Riina Kionka:Last week Time magazine published the list of possible people of the year and it happened to include President Obama and Edward Snowden, who can be seen as the bookends we will be discussing during this panel. Keywords can be considered to be drone strikes, surveillance, and what this means for freedom of expression etc. We’ll start with Richard Barrett, who said in an interview a few years ago:“We need to accept the fact that there are people who are planning attacks and some of them will inevitably get through the net.”So how do we get them – do we use all the means?And what about proportionality in our response?
Richard Barrett:After 11 September 2001, our world has been astonishingly disfigured by the attacks. It’s almost hard to remember how things were.An enormous amount of money is spent on protecting us from terrorism. In the West, we have generally believed that all these measures and amounts are proportional and a proper assessment of the threat, rather than being an excuse used to erode our freedom. But even if we leave aside the debate we will have later about Guantanamo and drones, our opinions have changed, and the false equation between protection of security and restriction of rights has become deeply ingrained in how governments conduct their policy. I wouldn’t endorse Snowden’s actions in any sort of way, but I find what he has done has raised some useful questions for public debate.Most Americans are completely unconcerned about these revelations, they believe it is proper execution of government authority, they don’t mind that someone has read their e-mails, it’s a fair trade-off.But there is a growing and dangerous division between those who enforce the rules and those who obey them. If the government no longer holds an informed debate about their policies, it’s a problem for democracy as a whole. When new measures are introduced against terrorism, we assume there’s no need for argument, we assume that this is the only way to apprehend these militant people who wish us ill. The logic is borne out by statistics to some extent. The countries where the fight against terrorism is not the main theme are also the ones that have lost the most lives to terrorism. We are lucky that we live in the West where the risk and number of victims is low.But we could ask why, then, we support disproportionate measures.
Only a few people have died in London since the 2005 attacks. This is because of the unseen protections we benefit from, although the public does not know this. But what is the benefit on which the US has spent tens of billions of dollars?This is the fact that governments are under immense criticism if they are not able to protect people from the threat. The risk is overestimated rather than underestimated. In the UN, there are four issues to do with counterterrorism: Dealing with the reasons people become terrorists; 2) ensure that the proper laws exist for the fight against terrorism; 3) improving state capacity in the field and 4) observe human rights while countering terrorism. All too often, governments and public at large forget what we are fighting to protect; it’s important to remember what we’re fighting for as well as against.
Kalev Leetaru:I want to give a general picture of what undergirds human society and the ever changing touch-points (presents a number of slides that depict the explosive growth in power consumption, telephone calls, Internet posts etc over time). Opportunities have improved to measure the phenomenon I would call the digital heartbeat. This is due to the fact that we document or map our activities so that basic behavioural patterns arise – we can determine the languages spoken in a given region, people’s movements, habits etc. For example, we can position their starting points and see, almost in real time, what district of the city some exciting event is taking place in.In the same way, we can forecast the spread of a flu epidemic. We can also look at what people talk about Iran or Egypt in the world media, forming clear connections that we perhaps would otherwise not notice.
Vivian Loonela:Since the Snowden revelations broke, the European Commission has been very vocal and expressed a clear position: that mass surveillance is unacceptable. In order to understand, I’ll explain the context. The right to protection of personal data is a fundamental right in the EU. This comes from our history. The other aspect is trust. The revelations have had a negative effect on transatlantic trust between strategic partners and the digital economy, which is based on trust. A few days ago, the European Commission released findings of a fact-finding mission on the revelations. The main conclusion was that US legal system does indeed allow for mass surveillance of foreigners and accessing of data collected by American companies. Another important conclusion was that the safeguards for US and European citizens are very different. For the US, the mere fact that you’re a foreigner is the basis for collecting information. A third very important aspect is that court authority is secret, so that people can’t even give permission. To sum up, the question is how to balance international security and fundamental rights. It’s important to observe the principle of necessity and proportionality. We don’t have to do everything only because we are able to do it. Currently agreements are in place on data flow between the EU and the US, such as the terrorism bank activity tracking and airline passenger program. There is also an agreement on safe harbour, allowing companies in Europe to transfer data to companies in the US. This also encompasses large social media companies like Facebook. A majority of legal acts, above all the last-mentioned one, are being reviewed and reformed in the Europe and the US.
