One of the figures of speech used to illustrate how the measures in the draft Investigatory Powers Bill will work is as follows. Under its proposals, the security services will be empowered, if certain conditions are met, to see which website you visit – but not which pages on that website you then go on to look at. This is compared to them being entitled to obtain a letter you send, but only to look at which name and address it is being sent to, not to open that letter and read its contents.
Let us pursue the parallel. Imagine that during the 1950s, while the Cold War was being fought, the security services employed vastly more people than they actually did, and that they were capable not only of opening the correspondence of very many people, but of reading it too. Now go on to envisage that they were also capable of bugging the homes of all those others, and knowing what books and magazines they read and what family photos and pictures they displayed.
Now go on to imagine that not only the security services but the police had the same power, and the best part of 40 other state bodies did so too, including the Inland Revenue (as it then was), local authorities, and the then equivalents of the Financial Conduct Authority, the Health and Safety Executive and the Department for Work and Pensions. Finally, picture the security services storing for a year all the correspondence at its disposal in warehouses which the KGB might be able to burgle.
The metaphor is not exact. Letters themselves cannot be used to spy on their authors, as computers can be used to spy on their owners. But it does convey the scale of what modern technology enables the state to do. As I say, the Government is not proposing to allow the security services to deploy all the technical capabilities at their disposal – although Theresa May admitted, in the course of setting out the Bill’s contents, that they have been exercising powers set out it for almost 15 years.
Most voters are not geeks, and will not even begin to grasp the workings of the technology involved. But the wisdom of crowds is more than capable of grasping the points of principle, of which there seem to this fallible writer to be three. First, we have to reach a view, as part of our wider democratic debate, about which state bodies, if any, we want to be entitled to use this technology to spy on people. Making that decision involves a series of value judgements.
Do we want the state to be able to see which internet sites Islamist terror suspects are viewing? Are we willing to see the police have the same powers? What about other hard cases? What is our view – to use an example that the Home Secretary gave the Commons earlier this week – of those suspected of abducting a child who use social media to communicate? What about criminals who launder money? Tax evaders who HMRC want to go after? Benefit fraudsters and the DWP?
The next point to dwell on is that this debate involves trade-offs. Some are fond of saying that there can be no security without liberty, others that there can be no liberty without security. One can see the arguments either way, but both miss the mark. If we go for maximising liberty, and bar the security services from checking those internet record details, a vital detail that holds the key to a terror attacks may be missed – and innocents may die in consequence. Perhaps another plane will go down.
But take the opposite view, and allow state agencies the powers they all press for, and those who work for them will not just over-step the mark but over-jump it. To say so is not civil libertarian paranoia but already settled fact. Why look in the crystal ball when you can read the book – or, rather, the e-mail? Under the terms of the very Act that the Investigatory Powers Bill is partly designed to replace, local authorities snooped on families over bin rules and the police on journalists over sources.
That May is pledging sanctions against repetition is, while welcome in itself, an admission that if a technical capacity exists those who have it will be tempted to use it – whatever the ethics are, whatever the law says. Garvan Walshe painted a picture on ConservativeHome yesterday which may seem far-fetched, but is perfectly possible – namely, a foreign power (China, in this imaginary) case breaking into the records and exploiting them for blackmail, or falsifying them.
It is as though Soviet agents had been able, during the Smiley era, to force their way into that imaginary warehouse, read all those letters, and forge others. He went on to suggest that “any real terrorist will spoof his IP address and use encrypted connections anyway”. Civil libertarians will add that no less senior figure than the Prime Minister himself floated that the state bust encryption – a scheme that provoked a magnificently derisive response on this site from Andrew Bower.
The third point of principle to weigh is: who decides? Who authorises warrants and takes decisions? Politicians, who are arguably too close to the security services and the police, and inevitably become entangled in the cover-up of state misdeeds? Or judges, who allegedly don’t understand the threat to our common security, can’t see the full context of a warrant application even if they do, and aren’t politically accountable in any event?
This may be part of a collective debate, but each one of us can only answer these questions for ourselves. I am unhappy about allowing any state agency other than the security services routine access to data on the terms proposed, or for data to held for as long as a year. In that context, I thus find myself lined up with the civil libertarians. However, judges in Britain are less accountable than those in the United States. To me, the two constitutional set-ups shouldn’t be treated as equivalent.
When it comes to warrants, therefore, I find myself closer to the securocrats – believing that the more urgent and terror-related the application is, the more proper it is that a politician should take it. Owen Paterson, who had himself to consider warrants as Northern Ireland Secretary, put the point well in the Commons. (It looks as though the Government and its critics are edging towards a compromise that leans the other way, perhaps for the reasons that Mark Field set out recently to our readers.)
The implications of this Bill and this discussion range far, far wider – out to the limits of imagination for most of us, and beyond. The TalkTalk hack was a calling card for the future, as a mass of others have been. We agonise about how much oversight the state should have over us. But government is only going where others can also go, and often do – Google, mobile phone companies, hackers, spyware, jilted lovers, opportunistic blackmailers.
We cannot escape the Argus gaze, cannot evade it – not unless, like Mark Farid, we try to give up our digital identity: no Facebook, e-mail, g-mail or Apple, scrambling our IP addresses and living like hermits (then again, I bet they have mobiles too). Privacy is a dodo. Now more than ever, the words fit – sung, appropriately, by the Police. “Every breath you take/Every move you make/Every bond you break/Every step you take/I’ll be watching you.”