Practical Applications For Massive Surveillance Databases: Timely Birthday Cards, Travel Diaries

from the the-ultimate-vanity-search-engine dept

If you want to get a feel for the gobsmacking amount of information being collected by UK surveillance agencies (MI5, M16, GCHQ), all you have to do is see how it's being misused. Privacy International, which has been steadily suing the UK government over domestic surveillance, has received another set of documents that show the banality of dragnet surveillance evil. The banality is not so much the dragnet itself (although that's not to say it isn't its own form of evil) as it is the uses it's put to.

Ryan Gallagher, writing for The Intercept, points out that spies are using surveillance collections as backup Day-Timers -- apparently with enough frequency they've had to be warned to knock it off.

The documents include internal guidance codes for spies who have access to the surveillance systems. One memo, dated June 2014, warns employees of MI6, the U.K.’s equivalent of the CIA, against performing a “self-search” for data on themselves, offering a bizarre example that serves to illustrate the scope of what some of the repositories contain.

“An example of an inappropriate ‘self search’ would be to use the database to remind yourself where you have traveled so you can update your records,” the memo says. “This is not a proportionate use of the system, as you could find this information by another means (i.e. check the stamps in your passport or keep a running record of your travel) that would avoid collateral intrusion into other people’s data.”
The information collected includes data that could reveal political preferences, sexual orientation, religious beliefs, memberships in associations or groups, mental/physical health along with biometric data and financial documents. With a little digging, the massive database could be used to uncover journalists' sources and privileged communications.

The wealth of information at the fingertips of British spies helps explain why they never seem to forget important dates.
“We’ve seen a few instances recently of individual users crossing the line with their database use, looking up addresses in order to send birthday cards, checking passport details to organise personal travel, checking details of family members for personal reasons…"
The world's greatest search engine isn't Google. It's GCHQ. Of course, the documents also point to various levels of oversight, none of which appear to have much of a deterrent effect. A monitoring system of some sort appears to be in place and it's likely what flagged agents' self-searches. But it's unlikely to catch other inappropriate searches involving someone other than the person performing the search. These, too, are forbidden, but it's likely these violations were part of a pattern of sustained abuse, rather than one-off searches -- which would likely have slipped under the radar as being just another intelligence-related search.

What's worse is access to these vast data stores apparently went oversight-free for several years, and it's not entirely clear from what's been released that comprehensive oversight is even in place at this point in time.
One 2010 policy paper from MI6 states there is “no external oversight” of it or its partners’ “bulk data operations,” though the paper adds that this was subject to review.
This may not seem completely terrible -- after all, six years government time is like 30 days real time -- until you realize the GCHQ has data sets dating back nearly 20 years (harvesting began in 1998) and MI5's bulk collection is more than a decade old at this point. And it continues onward, getting more massive by the moment. The GCHQ wants to collect 50 billion records every day, utilizing people's web browsing, phone calls, and email. While the agencies insist this is all for fighting terrorism and international crime, the cold reality is that it's just as useful for reconciling travel expenses and making sure Mom always gets her birthday card on time.

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: abuse, gchq, mi5, mi6, privacy, surveillance


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. icon
    That One Guy (profile), 25 Apr 2016 @ 10:49am

    "So what, not like it's sensitive or anything."

    Such actions show those with access to the data don't consider it that big of a deal, certainly not something important or personal, and as such using it for trivial things isn't seen as a problem. Having your personal data scooped up by a bunch of voyeurs is bad enough, having it in the hands of people who see no privacy implications of the data is notably worse, because if they don't consider it personal or private then how much effort do you think they'll spend protecting it or preventing abuse of it?

    link to this | view in thread ]

  2. icon
    That Anonymous Coward (profile), 25 Apr 2016 @ 10:54am

    Because if we have it, why not use it?
    Gather all of the data, then pretend it is shocking that some people will use it for the unintended purposes.

    The temptation to go to far, is always there. Giving them everything and telling them not to do naughty things with it, with no penalties tells them just don't get caught... and if we catch you nothing bad will happen.

