17 April 2001
From: "Caspar Bowden" <cb@fipr.org> To: "FIPR-AC (E-mail)" <fipr-ac@netlists.liberty.org.uk>, "Ukcrypto (E-mail)" <ukcrypto@chiark.greenend.org.uk> Subject: FULL ARTICLE: Sunday Times 15/4/2001: "No Hiding Place" Date: Wed, 18 Apr 2001 00:56:39 +0100 Original online version was truncated to under half-length (and weirdly had April 1st dateline) - now relaced by full version -- Caspar Bowden Tel: +44(0)20 7354 2333 Director, Foundation for Information Policy Research RIP Information Centre at: www.fipr.org/rip#media http://www.sunday-times.co.uk/news/pages/sti/2001/04/15/magazine1.html?1007000 April 15 2001 SUNDAY TIMES MAGAZINE Britain is now a surveillance state. The authorities may be prying into your 'private' life this second. And in the electronic age, it is much easier for innocent people to be mistaken for criminals. Bryan Appleyard investigates NO HIDING PLACE THE SURVEILLANCE TRAP | YOUR WHOLE LIFE LAID BARE Privacy is dead. We are watched by 1.5m closed-circuit television cameras, more per head of population than any country on Earth. Our government, police and intelligence services have more legal powers to poke around in our private lives than those of communist China. And thanks to new technologies from mobile phones to the internet, they can use those powers to find out where we are, whom we talk or send e-mails to, and what websites we click on. According to most experts in the field, a police state with powers of control and surveillance beyond the wildest dreams of Hitler or Stalin could now be established in Britain within 24 hours. And guess what: MI5 probably read this article before you did. It was delivered by e-mail, a hopelessly insecure system. It is full of the sort of security-sensitive words the spooks look out for, and, as I shall explain, I seem to be an MI5 target. But the weirdest thing of all is that we really don't care. To take an example that may sound trivial but isn't, the Television Licensing Authority is currently running an advertising campaign boasting of its ability to invade our privacy. Hoardings show a local street sign with the caption that declares, four people in this street don't have a TV licence and the TLA knows who they are. Duncan Bennett, a systems administrator with the Medical Research Council in Cambridge, knows exactly what this means. He hasn't had a TV in 10 years and yet, annually, he gets threatening letters from the TLA. He has now discovered that, with no evidence against him whatsoever, they can get a warrant - always automatically granted - to break into and search his house. He is assumed to be guilty until proven innocent, a terrible inversion of ancient common-law tradition. He has struggled to find anybody willing to take up his campaign on the issue. Bennett is not suspected of drug-trafficking, terrorism or subversion. He is suspected of having a TV without a licence. Only in Britain would such an abuse of power - or even such advertisements - be tolerated. We seem to have such fear of crime, and such a mute acceptance of the seizure of power by the authorities, that we are actually comforted by the thought that we are being watched all the time. This, in the current climate of paranoia and high technology, is dangerous. Our right to live a law-abiding life without interference is now utterly compromised. The Englishman's home is no longer his castle, it is his virtual interrogation cell. How did we get here? The story begins in a bedroom in Cheltenham in 1969. James Ellis, an employee of the Government Communications Headquarters, Britain's global listening post, had been working on the problem of coding, more accurately known as encryption. Thanks to our cracking of the German Enigma code during the second world war, the British were regarded as world masters of this art. Since then, GCHQ had been working closely with the American National Security Agency (NSA) to ensure that the good guys - us - would always be able to crack or write codes more successfully than the bad guys - primarily the Soviets. In his bedroom, Ellis had an idea for a system of encryption that would be utterly unbreakable. But his system was so completely at odds with prevailing wisdom that it was at once rejected by almost everybody in the code business. Ellis died in 1997, professionally anonymous to the last, and just a month before his brilliance was generally recognised when GCHQ finally published his papers on their website. Until then, everybody thought the first man to have this idea was an American named Whitfield Diffie. In 1975, Diffie had independently experienced the same eureka moment as Ellis, but his insight was made public. At that moment, both GCHQ and NSA, not to mention every other security and intelligence service on the planet, suffered a crisis from which they have yet to recover, and the issue of individual privacy leapt to the top of the political agenda, where, almost everywhere except in Britain, it remains. The Ellis/Diffie invention was what is now called public key cryptography (PKC). It is the most powerful coding system that has ever been devised. It's what you use if you bank or buy on the internet. You don't know you're using it: your computer does it for you. It offers everybody the power to communicate in unbreakable codes. As a result, it's easily the worst thing that has ever happened to the spooks and the police. Beside this, Kim Philby was a minor hiccough. This is how it works. Normally, if one spook wants to send a coded message to another, he does so in a code that can be unlocked by a key - a string of numbers - known to both of them. The problem is, they have somehow to give each other the key. Diplomats going through customs handcuffed to briefcases