I spy with my little algorithm


Whether it's done by secret police or computer algorithms, being stripped of privacy is fundamentally dehumanizing. © newarpp/Thinkstock

Every morning when you put your cell phone in your pocket you’re making an implicit bargain with the carrier: ‘I want to make and receive mobile calls; in exchange, I allow this company to know where I am at all times.’

The bargain isn’t specified in any contract, but it’s inherent in how the system works.

This is a very intimate form of surveillance. Your cell phone tracks where you live and where you work. Since it knows about all the other phones in the area, it tracks whom you spend your days with, whom you meet for lunch, and whom you sleep with. The accumulated data can probably paint a better picture of how you spend your time than you can. In 2012, researchers were able to use this data to predict where people would be 24 hours later to within 20 metres.

Your location information is valuable. There is a whole industry dedicated to tracking you in real time. Companies use your phone to track you in stores, to learn how you shop, track you on the road to determine how close you might be to a particular store, and deliver retail advertising to your phone based on where you are right now. Your location data is so valuable that cell-phone companies are now selling it to data brokers, who resell it to anyone willing to pay for it. Companies like Sense Networks specialize in using this data to build personal profiles of each of us.

US company Verint sells phone-tracking systems to corporations and governments worldwide. Its website says that Verint is ‘a global leader in Actionable Intelligence solutions for customer engagement optimization, security intelligence and fraud, risk and compliance with clients in more than 10,000 organizations in over 180 countries’.

‘Free’ is a special price, and people don’t act rationally around it

Cobham sells a system that allows someone to send a ‘blind’ call to a phone – one that doesn’t ring and isn’t detectable. The blind call forces the phone to transmit on a certain frequency, allowing the sender to track the phone to within one metre. The British company boasts government customers in Algeria, Brunei, Ghana, Pakistan, Saudi Arabia, Singapore and the US.

Defentek, a company registered in Panama, sells a system that can ‘locate and track any phone number in the world… undetected and unknown to the network, carrier or target’.

A feudal relationship

It’s not just cell-phone location data. Most of us don’t realize the degree to which computers are integrated into everything we do, or that computer storage has become cheap enough to make it feasible to save indefinitely all the data we churn out.

All this data is used for surveillance. It happens automatically and it’s largely hidden from view. This is ubiquitous mass surveillance.

Surveillance data is largely collected by corporations we interact with as customers or users. In 2012, the New York Times published a story about how corporations analyse our data for advertising advantage. The story included an anecdote about a Minneapolis man who had complained to a Target store that sent baby-related coupons to his teenage daughter… only to find out later that Target was right.

If you want to know who’s tracking you, install one of the browser plugins [such as Lightbeam or DoNotTrackMe] that let you monitor cookies. I guarantee you will be startled. One reporter discovered 105 different companies tracked his internet use during one 36-hour period.*

Surveillance is the business model of the internet for two primary reasons: people like ‘free’ and people like ‘convenient’. ‘Free’ is a special price, and people don’t act rationally around it. Free warps our sense of cost versus benefit, and people end up trading their personal data for less than it is worth. If something is free, you’re not the customer: you’re the product.

Our relationship with many of the internet companies we rely on is not a traditional company-customer relationship. That’s primarily because we’re the products those companies sell to their real customers. The companies are analogous to feudal lords, and we are their vassals, producing data that they then sell for profit.

Spying states

Governments want to spy on everyone to find terrorists and criminals, and – depending on the government – political or environmental activists, consumer advocates, freethinkers.

Corporate and government surveillance are intertwined: the two support each other in a public-private surveillance partnership that spans the world. This isn’t a formal agreement; it’s more an alliance of interests.

Although Edward Snowden’s revelations about US National Security Agency (NSA) surveillance have caused rifts in the partnership, it’s still strong. The NSA legally compels internet companies like Microsoft, Google, Apple and Yahoo to provide data on several thousand individuals of interest. Sometimes they’re forced by the courts to hand over data, largely in secret. At other times, the NSA has hacked into those corporations’ infrastructure without their permission.

