

Source: "Theoretical Pitfalls and Policy Conundrums:  Exploring Myths and Realities on Post-9/11 Terrorism and Counterterrorism" - John Mueller, Ohio State University and Mark G. Stewart, University of Newcastle, Australia.

Source: "Theoretical Pitfalls and Policy Conundrums:
Exploring Myths and Realities on Post-9/11 Terrorism and Counterterrorism"
- John Mueller, Ohio State University and Mark G. Stewart, University of Newcastle, Australia.

We tolerate (in the UK) 50 road deaths a week as the price we’re prepared to pay for the freedom to drive.

Yet one death in a year through a terrorist act seems too high a price to pay for freedom from intrusive surveillance. Do we value our privacy as little as that?

The press has much to answer for, in making so much of one in comparison to the other. The only way to defeat terrorism is to refuse to be terrorised.

Accountability has to be the key, indeed, it’s the foundation of democracy: those who rule are accountable to those who elect them to office.

MI5 logoThose whose mission is to keep us safe are not directly elected but must still be accountable under a strong and transparent legal framework, otherwise they will lose the trust of the public.

The UK Security Service MI5 defines its mission as the protection of parliamentary democracy in the UK. If it were to lose public trust it would be indirectly undermining than very mission.

If you look around the world it’s clear that democracy never thrives in societies where there is no tradition of trust in the government.

So can we have our privacy and security cake and eat it?

It all comes down to accountability and trust. We can have half our cake, but only if we can trust ourselves not to eat that half too.

Tags: , , , , ,

Smashing Security podcast
Check out "Smashing Security", the new weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"Three people having fun in an industry often focused on bad news" • "It's brilliant!" • "The Top Gear of computer security"

Latest episode:

, , , , ,

10 Responses

  1. Farid

    October 29, 2013 at 12:39 pm #

    I admire people who take a chance and blow whistle on something they feel is not just. However, in the case of Edward Snowden it seems the whole thing – infiltration, escape to Hong Kong, and the rest – was preplanned. If you blow the whistle on unjustified surveillance in US and then find refuge in China and Russia who are by far worse offenders and the US, you cast a heavy doubt on your motives.

    On a side node, staying objective in an article is vital. When you take off the year 2001 to make the stats better suite the message, you simply alienate the readers.

  2. Paul

    October 29, 2013 at 1:06 pm #

    Mr. LeRiche,
    You offer much fluff and no substance or positive outcome and find yourself in a precarious position declaring, "The only way to defeat terrorism is to refuse to be terrorised." Opinions you properly offer but a human lacks the intelligence and wisdom to declare "only".
    Regards

    • Nate Silverman in reply to Paul.

      November 9, 2013 at 2:36 am #

      Agreed. <""The only way to defeat terrorism is to refuse to be terrorised."> makes about as much sense as saying:

      "The only way to defeat murder is to refuse to be murdered."

      Such a conclusion is totally lacking of any foundation.

      Or, another more reasonable interpretation could be:

      "The only way to defeat terrorism is to learn of terrorist plots and stop them before they are carried into execution."

  3. wally

    October 29, 2013 at 2:09 pm #

    I would suggest that the 'drip' of leaks is most important to keep the debate ongoing.
    If it weren't for the continuing items, I would expect this would all have been denied, hidden, and forgotten by now.
    Even though this has been alive for some time now – has anyone seen any positive response by the US government?

  4. Philip Daly

    October 30, 2013 at 7:33 am #

    When Snowden handed over those files to Glenn Greenwald et
    al he knew his life was over and that they would chase him forever.
    US power and influence throughout the globe is so pervasive that
    most doors were going to be closed to him. Regardless of the
    morality/legality of the situation he has to get some points for
    bravery.

    • Nate Silverman in reply to Philip Daly.

      November 9, 2013 at 2:42 am #

      Bravery would have been staying here to face the music, and limiting his disclosures to possible abuses of privacy of US citizens; not running away with thousands of records involving foreign surveillance, and into the hands of two undemocratic regimes.