are one way of passing on keys. But you can mug a diplomat and, as the British showed when they seized a German Enigma machine, you can intercept keys transmitted by any other means. Either way, the spooks lose their secrecy. In PKC, one party makes his key completely public; anybody can have it. This public code allows anybody to encode their message and send it. But the public key can only encrypt the message, it cannot decrypt it. Only the secret key possessed by the recipient can unscramble the message. As long as he keeps his key secret - an easy task, because he need never share it with anyone else - then his code is unbreakable. The one flaw in this might be the use of supercomputers simply to run through all possible key combinations - a so-called "brute force" attack. Keys are just sequences of numbers, after all. But now that more powerful personal computers and software accept much longer keys, it would take billions of years for a brute-force attack to succeed. Rumour has it - there are only ever rumours in this area - that the NSA has spent $5 billion trying to crack the strongest contemporary codes and failed. Since both the NSA and GCHQ are founded on the principle that they should be able to read any communication anywhere in the world, this is their worst nightmare. Since 1975 they have been battling to find ways of ensuring they can still eavesdrop on anything. And, because Diffie's trick was already out there among the nerds and hackers of the world, this battle had to take place in public. Essentially, both the British and American security services wanted copies of all keys to be lodged with government agencies - so-called "key escrow" - or, as in the system we now have in Britain, they wanted to be able to demand the surrender of keys. But the libertarian nerds, known in this field as "cypherpunks", fought back in the name of freedom from the all-seeing eyes of Big Brother government. In the United States they have had some success, thanks to the native distrust of government; in Britain they have had almost none. After the collapse of communism in 1989, this issue became even more urgent. The primary targets of the security services were no longer the Soviets. Now they were organised criminals, drug traffickers and terrorists. This meant they wanted to watch their own citizens rather than just foreign spooks. The possibility of the high-tech, constant-surveillance Big Brother state was threatening to become a reality. PKC had become much more than a brilliant mathematical trick: it was now the centre of a bitter philosophical and political debate about the privacy of the individual. This has now spilt over into just about every area of public policy. Before PKC, the spooks could watch and never explain anything. After PKC, they had to come out and argue their case. The big questions are obvious. How much should the government be able to find out about me and the things I do? Should it be able to read all my private messages, my bank accounts, my health records? Do I have any right to privacy at all, or does the public interest in the possibility that I might be a terrorist, paedophile, criminal or spy overrule all other considerations? Cryptography was only the beginning of this debate. Technology - whether in the form of computers, mobile phones, credit cards, store cards or closed-circuit television cameras with sophisticated face recognition systems - means that people can now, if they like, know almost everything about anybody. We all leave an electronic trail wherever we go, whatever we do. This trail is impossible for the individual to eradicate or control. Much of this trail may seem innocent - what you buy at Tesco using your loyalty card is hardly likely to be a sensitive matter. But the point about computer memory and processing power is that it is expanding at a rate few of us can begin to understand. As a result, thanks to those loyalty cards, it is perfectly possible to trawl through everything you have ever bought at Tesco, and that can produce a startlingly detailed picture of your life. "I'm not embarrassed about my shopping," says Ian Brown, a researcher into mobile multimedia security at University College, London, "but the insidious nature of this is that it's not the day-by-day information, it's knowing about all your grocery for the last five years. It's amazing how much you can tell about someone from the pattern of their buying." Furthermore, information breeds information. Once I know one thing about you, I can generally find out another. Using a technique known as 'social engineering' - essentially a simple con trick - armed with a few details like your date of birth and post code, I can easily convince some lowly clerk on the phone that I am you and seduce him into parting with more sensitive material. When you add into that mix internet usage and e-mails - neither of which are remotely secure unless you go out of your way to make sure they are - it becomes easy to build up staggeringly detailed pictures of the lives and habits of almost anybody. Indeed, there is an automated global system code-named Echelon, operated by the US, UK, Canada, Australia and New Zealand, which is believed to intercept up to 3 billion communications a day, trawling through them for sensitive words that might indicate a security threat - it may well pick up this article in transit. Some claim that 90% of internet traffic is scanned by Echelon. The exact figures are unknown, because the system is top secret. Indeed, Britain, alone among these countries, does not even admit it exists. Simon Davies, head of the pressure group Privacy International and a self-confessed cypherpunk, describes Echelon as "black-helicopter, Mulder-and-Scully