The former director of the U.K.’s Government Communications Headquarters has co-authored a report for Demos, a think tank, calling for enhanced surveillance capabilities to combat criminals and terrorists using social media -- but also warning that rules need to be in place to protect legitimate use by ordinary citizens. The warning comes as the British government considers new laws that would allow law enforcement to force Internet service providers to hand over records that could be used to identify individuals engaged in illegal activity.
Sir David Oman, who was responsible for electronic eavesdropping as the head of GCHQ, wrote in the “#Intelligence” report published by Demos that social media has provided criminals and terrorists with a “secret space” where they can coordinate and carry out illegal activities. At the same time, social media intelligence, or “Socmint,” can help investigators identify criminal activity and disrupt terrorist plots -- but it must be handled in the right way.
Omand writes: “Democratic legitimacy demands that, where new methods of intelligence gathering and use are to be introduced, they should be on a firm legal basis and rest on parliamentary and public understanding of what is involved, even if the operational details of the sources and methods used must sometimes remain secret,” adding, “In respect of Socmint these conditions of democratic legitimacy are presently absent."
In addition to undermining core democratic principles of privacy and free speech, intrusive monitoring of social media could also “result in a chilling effect on the use of social media itself, which would have negative economic and social consequences...”
To safeguard democratic principles and avoid damaging the vitality of this new area of culture and commerce, the Demos report suggests six basic guidelines for social media monitoring by the government. First, there must be sufficient cause; second, integrity of motive; third, the level of surveillance must be proportionate and necessary; fourth, authorization must come from the appropriate officials, with external oversight; fifth, investigators should try to use open sources before they turn to secret intelligence; and sixth, there must be a reasonable expectation of success.
All this comes as multiple U.S. agencies are establishing their own social media snooping operations -- mostly focused on open source (public) information, but also including more intrusive capabilities.
Thus in January the FBI's Strategic Information and Operations Center released an RFI intended to determine the capability of industry to provide an “Open Source and social media alert, mapping, and analysis application solution.” The system would be able to scrape material from social networks about emerging threats and then superimpose the information graphically on maps, giving FBI analysts a spatial sense of the threat landscape.
Meanwhile The Department of Homeland Security has admitted that it creates profiles to monitor “publicly available online forums, blogs, public websites, and message boards,” including social media sites like Facebook and Twitter, in what is known as the “Publicly Available Social Media Monitoring and Situational Awareness Initiative.” The aim is to “to provide situational awareness” for the federal, state, and local governments; the DHS “may also share this de- identified information with international partners and the private sector where necessary and appropriate for coordination.” Crucially, the DHS statement also reveals that participating agencies may reveal personally identifying information about Internet users in emergency, life-and-death situations.