      I refuse to ignore the damage Snowden has needlessly done to our personal safety and our national security in the name of revealing some domestic abuses of privacy.

      He is as guilty of treason as any other traitor in our history.

  5. George Butel

    October 31, 2013 at 5:52 am #

    I find the implicit assumption that we can predict future mortality rates from terrorism on the basis of what those figures in the US were between 2002 and 2007 to be completely absurd. Imagine the Japanese, in 1941, trying to anticipate the maximum possible mortality rates and destruction from any hypothetical air strikes on their cities by America. They would have laughed at the possibility of a Hiroshima type event or of a Tokyo firebombing type event. The fact that we have not suffered a mega-terrorist event does not mean that it could not occur, or that we should not try to keep it from occurring.

    More power to the NSA, and let's hope that Snowden gets what he deserves–to be handed over to us and to be tried for treason. If the NSA's in my neighborhood, have them stop in for Frappuccino. And, speaking of the NSA, Dear NSA: a year or so ago, Microsoft "lost" all the emails of mine that were stored in my inbox on their servers from prior to 2004. I would greatly appreciate it if you could forward me a copy of those emails. Thanks.

  6. Philip Le Riche

    October 31, 2013 at 9:46 pm #

    Thank you all for interesting comments.

    Farid – Anyone thinking of following in Snowden's footsteps would do well to study his case carefully – there are plenty of lessons to be learnt about how not to do it. I tried to be as impartial and objective as I could. (Err, the year 2001 was there. But not my stats anyway.)

    Paul – War on terror hasn't worked. How about fighting it with peace? Naive? Maybe. "Only" was "only" my opinion – you're free to differ. But I wonder how the world would be different if, following 9/11, the US President had had the courage to say "Aw, shucks. Shit happens. Let's sweep up the mess and get on with life" instead of launching 2 foreign wars. More dead? Fewer dead? Sadam Hussein still in power? But I suspect a little less hatred between cultures and a few fewer impressionable young men driven into the arms of extremists.

    Wally – Yes, the drip feed may have been necessary – I'm just a bit cynical about anything that fills the coffers of the press. Must be my age. But I think we've seen the beginnings of a positive response with Obama visibly discomforted by Merkel's ire.

    Philip – Brave – probably I'd agree. But the dividing line between bravery and foolhardiness is a fine one, and we might not all agree which side of it he's on!

    George – Agreed, we can never discount the possibility of a future mega terrorist act, but there are some risks you just have to accept. Have you insured your house against a Tunguska-type event? Like me, you probably assume it's just not gonna happen. It's nearly impossible to estimate how much it's worth spending to insure against events for which no statistics are available, and when the cost is in part our privacy, which different people value differently, there's no chance we'll reach unanimity. Your opinion is worth as much as mine.

  7. Nate Silverman

    November 8, 2013 at 8:49 pm #

    I differ when he says this: "Yet one death in a
    year through a terrorist act seems too high a price to pay for
    freedom from intrusive surveillance. Do we value our privacy as
    little as that?" How does he get this nonsensical number!
    How does he know how many deaths have been prevented? There were
    close to 3,000 deaths in ONE SINGLE ACT OF TERRORISM!!! It may take
    decades or more before this country recovers from the damage done
    by the traitor Edward Snowden.

  8. Graham M

    December 8, 2015 at 11:06 am #

    What the statistics don't and cannot say is how many deaths were prevented by the now known surveillance and monitoring techniques that have been in use over the last few years.

    The whole privacy debate is based on the myth that the state or other entities have the time or resources to actually examine everyone's communications – they don't and won't. They do however need to have the mechanism to capture such communications in order to be able to examine or find the communications of persons or entities who are of genuine interest to them – this is a subtle but important difference and means that society as a whole has little to fear and is significantly safer for it in my view.

Leave a Reply