Bulk surveillance is employed by governments because it is easy. Computers are able to quickly and cheaply scan our electronic communications, automatically raising alerts for potential threats (however defined) to pass to human agents. Trained humans are expensive – so most work is automated; the low cost of computing is what allows bulk surveillance. These systems automatically gather all of our data to store for subsequent filtering and potential flagging.
This model can be broken with a small amount of quality noise. Noise here is defined as ‘false-positives’ – digital content flagged by an automatic filter but not representing a real threat – requiring a trained human to discern it so.
Alongside strong legislation and widespread encryption, the generation of noise is a third spear in our attack against bulk surveillance. It has benefits over both:
- Noise is non-linear: small amounts of quality noise can flood the automated system, generating prohibitively expensive work for humans in the surveillance process. The relevant goal is not the generation of noise by all actors, but enough noise to be make automated dragnet surveillance inefficient.
- Noise does not require action from the majority of the population. In contrast to effective encryption – which needs universal (default) use to protect Joe Bloggs. Small amounts of quality noise introduced into the system can help to protect the wider public from dragnet surveillance.
- This noise can be generated at little cost by those already under surveillance. Just as encryption is visible by exception, so too is noise. But those of us already under more targeted surveillance have nothing to be concerned about. Any secure communication we undertake happens through encryption. The effect of unencrypted noise helps those not employing encryption.
Encryption is of course a powerful antidotes to bulk surveillance. Encryption works by hiding information – making it (nearly) impossible for interceptors to uncover the communication. Whilst we should of course advocate for default, legislated, protected use of encryption, in the meantime we should also try and pump as much noise in the digisphere.
It was from this motivation that http://noisevssignal.org was launched. And prior to this, the fantastic Scaremail app by Ben Grosser. http://bengrosser.com/projects/scaremail/. Initially designed to thwart the NSA, noisevssignal and Scaremail aim to effectively disrupt surveillance that is conducted in the name of terrorism.
But we must also recognise that surveillance isn’t always (nor perhaps even primarily) targeted at terrorism. The agglomerated use of our communications metadata includes our phone calls, emails, skype conversations, bank transactions, public-transport usage, amongst others. Together they enable the surveillance and future control of all forms of human activity – not just those deemed (today) to be terrorism-related.
What noise might disrupt this surveillance?
Perhaps generation of noise from every form of digitally recorded activity. This would be hard. How much noise would be needed to render bulk surveillance ineffective? A lot. But the benefit of noise is that it needn’t be generated by all, nor in a 1:1 ratio. Merely enough to require expensive human input to discern the signal from the noise.
noisevssignal.org and Scaremail are perhaps a place to start.
Niraj Lal 