Books I have co-authored

A privacy backlash on its way: telcos will be in center of the storm

After 9/11 it was inevitable that the trade-off between civil liberties and security would shift in favor of security. The thinking of this period can neatly be summarized in a quote by Tony Blair who said something like “if there is a new terrorist attack, people will not ask why we infringed on civil liberties but why we didn’t do more to prevent this from happening”.

However, almost a decade after 9/11 the Zeitgeist has shifted once again and there are strong signals that privacy and civil liberties are on their way to becoming major political issues. The government machinery moves slowly and it takes years before a policy shift is implemented and new security measures start to affect people’s daily lives. In the name of national security, measures such as interception of Internet traffic and retention of traffic records (phone calls, SMS etc.) are now rolled out across Europe and the US while the memory of 9/11 is fading.

This backlash against the increasingly intrusive post 9/11 surveillance state is most strongly felt among the Net generation. What adds fuel to the fire is that the Net generation fears that these new instruments will be handed over to the copyright lobby to chase MP3 music file sharers. The file sharers don’t view what they’re doing as a serious criminal offense. This is a generation that lives a growing part of their social and private life on the Net. They feel strongly about even the slightest possibility of interception of private messages by secretive government agencies. Recent scandals when confidential government data bases have been compromised by human error does not exactly add to the confidence.

The privacy backlash has already triggered significant protests in some countries. In Sweden, controversies during 2008 around a new surveillance law that would give the military intelligence agency FRA the right to intercept all internet traffic that passes the Swedish border created parliamentary chaos, street protests, and dominated headline media for months until the government partly retreated.

The campaign against the “FRA-law” is a case study for how an impending privacy backlash can develop in other countries. It was successfully initiated by the Swedish blogosphere and drew supporters from wide areas of society. In the European Parliament elections in June 2009 this controversy helped the Swedish Pirate Party to gain 7.1 percent of the votes and win seats in Brussels. (The Pirate Party should not only be viewed as the political arm of music and software pirates. The issue of privacy and civil liberties was much more important for most voters than file sharing.)

In the campaign against the FRA-law, the file sharers suspected that increased surveillance would be used to gather evidence against them. Closet gay people feared that such information would somehow leak. The same applied to those who communicated with opposition groups in repressive countries. People who wanted to keep their porn habits private or cheated on their partner had their own reasons. Environmental and left-wing activists took issue with the suspicion that the secret brotherhood of spooks are too cozy with the arms industry, big government or big companies such as the GMO-industry. Celebrities feared that the tabloids would pay enough to corrupt civil servants in the surveillance agencies. Civil rights activists opposed it by principle.

More surveillance laws are in the works and new protests have the potential to explode in the headlines in more countries. In Germany street protests with upwards of 8,000 people have taken place under the banner “Freedom Not Fear”. Another country that comes to mind is the UK, which has already gone a long way towards the surveillance state.

Security agencies and the police are given new rights to install spyware on people’s computers and there are plans to track and record people’s movement via their mobile phone positioning. Customs officers in the US and UK already have the right to inspect and copy all content on a passenger’s laptop, MP3 player and mobile phone in their “fight against terrorism”. At the same time, the legal restrictions on methods that are enacted to fight terrorism have been  relaxed and they can sometimes be used without a court order or grounds for suspicion.

The EU Directive of Traffic Data Retention requires that operators keep records of their users’ traffic for up to two years (though not the content) for law enforcement agencies. Another EU Directive (IPRED) gives copyright holders the right to request file sharers IP-addresses from ISPs.

A new international antipiracy treaty, ACTA has stirred up controversy over a proposal to explicitly allow customs officers to perform random searches of laptops and MP3 players. The secrecy surrounding the ACTA negotiations of course adds to the controversy.

In addition there are EU proposals championed by France to ban users from Net access as a punishment for file sharing. The ban is planned to be an administrative decision by the operators/IPR holders without the means of appeal by the court system. It was rejected by the EU Parliament in April 2008 and rejected again during the vote for the Telecom Directive in October. In 2009, it was reintroduced a third time in the EU Parliament by the Medina report. After a tumultuous vote in May 2009 where the EU Parliament refused to accept the Telecom package (due to this controversy) the entire Telecom package was sent back to the EU Council of Ministers for compromise negotiations.

To summarize, if the tipping point is reached in the public debate and the agenda changes from of fear terrorism to fear of an Orwellian 1984 society, the tabloids will have all this and a whole lot more to write about.

The telcos are put in the awkward position of being forced to be the agents of these measures. Many telcos have an interest in exploiting the rich high quality customer data they already control. However, if they compile and extract more for their data mining projects, there will be more information for the authorities to collect. If users fear that collected information can be used against them because the telcos are too submissive to government security agencies or the copyright lobby, the trust will be lost.

In the same way as Google has been lobbying for Net Neutrality, the telcos need to step up their lobbying efforts and do everything they can to counter this development. Challenging new laws in the courts together with making noise in the media would serve the purpose of reassuring customers that defending their privacy is paramount.

When the Bush administration in 2001 requested that the US telcos cooperate with the NSA on mass wiretapping, the small operator Qwest stood firm and demanded a court order. No such order was presented and when the scandal of illegal wiretapping broke a few years later, Qwest was considered a hero.

During the Swedish FRA controversy, all the Swedish telcos made a joint critical statement against the law. Hence, the wrath was not directed against them. The incumbent TeliaSonera have repeatedly stated that they will only give out information about their customers after a final court order (that is, in the supreme court).

Telcos also need to make sure that respecting customer privacy is a priority throughout the entire organization. They should be as obsessive about privacy as the banks. No more scandals with telcos that use their network for spying on journalists or their own employees that they suspect of leaking information to the press. If there are any unlawful backroom agreements with the spooks in the name of alleged “national security” these should be dismantled.

If the telcos are transparent about what they are forced to do my belief is that they can avoid being perceived as a part of the threatening surveillance machinery.

Comments are closed.