The bureaucratization of surveillance
State surveillance is being reduced to a simple bureaucratic decision, threatening democracy and human rights.
As if it were an ordinary fact in our democracies — something that can be compared with any regular task that bureaucracies must perform on a daily basis — many of our governments are increasingly considering surveillance as a matter to be discussed and decided behind closed doors or, at best, in a hallway chat.
Reducing the complexities of surveillance to a simple bureaucratic decision is increasingly common, and is major threat to our democracies and human rights, that shouldn’t go unnoticed. Two recent examples of both, targeted and mass surveillance, are eloquent enough.
Targeted surveillance in Mexico
First, let’s take as example the latest surveillance scandal in Mexico. Local and international civil society organizations have shown evidence exposing how journalists and activists have been target of surveillance made by a spyware tool that is only sold to Governments. In this case, a malware developed by NSO software, an Israeli company.
As local activists have denounced, it is highly unlikely that the federal government had ask (thus neither received) judicial approval to deploy this spyware and hacking the phones. Thus, these cases only confirm that illegal surveillance is a fairly standard practice in Mexico. As the NY Times reported:
The deployment of sophisticated cyberweaponry against citizens is a snapshot of the struggle for Mexico itself, raising profound legal and ethical questions for a government already facing severe criticism for its human rights record. Under Mexican law, only a federal judge can authorize the surveillance of private communications, and only when officials can demonstrate a sound basis for the request.
At a public appearance in June, president Peña Nieto ordered a criminal investigation, but local activists say that this only happened once the victims filed a criminal complaint with the Attorney General’s Office (PGR in Spanish). At that same appearance, Peña Nieto shockingly warned that the PGR would “apply the law against those who have levelled false accusations against the government”. His office later revised his statements to say he misspoke and did not intend to threaten anyone. Weeks after, Peña Nieto admitted that the administration bought NSO software, but denied any misuse of the smartphone spy tool.
The persistent silence and the lack of an independent inquiry of the authorities have made civil society to drop any possibility of dialogue with the government. Effectively, illegal targeted surveillance has been presented by authorities as something so minor, almost as an automatic task that is deployed daily along with the scattered documents on a desk, a fact so banal that even an independent investigation seems ridiculous and out of scale.
In other words, as a group of local civil society organization put it, “by condemning investigations to failure, by normalizing the impact of espionage attempts on people’s lives, by downplaying interventions and, above all, by issuing a troubling threat to complainants, the President Peña Nieto has shown that he will not be able to investigate himself”.
Mass surveillance in Chile
Let’s take the example of a Latin American democracy with a best human rights record than Mexico: Chile. The controversy exploded as the central government — commanded by the president Michelle Bachelet — signed a decree that will increase the amount of metadata that telecommunications companies should keep of people’s communications, in conjunction with a new the two-year period of data retention.
Until now, the local Criminal Procedure Code stated that telecommunications companies should store a record of the authorized IP address ranges and the IP numbers of the connections made by subscribers for no less than one year. Now, authorities want to store “all communication data” for a period not inferior of two years, and they even make a list of minimum data that companies should collect, including not only info about the participants of “the communication”, but also data geolocation and even administrative and financial background data (!) of the subscriber. Moreover, for Derechos Digitales the decree does not ask for a mandatory warrant to have access to metadata.
How metadata can configure mass surveillance has been widely studied since the Snowden revelations on mass surveillance conducted by the US Government. The International Principles on the Application of Human Rights to Communications Surveillance have stated that “communications metadata may create a profile of an individual’s life, including medical conditions, political and religious viewpoints, associations, interactions and interests, disclosing as much detail as, or even greater detail than would be discernible from the content of communications”.
In addition, the former UN Special Rapporteur on Freedom of Expression and Opinion, Frank La Rue, has acknowledged that the analysis of metadata can be both highly revelatory and invasive, particularly when data is combined and aggregated. Moreover:
National data retention laws are invasive and costly, and threaten the rights to privacy and free expression. By compelling communications service providers to create large databases of information about who communicates with whom via a telephone or the Internet, the duration of the exchange, and the users’ location, and to keep such information (sometimes for years), mandatory data retention laws greatly increase the scope of State surveillance, and thus the scope for infringements upon human rights. Databases of communications data become vulnerable to theft, fraud and accidental disclosure.
Even though there are clear evidences that decisions over metadata retention need to have a democratic oversight to evaluate their effects on mass surveillance, the undersecretary of the Ministry of Internal Affairs, Mahmud Aleuy, doesn’t even have bothered to discuss this modification in the congress and at the light of the national constitution: he preferred to do it at closed doors, through a decree, with no participation of academia or civil society, and with a doubtful participation of companies and other governmental agencies.
As if this mass surveillance measure was another task in the day of a white collar in the executive branch, Aleuy said that the decree only sought to update the current regulation, which dates from 2005. The law professor, Luis Cordero Vega reflected around this reason and wrote in his column:
In a democratic society, public freedoms cannot be limited by the simple will of bureaucrats with arguments of pure efficiency. The measures that are intended to be approved without Congress intervention, in addition, are too much like the objectives of the Ministry of Truth that Orwell warned in “1984”.
Reduction of the surveillance complexity
“In practice -says David Graeber in one of his books- bureaucratic procedure invariably means ignoring all the subtleties of real social existence and reducing everything to preconceived mechanical or statistical formulae. Whether is a matter of forms, rules, statistics, or questionnaires, it is always a matter of simplification”.
Reduction of the surveillance complexity: this discursive exercise is common. We can see it in targeted surveillance, when the president Peña Nieto justify it by saying that in the Mexican society most of the times “we feel spied”. Or we can see it in mass surveillance when the Chilean State, trying to calm down the public opinion, decides to ignore the power of its nature and declares that they will only collect data that private companies already have.
The bureaucratization of surveillance hinders any democratic oversight of the power of States, prevents transparency and accountability processes that could control them, but even more, is a deliberate discursive exercise to naturalize surveillance as a matter of States only, instead of a matter of healthy democracies and human rights. The question now is how many of those bureaucratic decisions have exposed our privacy and how many others are we willing to accept.
::::
*Many thanks to Francisco Vera for his valuable suggestions.