stuff". As in The X Files, the truth is out there, but so is somebody who doesn't want you to know. Even by just collating all the addresses of your e-mail correspondents, the security services can construct "friendship trees", patterns of association that, whether you are guilty or not, may connect you to terrorists or criminals. Closed-circuit television (CCTV) cameras are the final turn of the screw. There are now 1.5m of these operating in Britain, and some, as in the London borough of Newham, use facial recognition software that automatically identifies target individuals. Some of these cameras are visible, but many, in pubs and clubs, are not. In time, it is thought these cameras will be linked in a nationwide web. They will become, as Dr Stephen Graham of the University of Newcastle upon Tyne has suggested, the "fifth utility", after telephones, water, gas and electricity. "These networks," he writes, "have long since merged and extended to become technologically standardised, multipurpose, nationally regulated utilities, with virtually universal coverage. I would argue that CCTV looks set to follow a similar pattern of development over the next 20 years, to become a kind of fifth utility." "We have far more of these cameras that any other country," Graham tells me, "though Germany and the US are now catching up. Why? Well, I suppose we have fewer constitutional and political fears about invasions of privacy. We have a huge fear of crime and we have no totalitarian past like almost all the other countries in Europe." Graham believes the key to the future, networked power of CCTV is automation. "The key to the limitations of their use was the human operator, who just got bored. Soon, software will be able to do all that, and then the power will be in the hands of the software writers to decide what is abnormal behaviour. It will all be hidden - there will be no accountability." And, in their book The Maximum Surveillance Society: The Rise of CCTV, the academics Clive Norris and Gary Armstrong write: "The architecture of the maximum surveillance society is now in place." Their point is that the hardware of CCTV is so firmly in position that enabling it to watch everybody all the time is now merely a software problem. Meanwhile, other surveillance technologies are springing up all the time. Police in the US, and some private agencies here, now have machines - called IMSI catchers - in their cars that fool your mobile phone into thinking they are base stations on your network. They can even tell your phone not to use any form of encryption. So they can listen to every mobile call you make. In addition, all big companies in the City of London routinely have to attach devices to their windows to prevent sensitive meetings being overheard through remote sensors that pick up voices from vibrations of the glass. Or there are Van Eck devices, which can read everything on your computer screen from a street away from your house. It is rumoured that one of these machines has been refined to the point where it can pick out one computer screen at the top of Canary Wharf from street level. Or tiny airborne devices the size of butterflies are being developed that can watch every move you make. And so on and so on. "It is plausible," writes Bruce Schneier, an American security consultant, in his book Secrets & Lies, "that we could soon be living in a world without expectation of privacy, anywhere or at any time." Soon, some have suggested, we shall have to record our entire lives on audio and video just to establish an alibi, in case we are implicated in a crime. Indeed, not to make such a recording may one day be treated as a cause for suspicion. Do we care? In Britain, apparently not. We accept CCTV cameras out of fear of crime, and as a result we have more than any other nation in the world. Meanwhile, a study by the Economic and Social Research Council's Virtual Society programme has found that employees do not regard surveillance systems in the workplace as invasions of privacy. And finally, in the form of last year's Regulation of Investigatory Powers Act (RIP), we now have, according to many observers, the most invasive legal apparatus anywhere in the world. China, it has been pointed out, has nothing as draconian as this on its statute book. It has been described by the constitutionalist Anthony Barnett as "the most pernicious invasion of privacy ever imposed by a democratic state". Among other things, the act ensures that all internet and mobile-phone communications will potentially be interceptible by the police and security services. Furthermore, even if you are not suspected of any crime, you can be imprisoned for two years if you fail to disclose a computer password. The communications of UK citizens can now be trawled by GCHQ to investigate any "large number of persons in pursuit of a common purpose". 'The bill,' said one executive with a leading internet service provider (ISP), 'allows the construction of a police state overnight. Jack Straw might not want to do this, but others would, and the tools would be in place.' Fortunately, because the government received bad technical advice, not all the tools are yet in place. The plan originally was to force ISPs to install black boxes that would route all internet traffic to the security services. This turns out to be too expensive and technically difficult. Information moves so quickly close to web hubs, it cannot be caught. The government and the ISPs are now deep in technical and financial negotiations, and there are, as yet, no black boxes. Most incredible of all - not in the act but still on the agenda, thanks to the enthusiasm of the National Criminal Intelligence Service - is the idea for a data warehouse that would keep an archive of everybody's - yes, everybody's - phone calls, e-mails and internet activity for a period of seven years. Mobile phones, even when not in use, are in constant contact with their base stations, telling them where they, and therefore you, are. This feature was exploited by the police in the Jill Dando murder inquiry. So in this warehouse would be a record of your exact movements for the past seven years. One version of this scheme, christened Big Browser, would include a record of every web address you ever visited. 