Mustafa Qadri:My main activity is related to observation of human rights in Pakistan. We can’t divorce human rights from security. The first step is to be honest to the public. In my recent research, I have looked at US drone strikes. Tens of thousands have been killed by terrorism, but lately the fear of terrorism is starting to be eclipsed by the fear of becoming a victim of a drone strike. I see this as a big security risk and a failure of leadership from the more established nations in the international community. The Americans may be viewed as the attacker, but it has nevertheless had an implicit imprimatur from other Western nations. This is not yet seen as a major problem. The secrecy that surrounds drone strikes and other intelligence activity breeds all sorts of conspiracy theories and innuendo and undermines trust of ordinary persons in their state. The one thing we need to discuss is long-term solutions to these problems. If you are at war in Afghanistan and your enemy has bases in Pakistan, what is the long term solution, it’s not eliminating a few commanders. For me, the key is human rights. In the long term, the solutions are not just about law and institutions. We need clever, agile strategies to resolve broader problems such as ensuring properly trained police and intelligence services and cooperation between them, and the underlying social issues.The measures to this point have largely been at cross-purposes to the goal, as there is more fear than transparency in drone strikes. It shouldn’t be forgotten that if countries with good democratic images use such means, problematic countries will copy them.
Quirine Eijkman:I’d like to discuss what surveillance programmes mean for human rights – the surveillance programs have a tremendous potential for social control. It could be used for the benefit or to the detriment of humankind.Thus it’s important to know who makes the decisions and who is in charge. Such measures have never before been used so extensively. In the Netherlands, we have very effective form of accountability of information that our intelligence agencies can do to fight terrorism, the laws only apply to the Dutch situation, and are more vague on international cooperation. I believe that our governments obtain the same information through international cooperation and thus our valid legal acts are not sufficient for the current technological era. I don’t believe conspiracy theories but there is a potential for social control. There is also a real danger of legitimizing human rights violations in other countries.
I’m not talking only about protection for personal data – the question is also about equal treatment. Everyone’s human rights should be equally protected. In reality, security agencies divide people into risk groups. Travel to the US is made difficult for specific people. The question is who decides this. What are the factors for the decision? I am leading quite a big research project at the University of Leiden on indications where people were about to commit a terrorist attack, and we concluded it was extremely difficult to establish what these indicators of risk are. This raises the question of whether such intelligence activity is justified.
It also raises the question whether the principles of the rule of law apply in cyberspace. In our ordinary legal framework, it is easier to hold government institutions accountable, but in cyberspace, information spreads and is shared so easily that everything is more difficult. We should question whether we need surveillance programmes if we don’t know who is responsible and who makes decisions about whether they are proportional or not. Second of all, the question is about the legitimacy granted by the people. Snowden is considered a whistleblower by Amnesty International, if we don’t organize our accountability mechanisms in a more wired way in line with cyberspace, more Snowdens will step up and hold us accountable. But as Barrett said, this is not preferable, as such leaks expose major international security risks.
Anastassia Rybasenko (question from the audience):Russia has applied to Interpol and they want to put me on the Interpol wanted list. I have received asylum here (in Estonia) for political persecution, but I am wanted by Interpol. Thus, what difference is there between Russia and the EU? What could be done to prevent such violation of human rights in the EU?
Ivar Tallo (question from the audience):Big data in itself has a principle that is contradictory to data protection. A general principle is that data must be used for the purpose for which it was collected. But in this case, the data are easy to collect, but it is not known why they will be used, we find a purpose later. How should we view this fundamental contradiction?
Third questing (did not identify self):The question is for Leetaru – do you as an innovative data analyst, do you think the data collected by the US for purpose of fighting terrorism all necessary?
Richard Barrett:In response to the second and third question: with counterterrorism you’re trying to prevent something from happening, and ideally you should deal with terrorism as a criminal act, but that means dealing it with it afterwards. If you deal with something before, you encounter more difficulties with human rights. We do much to undermine the terrorist narrative and it’s hard to gauge the impact. I wonder whether big data may be a way what particular initiatives we might introduce to counterterrorism.
Mustafa Qadri:A problem with Big Data is also that we lack a transparent mechanism for distinguishing truly valid threats from background information. For instance, courts prosecuting people: there’s a certain threshold that must be met. You might need a lower threshold of regular law enforcement, you need much more information about the suspect. We often think authoritarianism can’t happen in our society. So we need to have this conversation early on before we reach a dangerous period.
Vivian Loonela:Any data that is identifiable to a person is considered personal data. It doesn’t matter if it’s Big Data or on Twitter, it is still your personal data. How metadata is defined shows how different the EU system is from other systems. There is a US Supreme Court decision which does not afford the same protection to metadata as to personal data.
