New surveillance laws set to be approved in the UK are « totalitarian » and could cost British lives, security whistleblower William Binney [Pictured left, Photo: Jacob Applebaum/flickr/cc] told members of Parliament (MPs) on Wednesday.
Lawmakers are debating the controversial Investigatory Powers Bill, introduced by Home Secretary Theresa May and dubbed the « Snooper’s Charter » by opponents. It is expected to pass later this year and would, among other things, require telecommunications companies to store records of websites visited by every UK citizen for 12 months for access by law enforcement agencies.
That kind of sweeping, invasive surveillance strategy « costs lives, and has cost lives in Britain because it inundates analysts with too much data, » said Binney, who worked for the National Security Agency (NSA) for 30 years before exposing the ineffectiveness of its various intelligence programs.
Binney also criticized a UK government surveillance program known as Black Hole, launched in 2008 and made public in 2013 by NSA whistleblower Edward Snowden, which lists everyone in the world who has ever visited a website.
« It is 99 percent useless, » Binney said. « Who wants to know everyone who has ever looked at Google or the BBC? We have known for decades that that swamps analysts. »
In fact, Binney charged, those kinds of expansive measures prevented intelligence agents from uncovering the September 11 plot, as the deluge of information strained resources within the NSA and impeded its ability to investigate leads.
« Sixteen months before the attacks on America, our organization [Signit Automation Research Center, or SARC] was running a new method of finding terrorist networks that worked on focusing on ‘smart collection’. Their plan was rejected in favor of a… plan to collect all communications from everyone, » Binney told a committee of MPs scrutinizing the draft bill. « The US large-scale surveillance plan failed. It had to be abandoned in 2005. Checks afterwards showed that communications from the terrorists had been collected, but not looked at in time. »
« Britain should not go further down this road and risk making the same mistakes as my country did, or they will end up perpetuating loss of life, » he said.
Rather than vacuuming up bulk data and sifting through it for valuable intel, Binney urged Parliament to focus on a more targeted collection technique, which he said would streamline the process and make it more effective at uncovering and thwarting plans for attacks. It would also safeguard against violating private communications of legally protected groups like lawyers, journalists, and MPs.
« This approach reduces the burden on analysts required to review extremely large quantities of irrelevant material with consequent improvement to operational effectiveness, » he said. « At the same time, it reduces the privacy burden affecting the large number of innocent and suspicion-free persons whose communications are accessible to our systems. »
In an interview with Wired UK ahead of his testimony, Binney explained, « Fundamentally, bulk acquisition is a major impediment to success by analysts and law enforcement. »
« Retroactively analyzing people, anybody you want, any time you want, that’s certainly possible with bulk acquisition of data but that’s certainly not what democracies are built on. That’s what totalitarian states are built on, » he continued. « It doesn’t give people security, it makes them more vulnerable; we’re more vulnerable than we’ve ever been because of this. »