'I can't think of anything more intrusive than that,' says Caspar Bowden of the Foundation for Information Policy Research. 'It's pretty much like being able to peek at somebody's stream of consciousness without a warrant.' The act was vigorously opposed by businesses and privacy campaigners, but, although slightly modified, it was passed. Now the police and security services have the right to hack into your life if they can show reasonable cause - they can certainly demand that you surrender all your keys and passwords. The one definite improvement to our privacy in the act is that police now have to go to superintendent level before they can acquire our 'communications data' - phone numbers and e-mail addresses. But it seems this was included to prevent a large number of cases of policemen using this power to check up on their wives and girlfriends. The powers in the act are not largely concerned with actual interception of communications. That requires a high-level warrant, and is only used on about 500 people known to be dangerous - criminals, animal rights activists, terrorists. But the act does allow for the mass trawling of communications data, and this can, in fact, be more of a threat to the innocent, for it creates a broad net of associations. For all I know, I may have been in e-mail or phone contact with a dangerous subversive. This will automatically place me on a suspect list, and I shall never know. 'This,' said the ISP executive, 'is a potential invasion of everybody's privacy because we might all be connected. We have less protection of access to this data than anywhere in the world. It can be done on the say-so of a policeman. Throughout Europe, a judge is needed.' The one crucial defence against all this is the Data Protection Act, which will ultimately allow you to demand to see all information held about you by any organisation. You can go to any local authority operating CCTV cameras and ask to see all the pictures they have taken of you. The security services can get round this by claiming national interest. How far they can take this is about to be tested in a number of cases. Or you can avoid internet surveillance by always surfing via Safeweb - see www.safeweb.com - which encrypts your browsing. But this is a surveillance arms race, and doubtless the cyber spooks are already working on cracking that. In any case, the mere fact that you are using encryption may well attract the robotic attentions of Echelon. While you are online you might really want to scare yourself by checking out www.privacy.net, which will show how easy it is to trace your internet activity - I found my system was being hacked by some character alarmingly named Psykojoko. After a long process of investigation I discovered he was a healthy-looking French kid in skiing gear - there was a photo on a peculiar website. He didn't respond when I e-mailed a demand to know why he was hacking into my ISP. Or by going to www.junkbusters.com, you can find out how private companies can watch everything you do online. There is nothing like RIP in the US, because privacy campaigners have been able to exploit a national distrust of the federal government to stop it happening. On the other hand, Americans seem less concerned about the collection of personal information by private companies. Such information is regarded as a corporate asset: in law it belongs to the company, not to the targeted individual. E-commerce, largely controlled by the Americans, now depends on the ability of companies to market directly to individual custo-mers - which is why many of us get masses of junk e-mail, some of which seems to be based on a startling amount of knowledge about our buying and browsing habits. Watch out for 'web bugs' and 'cookies': these are little software systems that web pages put on your computer to track your movements and recognise you when you call. (Get yourself Window Washer software, which sweeps your system of all internet history and cookies.) The argument about all this is simple yet profound. On the one hand are the cypherpunks who take the hard libertarian view that the state and the corporations should be kept out of our lives at all costs: privacy is sacred. Furthermore, they argue, however benign we might think our government is today, tomorrow it might turn nasty. Tyranny is all about surveillance; technology allows us to do that on an unprecedented scale. A determined contemporary tyrant with the co-operation of the police and the intelligence services could turn democracies into police states within days - or, in Britain, hours. 