Kalev Leetaru:Still, we have to distinguish between public data and metadata, which are sensitive data.For example, we don’t use medical database data, where doctor-patient confidentiality is involved. Public information is something posted with the purpose of sharing it with the world. Governments have many more sophisticated ways to get data on people. The method I use can be used by every ordinary person. But it is truly an important issue how to view tracking people’s personal information. During the Cold War, the US allegedly got 90% of its information on the Soviet Union from public data. The other common thread whose practicality raises doubts is the principle of collecting all the data we can just because we can. Often energy is wasted and afterwards it turns out that no one can do anything with the data. As to public information, we all have an opportunity to turn off our smart devices and disengage, but we don’t do that. So we create this public database about ourselves and it’s clear that the intelligence services obtain this information. To sum up, I want to say that we can say much more, using much less personal information, than we have been doing.
Mustafa Qadri:We shouldn’t forget that human rights are inalienable and our birthright, and information on our private lives is nothing that we can switch on and off. That’s why status of whether a device is or is not under surveillance is a question of our fundamental rights.
Quirine Eijkman:When I post on Facebook, I’m talking to my family and friends, I don’t put information there for security institutions. It is important to consider the context. We can’t assume that a 16-year-old student realizes all of the consequences and has to answer to security institutions later. Due to a bit of wordplay that was misunderstood, some Dutch teens were banned from entering the US. Thus I don’t believe the argument of “optional,” the question is about context and its interpretation by security institutions is a problem from the standpoint of human rights.
Vivian Loonela:There’s a big difference between public data posted for public purposes, but e-mails were not intended to be. The way technology is developing – the fact that cyber communication can be hacked – is also the reason that we need more specific legal acts in this field.The EU is trying to find a legal solution to ensure that when a 16-year-old student turns 26, he doesn’t need to worry about how his posting history over the years will affect him. The current legislation is from 1995, and thus the situation has changed a great deal. We want technology-neutral legal acts that are up to date and also functional years later. Work is going on in this direction, the primary thing is that there is progress toward greater privacy. It all has a concrete economic impact as well, as mutual trust has a major role in digital communication.
Richard Barrett:To prevent serious crimes, we have to be capable of using every possible mechanism. Thus we get back to proportionality. I agree with Leetaru: there’s too much pointless data gathering, which we don’t need.
Kalev Leetaru:I believe governments should have a legal way to track truly suspicious persons – say, who have made a bomb threat. But we shouldn’t forget that we can agree on these matters in developed countries, but there’s always a chance that North Korea will continue the secret mass surveillance. The whole discourse has become more and more international, but dissidents often post in English, which means in cyberspace, the interaction is taking place at the word level. Another question that we didn’t cover today is private trading of our personal data to advertisers. We shouldn’t think that companies are out for providing better service to us but governments spy and are malicious.
Vivian Loonela:Yesterday all of the leading Internet companies issued a joint statement where they said what is happening is bad for their business. They have a legal duty to conduct surveillance of individuals.
Kalev Leetaru:That’s not quite the case, as the income of these companies depends on how successfully they sell advertising.
Mustafa Qadri:Yet governments are major customers of many companies and are able to have an effect on their activities. We recently wanted to get a satellite image of a bombed village from a US satellite service provider, but they refused for fear of angering the US government – a client of theirs. Finally we got the images from a European company. What’s happening is a crisis of democracy, as we are not seen as citizens but as consumers.
Quirine Eijkman:Although companies should take responsibility for their activities, we must not forget that governments are more capable and potentially dangerous if they can gather personal information about us. The main problem is that we don’t know how scrupulous governments are with the information they gather, and there’s no transparency. As counties draft legislation, they have a much better way of changing the situation.
Richard Barrett:Still, it’s important to keep the discussion going and broaden it on the topic of what the surveillance means, to decrease mistrust and increase information. This discussion should be more extensive than the debate between politicians worrying about the next elections.
Kari Käsper (question from the audience):My question is about courts and the justice system. The European Court of Human Rights is quite slow in terms of changes stemming from technological advances, but we can expect numerous court cases in relation to government privacy violations. How should we change our legal system?Are the European Commission’s hands tied, as security questions are in the competence of member states?
Anastassia Rybasenko (question from the audience):I’d like to ask the question I asked earlier about Interpol.
Quirine Eijkman:Interpol is an example of how security institutions apparently don’t work closely enough in recent years due to the information gathering, Interpol has also become very politicized.I recommend that government leaders be urged to include these topics to a greater extent in their operational programmes.
In response to the other question, I think that judges should receive more training in the field of information technology to be more effective at dealing with such challenges. It’s a broader problem and a better understanding of information technology will benefit all officials, ministers and policy planners.
Kalev Leetaru:Countries have their own laws and value systems, their own cultures, which inevitably in today’s globalizing world leads more frequently to conflicting interests. But I still believe that technological progress will ultimately tear down these walls.