Britain’s communications headquarters GCHQ pays companies like BT and Vodafone to give it access to bulk telecommunications all over the world. Vodafone gives Albania, Egypt, Hungary, Ireland and Qatar – possibly 29 countries in total – direct access to internet traffic flowing inside their countries.

Italian cyber-weapons manufacturer Hacking Team sells hacking systems to governments worldwide for use against computer and smartphone operating systems. Customers include the governments of Azerbaijan, Colombia, Egypt, Saudi Arabia, Turkey and Morocco.

Most of the big US defence contractors, such as Raytheon, Northrop Grumman and Harris Corporation, build cyber weapons for the US military. Syria used German company Siemens. The Qadafi regime in Libya used China’s ZTE and South Africa’s VASTech.

We don’t know whether governments attempt surreptitiously to insert ‘backdoors’ into products of companies over which they have no direct political or legal control, but many computer security experts believe it is happening.

At a 2013 technology conference, Google CEO Eric Schmidt tried to reassure the audience by saying that he was ‘pretty sure that information within Google is now safe from any government’s prying eyes’.

A more accurate statement might have been: ‘Your data is safe from governments, except for the ways we don’t know about and the ways we cannot tell you about.’ The other thing Schmidt didn’t say is: ‘And of course, we still have complete access to it all, and can sell it to whomever we want... and you will have no recourse.’

Why it matters

Defenders of surveillance – from the Stasi to Augusto Pinochet to Google’s Eric Schmidt – have always relied on the old saying: ‘If you have nothing to hide, then you have nothing to fear.’

This is a dangerously narrow conception of the value of privacy. Privacy is an essential human need and central to our ability to control how we relate to the world. Being stripped of privacy is fundamentally dehumanizing, and it makes no difference whether the surveillance is conducted by undercover police or by a computer algorithm.

Government mass surveillance is often portrayed as a security benefit, something that protects us from terrorism. But there is no actual proof of any real successes against terrorism as a result of mass surveillance, and significant evidence of harm. Enabling ubiquitous mass surveillance requires maintaining an insecure internet, which makes us all less safe from rival governments, criminals and hackers.

We need to protect ourselves from government and corporate surveillance and to be proactive about how we deal with new technologies.

The remedies are as complicated as the issue. They require a shift in how we perceive surveillance and value privacy, because we’re not going to get any serious legal reforms until society starts demanding them.

For now, fear trumps privacy. And fear of terrorism trumps fear of tyranny.

This is excerpted from Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World (Norton, 2015). Bruce Schneier is a security technologist and a Fellow at the Kennedy School of Government at Harvard University. You can find him online at schneier.com

*Most of the companies tracking you may have names you have never heard of: Rubicon Project, AdSomar, Quantcast, Plus 260, Undertone, Traffic Marketplace.

Beyond security theatre

Beyond security theatre

Terrorism is rare, far rarer than many people think. It’s rare because very few people want to commit acts of terrorism, and executing a terrorist plot is much harder than television makes it appear. The best defences against terrorism are largely invisible: investigation, intelligence, and emergency response. But even these are less effective at keeping us safe than our social and political policies, both at home and abroad. However, our elected leaders don’t think this way: they are far more likely to implement security theatre against movie-plot threats.

A movie-plot threat is an overly specific attack scenario. Whether it’s terrorists with crop dusters, terrorists contaminating the milk supply, or terrorists attacking the Olympics, specific stories affect our emotions more intensely than mere data does. Stories are what we fear. It’s not just hypothetical stories: terrorists flying planes into buildings, terrorists with bombs in their shoes or in their water bottles, and terrorists with guns and bombs waging a co-ordinated attack against a city are even scarier movie-plot threats because they actually happened.