'We should not be seduced by the myth of benevolent government,' write Norris and Armstrong, 'for, while it may only be a cynic who questions the benign intent of their current rulers, it would surely be a fool who believed that such benevolence is assured in the future.' And Simon Davies insists: 'It is in the nature of government to secure power for itself, and often it is power for the sake of power. And power, once it is centralised, is automatically abused.' On the other hand, there are thinkers like the communitarian philosopher Amitai Etzioni. Etzioni argues that the obsession with privacy is an aspect of the anarchic, antisocial individualism that was born in the 1960s. He says it has already done serious damage by, for example, preventing Aids from being classified as a serious communicable disease in the US - gay and civil rights campaigners claimed this was an unacceptable invasion of privacy. Privacy, he says, is not a right that overrules all other considerations. Society must be able to invade privacy when the public good is involved. At stake is the future of all forms of social and political organisation. The cypherpunks think that privacy invasion is a prelude to tyranny, but Etzioni believes tyranny is more, not less, likely if the cypherpunks are successful in getting the hyper-privacy they demand. 'Hobbling the ability,' he writes, 'of public authorities in a democracy to protect people from drug dealers and other criminals is much more likely to create social conditions under which strong-armed leaders will be invited to restore law and order.' Donn Parker, an American security expert, has commented on the new powers of private sector cryptography: 'We have the capability of 100% privacy. But if we use this, I don't think society can survive.' In any case, argues the anti-privacy lobby, if you have nothing to hide, why worry? And, if you have something to hide, we have a right to know in the name of the public good. The first big argument against this is that we all have something to hide. I don't want you to see my bank account or medical records, and I would guess you don't want me to see yours. More intimately, we all get up to things we'd rather keep quiet about. If those things are recorded on e-mails or web- browsing histories and archived in some data warehouse, then potentially they provide material for personal or political blackmail. 'In about two decades,' writes Bruce Schneier, 'we're going to have elections where candidates are going to have to try to explain e-mail that they wrote when they were adolescents.' But the second big argument the anti-privacy lobby has to confront is trust. Both the technology and the intelligence organisations are seriously prone to abuse and error. I know, for example, that MI5 has information about me that is wrong. I once needed security clearance and was told it was a routine matter. A few weeks later, I was asked by an intermediary where I had been over a period of months in the early 1990s. I had been at home. Then, without explanation, I was denied security clearance. I have neither done anything nor knowingly associated with anybody nor even expressed opinions that would make me a threat to national security. And yet, in the eyes of MI5, I am. The internet, meanwhile, is a highly flawed source of information, and trawling its contents is likely to produce serious errors. The reason is that, out there on the web, nobody really knows who you are. There is currently no secure way of establishing electronic identity. If you have a common name, there may be thousands of people out there who could be you and hundreds of bits of information that may or may not be about you. Another personal example: I have, contrary to the belief of some people, nothing to do with the Buddhist Society: it just happens to have a prominent member who is also called Bryan Appleyard. More seriously, the possibilities of abuse of these new technologies are endless. One CCTV operator in Wales, for example, kept his camera focused on a telephone box. Every time a girl he fancied walked by, he called the number of the box. If she answered it, she found herself the victim of an obscene caller. Furthermore, all types of surveillance create their own, frequently misleading, reality. One study involved giving a group of magistrates two forms of evidence in an assault case. One was traditional verbal evidence; the other was CCTV evidence. The magistrates proposed stiffer sentences on the basis of the CCTV evidence, even though the cases were identical. Seeing the act was intrinsically more shocking, and yet it was also potentially more mis- leading. 'Video evidence is based on sight,' says Jason Ditton, professor of criminology at Sheffield university, 'but the law is based on intention. You may see a fight on CCTV, but you don't hear the provocation that started it.' It was Ditton who produced the most devastating evidence against the effectiveness of CCTV. His study in Glasgow showed that, after cameras were installed, crime rates went up slightly and detection rates down. The police were so shocked by the finding that the report's publication was delayed for three years while they had it independently assessed. Ditton's findings were confirmed. Admittedly, his study in the much smaller Scottish town of Airdrie showed the reverse effect. Nevertheless, Ditton now seriously doubts that CCTV has any effect: 'I don't see that pointing cameras down a few streets should have any effect on crime rates.' But politically, such insights seem to be powerless. Fighting crime has risen so high up the party agendas that questions of effectiveness or the privacy implications are hardly ever considered. 'The law-and-order issue has become an arms race between the two major parties,' says Caspar Bowden. CCTV has become one weapon in that arms race that nobody seems prepared to question. And, to the disappointment of many, new Labour has shown itself more willing to escalate the race than any previous government. 'New Labour when they got into power were knobbled very quickly by the security services,' says Ian Brown. 