    We keep racing down this road that if we keep doing the failed things on a bigger scale this time it will work, meanwhile ignoring the abuses of the system and of the public.

    These examples should piss people off, and they should demand it stop. Instead the powers that be will pat us on the head and say how the problems aren't that bad and have been dealt with. Its time we pat the powers that be on the ass with our foot as we remove them from power and replace them with people not committed to hollywood style dragnets and work in reality. Where knowing who sleeps with who across the entire populace isn't useful data, its just creepy and invasive and will end up being used for purposes well outside those stated.

    link to this | view in thread ]

  3. identicon
    Anonymous Coward, 25 Apr 2016 @ 11:17am

    The real reason for these databases is to keep the people with power in power.

    Information is the only real commodity.

    link to this | view in thread ]

  4. identicon
    Anonymous Coward, 25 Apr 2016 @ 11:43am

    As taxpayer

    As taxpayer, I want access to that system too.

    Not too much, only self-searches.

    Imagine: It remembers everything I do, I don't need to worry about backups and such, or malware or hackers, or terrorists.

    Access to my data whatever happens. I'd pay for that, in fact, I already have.

    link to this | view in thread ]

  5. icon
    Ninja (profile), 25 Apr 2016 @ 11:50am

    Welcome to the Great World Government. Please be warned that disrespecting any of the about 1.3 million rules will get you executed. As little reminders: Don't forget to abide by the official hairstyles and fashion guidelines, you don't want to be mistaken by an anarchist/terrorist. We value law and order. Preferably order. Don't express your opinions, you are not allowed to have any. And don't forget to salute the great leaders daily at 5 p.m.

    link to this | view in thread ]

  6. identicon
    Anonymous Howard, 25 Apr 2016 @ 12:36pm

    Meanwhile...

    Police Scotland holds more than 850 million images from Automatic Number Plate Recognition cameras, going back to 2009, despite the fact that they're supposed to be deleted after two years unless used in criminal investigations.

    It's implausible that they're all being used for criminal investigations, so one must wonder what the fuck they're doing with them.

    http://www.scotlibdems.org.uk/mcinnes_reveals_850_million_number_plate_records_on_police_databa se

    link to this | view in thread ]

  7. identicon
    Anonymous Coward, 25 Apr 2016 @ 12:44pm

    Use against political enemies?

    So if these datasets have been around for 10 to 20 years, then it wouldn't be hard to imagine the information has and is being used against political enemies. We can only hope the right party comes out on top when a single party finally grabs firm control of the system.

    link to this | view in thread ]

  8. identicon
    Anonymous Coward, 25 Apr 2016 @ 3:17pm

    One question for all of you demanding that spy agencies engage in more robust oversight of their agents: don't you think it'd be an insulting act of excessive distrust for them to just go around spying on their own people?

    link to this | view in thread ]

  9. identicon
    Justme, 25 Apr 2016 @ 8:22pm

    Self-Searches

    That's kind of an interesting idea... I not positive but i think there is a process by which citizens can request a copy of their FBI file, I think the same thing should be applied to every government entity.

    I think it would add a appropriate counter balance to the seemingly endless expansion of the surveillance state. And it's very appropriate in a nation where the intent was a government of, for, and by the people.

    link to this | view in thread ]

  10. identicon
    Anonymous Coward, 26 Apr 2016 @ 1:40am

    Gosh, I can't wait to leave Europe, the Investigatory Powers Bill to kick in and for us to lose our human rights. I can see no way that storing our internet browsing history at ISPs with a long history of data breaches will go wrong.

    If only I had a right to privacy... Oh wait - I did!

    /s (sort of)

    link to this | view in thread ]

  11. identicon
    Yes, I know I'm commenting anonymously, 26 Apr 2016 @ 4:11am

    Typo

    Quote: (MI5, M16, GCHQ).
    Are we discussing American military weapons or Brittish spy-agencies?

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.