Security theatre refers to security measures that make people feel more secure without doing anything actually to improve their security. An example: the photo ID checks that have sprung up in office buildings. No-one has ever explained why verifying that someone has a photo ID provides any actual security, but it looks like security to have a uniformed guard-for-hire looking at ID cards. Airport-security examples include the National Guard troops stationed at US airports in the months after 9/11 – their guns had no bullets. The US colour-coded system of threat levels, the pervasive harassment of photographers, and the metal detectors that are increasingly common in hotels and office buildings since the Mumbai terrorist attacks, are additional examples.

To be sure, reasonable arguments can be made that some terrorist targets are more attractive than others: aeroplanes because a small bomb can result in the death of everyone aboard; monuments because of their national significance; national events because of television coverage; and transportation because of the numbers of people who commute daily. But there are literally millions of potential targets in any large country (there are five million commercial buildings alone in the US), and hundreds of potential terrorist tactics; it’s impossible to defend every place against everything, and it’s impossible to predict which tactic and target terrorists will try next.

Feeling and reality

Security is both a feeling and a reality. The propensity for security theatre comes from the interplay between the public and its leaders. When people are scared, they need something done that will make them feel safe, even if it doesn’t truly make them safer.  Politicians naturally want to do something in response to a crisis, even if that something doesn’t make any sense.

Often, this ‘something’ is directly related to the details of a recent event: we confiscate liquids, screen shoes, and ban box-cutters on aeroplanes. But it’s not the target and tactics of the last attack that are important, but the next attack. These measures are only effective if we happen to guess what the next terrorists are planning. If we spend billions defending our rail systems, and the terrorists bomb a shopping mall instead, we’ve wasted our money. If we concentrate airport security on screening shoes and confiscating liquids, and the terrorists hide explosives in their brassieres and use solids, we’ve wasted our money. Terrorists don’t care what they blow up and it shouldn’t be our goal merely to force the terrorists to make a minor change in their tactics or targets.

Our penchant for movie plots blinds us to the broader threats. And security theatre consumes resources that could better be spent elsewhere.

Once a society starts circumventing its own laws, the risks to its future stability are much greater than terrorism

Any terrorist attack is a series of events: something like planning, recruiting, funding, practising, executing, aftermath. Our most effective defences are at the beginning and end of that process – intelligence, investigation, and emergency response – and least effective when they require us to guess the plot correctly. By intelligence and investigation, I don’t mean the broad data-mining or eavesdropping systems that have been proposed and in some cases implemented – those are also movie-plot stories without much basis in actual effectiveness – but instead, the traditional ‘follow the evidence’ type of investigation that has worked for decades.

Unfortunately for politicians, the security measures that work are largely invisible. Such measures include enhancing the intelligence-gathering abilities of the secret services, hiring cultural experts and Arabic translators, building bridges with Islamic communities both nationally and internationally, funding police capabilities – both investigative arms to prevent terrorist attacks, and emergency communications systems for after attacks occur – and arresting terrorist plotters without media fanfare. They do not include expansive new police or spying laws. Our police don’t need any new laws to deal with terrorism: rather, they need apolitical funding. These security measures don’t make good television; and they don’t help, come re-election time. But they work; addressing the reality of security instead of the feeling.

The arrest of the ‘liquid bombers’ in London is an example: they were caught through old-fashioned intelligence and police work. Their choice of target (aeroplanes) and tactic (liquid explosives) didn’t matter; they would have been arrested regardless.

But even as we do all of this we cannot neglect the feeling of security, because it’s how we collectively overcome the psychological damage that terrorism causes. It’s not security theatre we need, it’s direct appeals to our feelings. The best way to help people feel secure is by acting secure around them. Instead of reacting to terrorism with fear, we – and our leaders – need to react with indomitability.