'If people like Peter Mandelson and Harriet Harman get into government and find the security services have files on them and they won't do anything about it, then who on earth is going to?' Furthermore, however much lip service is paid to privacy, at the legislative level serious breaches are still tending to creep through. At the time of writing, the Criminal Justice and Police Bill, the social security bill, and section 59 of the health bill all in their different ways allowed extraordinary levels of access to private individual information by numerous government departments. The price of privacy is eternal vigilance - or direct action. 'We are entering a new age of individual action and organised privacy movements,' says Simon Davies. 'You don't introduce surveillance throughout the planet without there being a backlash.' The privacy issue, in other words, could turn nasty and become an outright war between, on the one hand, a loose confederacy of anarchists, libertarians, cypherpunks and human rights groups and, on the other, government, police and intelligence agencies. The key peacekeeping figure at the moment is Information Commissioner Elizabeth France. She is a high-flying Home Office civil servant with a string of honorary degrees and a strikingly tough and self-possessed way with the media. She inspires confidence. She needs to. With 100 staff, rising to 300 over the next five years, she oversees all freedom-of-information and data-protection issues, and it is her - almost imposs-ible - job to balance the competing demands of privacy and public interest. 'In a democratic state,' she says, 'you should be looking very carefully when you invade privacy, and you should only do so when it is necessary and proportionate.' France insists she does not have a private opinion in these matters - she is 'a statutory creature' - but she is plainly dismayed by the apparent readiness of the British to give up their privacy: 'I have no idea why it is that the British population finds CCTV cameras comforting, whereas others don't.' She says she is encouraged by current attitudes within government, but she is constantly finding legislative developments - she mentions the social security bill - that breach privacy guidelines. 'People tend to have their own objectives, and if their objective is the prevention of fraud or stopping paedophiles, then they tend to believe that whatever they are doing must be in the public interest. We have to rein in that view, by making it clear to people that they have to focus not just on their own ends. It's about getting a balance that allows us to exploit the technology without exploiting ordinary people. 'I also think we have to encourage citizens to understand they have rights, and give them the confidence to use them. People tend to hold cheap their right to privacy until they've lost it, and once they've lost it they can't get it back.' Public confidence, she says, is the key. If privacy is too easily invaded and security lapses occur too often, then the police cannot expect public co-operation, and neither can the government. If, for example, data from tax returns filed online find their way to departments other than the Inland Revenue, then people won't file electronically, however hard the Treasury tries to persuade them. Technology has presented us with a bizarre and complex issue. It has given us ways of invading privacy on an unthinkable scale. And yet it has also - thanks to mechanisms like PKC - given us unprecedentedly powerful ways of concealing our activities. Above all, it has forced us to consider what we mean by and how we value privacy. Is it an absolute right, or is it simply a desirable individual benefit that can be overruled by the demands of wider social benefits? Is Etzioni justified in saying that hyper-privacy is one more symptom of the malign individualism that captivated the West from the 1960s onwards? Or are the cypherpunks right to fear a future tyranny founded on information technology? The answer is, I think, that both sides are half-right and, therefore, half-wrong. Etzioni underestimates the possibilities for abuse of the new technologies. Absolute power corrupts absolutely, and the 'maximum surveillance society' offers politicians something perilously close to absolute power. And yet the cypherpunks are effectively advocating anarchy. 'At issue,' says Tim May, a crypto-anarchist, 'is the end of governments as we know them today.' Such talk is usually the prelude to chaos and dead bodies - on the whole, I'd rather have spooks as long as they're on our side. We cannot, almost by definition, know what agencies like MI5 are doing, but if, as seems likely, they really are intent on stopping terrorism, subversion and crime, then that must be a good thing... even if they are wrong about me. The whole issue is resolved if - and only if - all invasions of privacy are ferociously controlled. The formidable Elizabeth France is a start, but we also need the whole CCTV industry to be contained. It is currently out of control. All private- sector and government databases have to be constantly monitored, and new levels of training have to be introduced to ensure, for example, that some NHS clerk does not leave my health details on an open screen. Loss of privacy is not just a matter of supercomputers, it is also a matter of casual stupidity. James Ellis, had he lived for another few years, would have been staggered to see what a Pandora's box was to be opened by his eureka moment in that Cheltenham bedroom. For it was at that moment that the whole issue of privacy in the modern world became a practical, urgent reality. After that, the cryptographically enabled citizen had a place to hide, and the spooks had reluctantly to admit that, actually, they needed to know exactly where he was. It was, after all, for his own good. Probably. THE SURVEILLANCE TRAP | YOUR WHOLE LIFE LAID BARE