It's going to be a busy month for talks - I'll be in Amsterdam with the Dutch (digital) civil rights organisation, Bits of Freedom, on 16th September. I use the brackets consciously, as I don't personally see a distinction between rights in the physical or digital world - the underlying principles are the same.
BoF is doing great work, so anyone within striking distance of Amstie please come along, not only for the talk, but for what also promises to be a great social evening!
If you can't make that night, I seriously recommend coming along to a BoF dinner on 24th September, where the guest of honour is acclaimed journalist, blogger and author, Cory Doctorow. I had the pleasure of meeting up with him a couple of years ago in London - an extremely switched on man.
I really, really enjoyed his digital activists' handbook - sorry, novel - "Little Brother", ostensibly aimed at the young adult market. But, hey, we're all young at heart, and this book is spot on!
Watch out, Big Brother.....
The US government has apparently been getting its knickers in a twist about the excellent Wikileaks website. A report written in 2008 by US army counter-intelligence analysing the threat posed by this haven for whistleblowers has been leaked to, you've guessed it, the very subject of the report.
Wikileaks was set up three years ago to provide a secure space for principled whistleblowers around the world to expose corruption and crimes committed by our governments, intelligence agencies and mega-corporations. The site takes great care to verify the information it publishes, adheres to the principle of exposing information very much in the public interest, and vigorously protects the identify of its sources.
By doing so, Wikileaks plays a vital part in informing citizens of what is being done (often illegally) in their name. This free flow of information is vital in a democracy.
Well, no government likes a clued-up and critical citizenry, nor does it like to have transparency and accountability imposed on it. Which led to the report in question.
As I have written before ad nauseam, whistleblowers provide an essential function to the healthy working of a democracy. The simplistic approach would be to say that if governments, spies and big corporations obeyed the law, there would be no need for whistleblowers. However, back in the real, post-9/11 world, with its endless, nebulous "war on terror", illegal wars, torture, extraordinary rendition and Big Brother surveillance, we have never had greater need of them.
Rather than ensuring the highest standards of legality and probity in public life, it is far simpler for the powers that be to demonise the whistleblower - a figure who is now (according to the Executive Summary of the report) apparently seen as the "insider threat". We are looking at a nascent McCarthyism here. It echoes the increasing use by our governments of the term "domestic extremists" when they are talking about activists and protesters.
There are laws to protect whistleblowers in most areas of work now. In the UK we have the Public Interest Disclosure Act (1998). However, government, military, and especially intelligence professionals are denied this protection, despite the fact that they are most often the very people to witness the most heinous state abuses, crimes and corruption. If they try to do something about this, they are also the people most likely to be prosecuted and persecuted for following their consciences, as I described in a talk at the CCC in Berlin a couple of years ago.
Ideally, such whistleblowers need a protected legal channel through which to report crimes, with the confidence that these will be properly investigated and the perpetrators held to account. Failing that, sites like Wikileaks offer an invaluable resource. As I said last summer at the Hacking at Random festival in NL, when I had the pleasure of sharing a stage with Wikileaks founder Julian Assange, I just wish that the organisation had existed a decade earlier to help with my own whistleblowing exploits.
The Official Secrets Act (1989) in the UK, is drafted to stifle whistleblowers rather than protect real secrets. Such laws are routinely used to cover up the mistakes, embarrassment and crimes of spies and governments, rather than to protect national security. After all, even the spooks acknowledge that there are only three categories of intelligence that absolutely require protection: sensitive operational techniques, agent identities and ongoing operations.
This US counter-intelligence report is already 2 years old, and its strategy for discrediting Wikileaks (by exposing one of their sources pour encourager les autres) has, to date, manifestly failed. Credit is due to the Wikileaks team in out-thinking and technologically outpacing the intelligence community, and is a ringing endorsement for the whole open source philosophy.
I've said this before, and I shall say it again: as our countries evolve ever more into surveillance societies, with big brother databases, CCTV, biometric data, police drones, voting computers et al, geeks may be our best (and last?) defence against emerging Big Brother states.
So the spooks are yet again trying to recruit IT professionals. MI6 is currently advertising for a, quote, “world class enterprise architect”, but is offering a salary significantly below the market rate. MI5 is constantly on the lookout for IT staff –as recent adverts in the press will attest.
My sense is that the agencies are still desperately playing IT catch-up. In the 1990s, when I worked as an intelligence officer, we were still writing out everything longhand and getting our secretaries to type it up – with all the attendant typos, revisions and delays. Information databases, such the system codenamed Durbar, which held the terrorist records, could only be accessed via 1970s, beige, monitor-and-keyboard, all-in-one computers.
In the early 1990s MI5 did try to develop its own information management system from scratch, rightly thinking that buying off-the-shelf from an American megacorp was probably not good security. However, MI5 management still thought IT was a low priority – despite the fact the efficient processing of information should have been the core work. So, the agency paid significantly below the market rates for IT professionals, and posted mainstream intelligence officers, with no project management experience, to run the department for 2 year periods. Needless to say, moral was rock-bottom. The IT bods were unmotivated, the IOs demoralised at being posted to a career graveyard slot and the unwieldy system, codenamed Grant, never got off the ground.
In the middle of the decade MI5 in desperation bought an off-the-shelf package which was based on Windows 95. Even then officers had to fight to have access to a terminal to do their work. And, of course, Windows is not known as the most stable or secure system available. I also heard recently that MI5 is still using this proprietary software, and thinks that it can protect its information systems by patching up security problems. It gives one such faith that MI5 can really protect this country from terrorist attack.
But this leads us onto a more serious issue regarding our national sovereignty. What the hell is our government doing, shovelling billions of pounds every year over to US IT companies to pay for licences that then permit our government departments to use their software packages? And with the current concerns about terrorism and the subsequent datamining activities of a paranoid US administration, how can we be sure that the NSA is not sneaking a peek at the work of our security forces via back doors in this software?
So, to protect our sovereignty, as well as develop our knowledge base and grow our economy, why does the UK government not encourage all government agencies and departments to switch from proprietary to open source software? After all, many other countries around the world are already doing this for precisely these reasons.
No doubt it's that pesky "special relationship" kicking in again.....
Thankyou!