Refuse to be terrorized

By not overreacting, by not responding to movie-plot threats, and by not becoming defensive, we demonstrate the resilience of our society, in our laws, our culture, our freedoms. There is a difference between indomitability and arrogant ‘bring ’em on’ rhetoric. There’s a difference between accepting the inherent risk that comes with a free and open society, and hyping the threats. 

We should treat terrorists like common criminals and give them all the benefits of true and open justice – not merely because it demonstrates our indomitability, but because it makes us all safer. Once a society starts circumventing its own laws, the risks to its future stability are much greater than terrorism.

Supporting real security even though it’s invisible, and demonstrating indomitability even though fear is more politically expedient, requires real courage. Demagoguery is easy. What we need are leaders willing both to do what’s right and to speak the truth.

Despite fearful rhetoric to the contrary, terrorism is not a transcendent threat. A terrorist attack cannot possibly destroy a country’s way of life: it’s only our reaction to that attack that can do that kind of damage. The more we undermine our own laws, the more we convert our buildings into fortresses, the more we reduce the freedoms and liberties at the foundation of our societies, the more we’re doing the terrorists’ job for them.

We saw some of this in the Londoners’ reaction to the 2005 transport bombings. Among the political and media hype and fearmongering, there was a thread of firm resolve. People didn’t fall victim to fear. They rode the trains and buses the next day and continued their lives. Terrorism’s goal isn’t murder: terrorism attacks the mind, using victims as a prop. By refusing to be terrorized, we deny the terrorists their primary weapon: our own fear.

Today, we can project indomitability by rolling back all the fear-based post-9/11 security measures. Our leaders have lost credibility; getting it back requires a decrease in hyperbole. Ditch the invasive mass surveillance systems and new police state-like powers. Return airport security to pre-9/11 levels. Remove swagger from our foreign policies. Show the world that our legal system is up to the challenge of terrorism. Stop telling people to report all suspicious activity: it does little but make us suspicious of each other, increasing both fear and helplessness.

By refusing to be terrorized, we deny the terrorists their primary weapon: our own fear

Terrorism has always been rare, and for all we’ve heard about 9/11 changing the world, it’s still rare. Even 9/11 failed to kill as many people as automobiles do in the US every single month. But there’s a pervasive myth that terrorism is easy. It’s easy to imagine terrorist plots, both large-scale ‘poison the food supply’ and small-scale ‘10 guys with guns and cars’. Movies and television bolster this myth, so many people are surprised that there have been so few attacks in Western cities since 9/11. Certainly intelligence and investigation successes have made it harder, but mostly it’s because terrorist attacks are actually hard. It’s hard to find willing recruits, to co-ordinate plans, and to execute those plans – and it’s easy to make mistakes.

Counterterrorism is also hard, especially when we’re psychologically prone to muck it up.  Since 9/11, we’ve embarked on strategies of defending specific targets against specific tactics, overreacting to every terrorist video, stoking fear, demonizing ethnic groups, and treating the terrorists as if they were legitimate military opponents who could actually destroy a country or a way of life – all of this plays into the hands of terrorists. We’d do much better by leveraging the inherent strengths of our modern democracies and the natural advantages we have over the terrorists: our adaptability and survivability, our international network of laws and law enforcement, and the freedoms and liberties that make our society so enviable. The way we live is open enough to make terrorists rare; we are observant enough to prevent most of the terrorist plots that exist, and indomitable enough to survive the even fewer terrorist plots that actually succeed. We don’t need to pretend otherwise.

Bruce Schneier is an internationally renowned security technologist and the author of Beyond Fear: Thinking Sensibly About Security in an Uncertain World (Springer, 2006).

Further essays by Bruce Schneier on some of the topics covered in this article:  

Rare risks and overreaction:

Refuse to be terrorized:

Harassing photographers:

War on the unexpected:

Aeroplane security:

Seven habits of highly ineffective terrorists:

Portrait of the modern terrorist as an idiot:

Terrorists using our infrastructure:

Data mining for terrorists:

Movie-plot threats:

Subscribe   Ethical Shop